Story image

Expert: Farce involving Russia’s US elections breach needs resolving

05 Mar 18

For quite some time there has been scandal surrounding the 2016 US Presidential election, with many believing Russia was maliciously involved.

And now multiple US officials have announced the US intelligence community had substantial evidence that state websites or voter registration systems in seven states were compromised by Russian-backed cybercriminals prior to the 2016 election – and they never told the affected states.

These states as of January 2017 were reported to have been Alaska, Arizona, California, Florida, Illinois, Texas, and Wisconsin.

Some of the breaches were more serious than others and ranged from entry into state websites to penetration of actual voter registration databases.

Washington officials were reported to have informed several of those states leading up to the election that there were foreign parties delving into their systems, but none were told that it was the Russian government.

The debate about whether or not the states were notified is ongoing with the Department of Homeland Security’s acting press secretary Tyler Houlton reporting the news to be ‘inaccurate’ and ‘misleading’ in a series of tweets.

Regardless, it’s clear that there is a relationship that needs strengthening between the federal government and state governments in the electoral area to improve cybersecurity, and the same is probably true around the world.

High-Tech Bridge CEO Ilia Kolochenko says the whole farce needs to be resolved sooner rather than later.

"If these allegations are true, we are likely dealing with an unprecedented scale of attack that deserves the most rigorous technical investigation and a proportional response. However, so far we are mainly dealing with a number of isolated, often contradictory facts and testimonies from various conflicting sources,” says Kolochenko.

“For example, the breach of a state website will unlikely have any direct consequences on the election outcomes. Many adduced facts - are excerpts from secret reports and thus can hardly be used to derive a reliable conclusion without reading the entire report.”

Kolochenko says for obvious reasons, or even technically impossible, to know who is pulling the strings of the attacks. But otherwise, such news stories may just give valuable hints to the attackers to destroy some unexpected evidence and hinder the investigation.

"The alleged interference with the elections - is a matter of public interest and society deserves to know the truth about it,” Kolochenko says.

“I think a close cooperation between federal agencies can shed some light on the scope and material consequences (if any) of the alleged attacks. In the meantime, Federal and State governments should enhance their cybersecurity strategy and urgently allocate additional budget for national defense against cyber-attacks."

AlgoSec delivers native security management for Azure Firewall
AlgoSec’s new solution will allow a central management capability for Azure Firewall, Microsoft's new cloud-native firewall-as-a-service.
How to configure your firewall for maximum effectiveness
ManageEngine offers some firewall best practices that can help security admins handle the conundrum of speed vs security.
Exclusive: Why botnets will swarm IoT devices
“What if these nodes were able to make autonomous decisions with minimal supervision, use their collective intelligence to solve problems?”
Why you should leverage a next-gen firewall platform
Through full lifecycle-based threat detection and prevention, organisations are able to manage the entire threat lifecycle without adding additional solutions.
The quid pro quo in the IoT age
Consumer consciousness around data privacy, security and stewardship has increased tenfold in recent years, forcing businesses to make customer privacy a business imperative.
ForeScout acquires OT security company SecurityMatters for US$113mil
Recent cyberattacks, such as WannaCry, NotPetya and Triton, demonstrated how vulnerable OT networks can result in significant business disruption and financial loss.
'DerpTrolling’ faces jail time for Sony DoS attacks
A United States federal court has charged a 23-year-old man for the hacks on Sony Online Entertainment and other major companies back in 2014.
Dropbox strengthens security with raft of new partnerships
Integrations will keep customer content protected and secure with tools for controlling identity access, governing data, and managing devices.