Foreign Interference In US Elections 'Will be repeated'

Uploaded on 2018-02-28 in NEWS-Cybersecurity News, FREE TO VIEW

The United States’ former top cyber diplomat has warned that foreign interference in the US and other democratic national elections will keep happening if western countries don’t get better at imposing consequences on so-called ‘bad actors’ on the Internet.

Chris Painter, (pictured) who was until last year the Director of Cyber Issues at the US State Department and previously the head of cybersecurity in the Obama White House’s National Security Council, told SBS News that US government cyber specialists had been “caught off guard” by Russian online operations aimed at dissuading voters from voting for Hillary Clinton in favour of now President Donald Trump in the 2016 election.  

Those operations are the subject of an indictment by Special Counsel Robert Mueller which last week charged 13 Russian nationals for allegedly attempting to interfere in the US electoral process. There is the possibility that if the 13 ever travel to a third country with an extradition treaty with the US, they will have to face a US court.  

“There was some detection, our director of National Intelligence, our FBI director, our head of Homeland Security came out during the election and said this was happening,” Mr Painter said of the interference operations. 

“But what we didn’t really see coming was this hybrid attack that was cyber-enabled but also more of a traditional influence operation... I don’t think we were looking at the whole range of activity out there. I think that caught us a bit off guard but... once it was seen, there was a lot of activity to respond to it.”

Mr Painter said before the 2016 election the US cyber community was largely focused on instances or threats of more “traditional” cyber-crime.

“We were looking at things like theft of intellectual property, or intrusion and theft of personal information, credit card information; we were focused on the threat of attacks on critical infrastructure like an attack on the electrical grid or financial system,” he said.

He warned that the Russian operation will be emulated by other state and non-state groups seeking to destabilise democracies.

“This is something that absolutely will be repeated again. If there’s no consequence for this bad action it will be repeated - it’s an invitation to repeat it. So we really have to as a community in the US and around the world make sure we are doing everything we can to prevent this, both by hardening our system, and making sure there’s costs and consequences for the people who do it,”.   

But he said the Trump administration has fallen well short of an effective response.

“There’s more we can do frankly,” he said. “One of the things the US needs to do is come out with a strong declaratory statement that this activity will not be countenanced and there will be consequences. It has to come from the very top and we haven’t had that yet.”

Mr Painter was the world’s first top cyber diplomat, a job created out of the recognition that transnational crimes and threats require high-level coordination between countries. With malicious hackers or other cyber criminals operating from anywhere in the world, and often routing their attacks through countries with lax cyber jurisdictions, a single nation's law enforcement cannot achieve much without coordinating with other nations.

Since Mr Painter's 2011 appointment under former Secretary of State Hillary Clinton, at least 25 countries have followed suit, Australia included. Australia’s Ambassador for Cyber Affairs is Dr Tobias Feakin, appointed one year ago by Prime Minister Turnbull with the brief to lead a “whole of government” approach to protecting Australia’s interests and security in cyberspace.

Mr Painter is visiting Australia with the Canberra think tank the Australian Strategic Policy Institute, meeting policy-makers, researchers and bureaucrats involved in the country's cybersecurity infrastructure. He said that Australia had been responding effectively to the range of cyber threats, but that no one country has yet successfully figured out how to deter cybercrime.

“One thing we have not done well, no one in the international community has done well, is deterrence, imposing costs on adversaries when they do bad things. Calling them out is good, name and shame is part of it, but it’s not going to change your behaviour necessarily if you’re a nation state getting a benefit out of it.”

Other tools might be economic sanctions, law enforcement indictments (such as the five Chinese PLA officers indicted in the US in 2014 for industrial espionage) or offensive cyber tools which he said are more limited in use than people understand.

Despite some successes in creating what Mr Painter calls “rules of the road” in cyberspace, including a 2015 agreement between China and the US not to steal intellectual property for the benefit of the commercial sector; the international community is still grappling with the dimensions and implications of cyber threats.

UN Secretary General Antonio Guterres last week called for international rules protecting civilians from the potentially deadly impacts of cyber warfare such as attacks on power grids.

Australia is a big target of cybercriminals as a rich country that’s heavily dependent on technology. A report by Norton Cyber Security Insights released recently said more than one in four Australians were the victims of cybercrime last year, losing an average $195 each and two days dealing with the consequences. 

Australia’s mandatory data breach reporting laws has come into effect, which will force companies to reveal when they’ve been hacked. 

SBS:       Image: Nick Youngson

You Might Also Read: 

Leaked NSA Report Claims Russian 'Cyber Espionage' Against US Elections:

Hillary Clinton’s Cyber Warfare Warning:

Russian Fake Brexit Tweets & Attacks On The UK:
 

 

« Millions Of Compromised Accounts Discovered On The Dark Web
AI Will Boost Cybercrime & Security Threats »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Dark Reading

Dark Reading

Dark Reading is the most trusted online community for security professionals.

Charlton Networks

Charlton Networks

Charlton Networks provide a complete range of IT infrastructure, network and security solutions aimed at SME companies.

ThetaRay

ThetaRay

ThetaRay’s solution for Industrial cyber security protects against unknown cyber-attacks that target industry and critical infrastructure.

Crest International

Crest International

Crest is focused on professionalizing the technical cyber security market whilst driving quality and standards of organizations that operate within it.

Exostar

Exostar

Exostar is the cloud platform of choice for secure enterprise and supply chain collaboration solutions and identity and access management expertise.

MER Group

MER Group

MER Group is a world-leading solutions provider specializing in Homeland Security (HLS), Cyber and Intelligence, Communication Infrastructure and Tactical Communication Systems.

Diaplous Group

Diaplous Group

Diaplous Group is a leading Maritime Risk Management (MRM) provider, delivering specialized services to an ever-broadening portfolio of shipping, oil & gas, energy and construction industries.

NightDragon

NightDragon

NightDragon is a venture capital firm investing in innovative growth and late stage companies within the cybersecurity, safety, security, and privacy industry.

Communications & Information Technology Regulatory Authority (CITRA)

Communications & Information Technology Regulatory Authority (CITRA)

CITRA is responsible for overseeing the telecommunications sector, monitoring and protecting the interests of users and service providers, and regulating the services of telecomms networks in Kuwait.

Intel

Intel

Intel products are engineered with built-in security technologies to help protect potential attack surfaces.

Lucata

Lucata

Lucata solutions support groundbreaking graph analytics and improved machine learning for organizations in financial services, cybersecurity, healthcare, pharmaceuticals, telecommunications and more.

FortiGuard Labs

FortiGuard Labs

FortiGuard Labs is the threat intelligence and research organization at Fortinet. Its mission is to provide Fortinet customers with the industry’s best threat intelligence.

Quatrro Business Support Services (QBSS)

Quatrro Business Support Services (QBSS)

QBSS is a tech-enabled outsourcing firm that’s changing the way companies think about finance, accounting, human resources and technology services.

Indevtech

Indevtech

Indevtech has been serving Hawaii since 2001, providing end-to-end managed IT services to small- and medium-businesses.

Interpres Security

Interpres Security

Interpres Security operationalizes TTP-based threat intelligence and automates continuous exposure monitoring to help CISOs and security practitioners reduce threat exposure.

Maze

Maze

At Maze, we’re dedicated to changing how security teams understand and act on vulnerabilities — especially in cloud and application environments.