Bots & Ballots Make A Sophisticated Threat

The recent indictment of 12 Russian intelligence officers seeking to influence the outcome of the 2016 presidential election may have come as a surprise to many US citizens. But a leading cybersecurity expert believes it shows just how sophisticated the threat is to democracy.

“One of the most striking things in the indictment is really how much of a campaign it is, and how many hundreds of people and how much of an assembly line operation it is. And that speaks to the nature of the hacking and what it really takes to be successful,” Oren Falkowitz, CEO of cybersecurity firm Area 1 Security, told Yahoo News’ podcast

“Bots & Ballots.” “Cyber offensive operations, or stealing or hacking, it’s a numbers game and it requires large campaigns. We often talk about these things as if they’re ultra-targeted, and that’s simply not the case.”

Falkowitz, who held senior positions at the National Security Agency, told TV show “Bots & Ballots” host Grant Burningham that the threat from bad “cyber actors” is continually evolving.

“The goals have really shifted significantly, from website defacement to stealing data to manipulating data to some sort of financial gain to now larger and more thematic or outcomes that really challenge society, like elections,” Falkowitz said.

At the same time, however, the Justice Department indictment showed what Falkowitz knew all too well. Hillary Clinton’s campaign chairman John Podesta was hacked because he fell for a phishing expedition disguised as a Google login page.

“That is a technique that is used by all cyber actors; over 95 percent of the campaigns start with these types of phishing,” Falkowitz said. “Sometimes it looks like it comes from the CEO and it says, ‘Hey, could you call me,’ or ‘Could you send me this?’ So there’s a variety of lures or visual or authentic cues, but it’s always targeting a user.”

Having broken into Podesta’s computer and the DNC’s server, the Russian agents are alleged to have launched a variety of tools to widen what Falkowitz calls “data access” to further compromise Clinton’s presidential bid.

The operation played out in a predictable way, Falkowitz says, but it shows just how effective the hacking techniques are. More worrisome is just how vulnerable elections in the United States remain.

“There’s a lot of discussion about what might happen from a cybersecurity perspective in the 2018 midterms and the 2020 presidential election just following that,” Falkowitz said.

“And, as of late, what I’ve been observing is that people are talking about voting machines and some of the infrastructure that’s run on a state-by-state basis. But candidates are increasingly targets for these types of cyber-campaigns, and we’re not doing enough early to get in front of it and we’re likely to see more of this going forward. I think we really only saw the tip of the iceberg.”

Yahoo Finance

You Might Also Read:

The Mueller Investigation Identifies Russian Spies:

Hillary Clinton’s Cyber Warfare Warning:

« COSCO Cyber Attack And The Importance Of Maritime Cybersecurity
Law Firms Are Uneducated & Exposed »

Directory of Suppliers

Tenable Network Security

Tenable Network Security

Tenable Network Security - Need to Evolve to a Risk-Based Vulnerability Management Strategy but Don’t Know How? This Guide Will Show You.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

DigitalStakeout

DigitalStakeout

A simple and cost-effective solution to monitor, investigate and analyze data from the web, social media and cyber sources to identify threats and make better security decisions.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Veridify Security

Veridify Security

Veridify Security (formerly SecureRF), develops and licenses quantum-resistant, public-key security tools for the low-resource processors powering the Internet of Things.

Ingalls Information Security

Ingalls Information Security

Ingalls Information Security provides network security, monitoring and forensics.

PrimeKey

PrimeKey

PrimeKey provides organisations with the ability to implement security solutions such as e-ID, e-Passports, authentication, digital signatures, unified digital identities and validation.

Cyber Security Expo

Cyber Security Expo

Cyber Security EXPO is a unique one day recruitment event for the cyber security industry.

Oneconsult

Oneconsult

Oneconsult provides cyber security services focusing on penetration tests / ethical hacking, ISO 27001 security audits and incident response & IT forensics.

Cyverse

Cyverse

Cyverse is a cyber-security firm which provides corporations with state-of-the-art cyber-security service-based and technological solutions made in Israel.

Advens

Advens

Advens is a company specializing in information security management. We provide Consultancy, Security Audits and Technology Solutions.

Fly Ventures

Fly Ventures

Fly Ventures is a seed-stage venture capital fund for outstanding teams building Enterprise and Deep Tech startups in Europe.