The Hack That Could Swing The US Election

A month ago Donald Trump was almost level with Hillary Clinton in the polls but, since then, a series of gaffes has caused his numbers to slide. This week, for example, an IBT poll suggests Clinton now has a 12-point lead. 

While this might indicate that the Democrats are cruising for victory, the election has been so uncertain in recent months that nobody dares take anything for granted.

So what might suddenly cause momentum to swing again? According to the Financail Times, there are at least three factors to watch.

The most obvious is that Trump himself implements a change of course, becoming much more professional and effective in running his campaign. That is hard to believe right now but the key person to watch is Kellyanne Conway, a pollster recently brought in to serve as campaign manager. Highly respected in Republican circles and regarded as a very effective operator, she might just possibly end up turning the campaign around.

A second factor is whether a nasty external shock occurs. Trump, after all, is a candidate whose campaign is built on stoking up fear, in the mould of former president Richard Nixon. If, God forbid, a big terrorist attack occurs — or something else that causes panic — this might play into Trump’s hands, particularly if his campaign had already shifted momentum under Conway.

However, there is a third possibility that has gained less attention: cyber hacking. This summer, the Democratic National Committee revealed it had suffered a cyber-attack and that many confidential internal documents had been stolen. CrowdStrike, the cyber security group employed by the DNC, said the culprits were Russia’s intelligence services. This was denied by Moscow, but backed up by other cyber security groups such as Mandiant and Fidelis Cybersecurity.

This is a bizarre turn of events, by any standards, not least because some 20,000 internal DNC emails have now been released via WikiLeaks and a blogging site called Guccifer 2.0. But matters may get worse. CrowdStrike says one Russian hacking group, given the nickname Cozy Bear, was in the DNC system for at least a year. It is unclear what material has been taken but cyber experts believe Cozy Bear holds extensive secret documents, including confidential memos detailing the negative traits of Democratic candidates in this year’s US elections. 

It is standard practice for campaign managers to try to assemble all the dirt on their own candidates in advance, so they are prepared in case their opponents try to attack them.

If this is true, like almost everything else in the cyber security sphere, very little can be conclusively proved, it seems that only a small portion of the sensitive material has emerged. So it is possible that the hackers will leak this in the coming months, in a targeted way, trying to cause maximum damage. This week, for example, Guccifer 2.0 leaked data about the tactics that the Democratic Congressional Campaign Committee used in House races in Pennsylvania. This is the first time the hackers have tried to shape momentum in a local race. And if these leaks accelerate, they might stoke up more anti-Clinton feeling, particularly given the separate controversies surrounding Clinton’s personal email server. Or so the gossip goes.

On one level, this theory sounds almost fantastical and it is entirely possible that speculation will die away in a few months and that Clinton will romp to victory.

But the very fact that Washington is abuzz with these rumours right now illustrates two key points. First, just how strange this current election campaign has become on both sides and, second, the degree to which the bizarre has almost become the norm in US politics this past year. In this election we face a world of James Bond meets Alice in Wonderland, where political boundaries are stealthily shifting, day-by-day. 

Stand by for more surprises. 

FT:

« Cybercrime Isn't The Reason Why Cash Remains King
SWIFT Discloses More Bank Thefts »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

CloudDNA

CloudDNA

CloudDNA deliver solutions that enable users and devices to connect over high performance, secure, efficient, scalable cloud networks.

Argus Cyber Security

Argus Cyber Security

Argus is the world’s largest automotive cyber security company, protecting connected cars and commercial vehicles from hacking.

Aeriandi

Aeriandi

Aeriandi is a leading provider of hosted PCI security compliance solutions for call centres, trusted by high street banks and major Telcos.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Avatier

Avatier

Avatier identity management software products automate identity access management, user provisioning and IT governance to ensure information security and compliance.

Open Cloud Factory

Open Cloud Factory

Open Cloud Factory is a European based security company, that strives to ease the pressure on IT managers, by providing tools to implement your Security Strategy in an effective and easy manner.

GlassSquid

GlassSquid

glasssquid.io simplifies your cyber security job search. We want to help you find your next perfect fit opportunity by removing the confusion.

Cyber Physical Security Research Center (CPSEC)

Cyber Physical Security Research Center (CPSEC)

CPSEC aims to contribute to the security enhancement of industrial infrastructure that creates value across cyber space and physical space.

Zercurity

Zercurity

Zercurity is on a mission to build the ultimate cybersecurity operations platform for businesses. To help protect against a growing number of internal and external threats.

Ethyca

Ethyca

Ethyca builds automated data privacy infrastructure and tools for developers and privacy teams to easily build products that comply with GDPR, CCPA Privacy Regulations.

OSIbeyond

OSIbeyond

OSIbeyond provides comprehensive Managed IT Services to organizations in the Washington D.C., MD, and VA area including IT Help Desk Support, Cloud Solutions, Cybersecurity, and Technology Strategy.

LiveAction

LiveAction

LiveAction provides end-to-end visibility of network and application performance from a single pane of glass.

Appsian Security

Appsian Security

Appsian provides powerful solutions that help organizations take control of their business critical data and financial transactions.

Sikich

Sikich

Sikich LLP is a leading professional services firm specializing in accounting, advisory, technology and managed services.

Randaemon

Randaemon

RANDAEMON’s mission is to create True Random Number Generators (TRNG) that are hardware-based and integrated into System-on-Chip.

Quod Orbis

Quod Orbis

Quod Orbis are a fast-growing, innovative company providing market-leading expertise in cyber security and Continuous Controls Monitoring (CCM).