Trump Says China Is Meddling In US Elections

White House claims that China is meddling in the midterms do not ring true to experts and cybersecurity firms that have long tracked Beijing’s digital espionage operations and propaganda campaigns.

“I’m not aware of anything credible that ties directly to any targeting from China to election influence,” said Ron Bushar, chief technology officer of FireEye, a cybersecurity firm that has tracked Chinese hackers for years.

“There’s certainly no evidence of Russia-style online manipulation or hacking and doxing,” said Adam Segal, a cyber and China expert at the Council on Foreign Relations.

President Donald Trump aired the idea last month that Russia isn’t the only country attempting to undermine the US democratic process.In a speech at the United Nations last week, he alleged that “China has been attempting to interfere in our upcoming 2018 election coming up in November against my administration.”

Vice President Mike Pence echoed those remarks in a speech Thursday. “China has initiated an unprecedented effort to influence American public opinion, the 2018 elections and the environment leading to the 2020 presidential elections,” he said at the Hudson Institute.

Neither Trump nor Pence explicitly accused China of mounting the types of social media trolling efforts or multiple, coordinated cyberattacks that the US has accused Russia of carrying out during the 2016 race. But Trump has likened the behavior of the two countries, saying last month that China is “trying to meddle in our elections. And we’re not going to let that happen. Just as we’re not going to let that happen with Russia.”

Yet China watchers have not seen any effort from Beijing to execute a disinformation campaign or propaganda effort to tilt the midterm elections one way or the other. 

Plenty of evidence exists, of course, that Chinese hackers have infiltrated US businesses and international human rights groups and are continuing to carry out operations to steal American intellectual property. But the cyber researchers say there’s no sign yet that its hackers have turned their attention on the US political process in any kind of concerted campaign to undermine Trump.

Those include the experts at FireEye, a firm whose work has included uncovering operations to infiltrate American corporations and law firms to steal intellectual property or to hack nonprofits and think tanks to learn of potential policy changes. 

In 2015, the company identified a Chinese hacking group it believed was responsible for the massive breach of the Office of Personnel Management, in which highly sensitive security clearance documents on more than 20 million current and former federal employees were stolen. 

More recently, the firm discovered suspected Russian and Iranian digital influence operations taking place on Facebook and Twitter. It also has uncovered what it calls a massive North Korean hacking operation aimed at stealing millions of dollars from banks around the world.

Some of the evidence the administration has offered, such as an ad in the Des Moines Register, is a normal reaction to the ongoing trade war between Trump and China, CFR’s Segal said. And despite Trump’s claims, he added, China does not seem to have decided yet whether it wants Trump reelected. He suggested the White House is attempting to divert attention from Russia’s hacking activities to give Trump more ammunition in his trade battle with China or to help distract from domestic political and legal issues. 

Recorded Future, a cybersecurity firm that in August said it detected a hacking operation originating from a top university in China to steal US business and government secrets, also cast doubt on the White House claims.
“We have not observed such behavior against US elections even if we’re observing much Chinese activity at large,” said Christopher Ahlberg, Recorded Future’s CEO.

In her own remarks on the subject this week, Homeland Security Secretary Kirstjen Nielsen offered a more nuanced depiction of Trump’s charges, saying the alleged Chinese operation is subtler, longer term and “more holistic” than Russia’s in 2016.
While the Kremlin wanted to create chaos, Nielsen argued Tuesday 2nd Oct. at an event hosted by The Washington Post, Beijing is more interested in a “longer game” of influencing American public opinion about China.

Meanwhile, she said, DHS has seen no sign of attempts to hack election equipment from China, or anyone else. “We currently have no indication that a foreign adversary attempts to disrupt our election infrastructure,” Nielsen said.

Dmitri Alperovitch, chief technology officer at the firm CrowdStrike, which investigated the Russian breach of the Democratic National Committee, said at the same event that China has surged back with cyberattacks on US industry during the past year and a half. That uptick follows a decline after Washington and Beijing struck a deal in 2015 to ban cyber theft for economic purposes. But, Alperovitch said, “We’re not seeing much on elections.”

Politico

You Might Also Read:

Hacking The Vote:

Will Russian Hackers Affect this Year's US Election?:

 

« Oil And Gas Cyber Attacks Soaring
Moscow Challenges The Hague About Alleged Cyber Attack »

CyberSecurity Jobsite
Check Point

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

PCI Pal

PCI Pal

PCI Pal’s secure cloud payment solutions are certified to the highest level of security by the leading card companies.

Skkynet Cloud Systems

Skkynet Cloud Systems

Skkynet is a leader in real-time data systems for the secure management and control of industrial processes (SCADA) and embedded devices (M2M).

NXO France

NXO France

NXO is an independent leader in the integration and management of digital workflows with services covering digital infrastructures, communications & collaboration, and security.

Elemendar

Elemendar

Elemendar Artificial Intelligence reads cyber threat reports written by humans and translates them into industry-standard, machine-readable and machine-actionable data.

Have I Been Pwned (HIBP)

Have I Been Pwned (HIBP)

Have I Been Pwned is a free resource for anyone to quickly assess if they may have been put at risk due to an online account of theirs having been compromised or "pwned" in a data breach.

Seadot Cybersecurity

Seadot Cybersecurity

Seadot offer cybersecurity services to organizations with a high demand for regulatory compliance and security.

Fortified Health Security

Fortified Health Security

Fortified’s team of cybersecurity specialists is dedicated to helping healthcare providers, payers and business associates protect their patient data across the Fortified Healthcare Ecosystem.

Cyber Insurance Academy

Cyber Insurance Academy

Cyber Insurance Academy was founded to provide insurance professionals with the knowledge needed to work in cyber-insurance and cyber-related insurance fields.

GrayMatter

GrayMatter

GrayMatter provides Advanced Industrial Analytics, OT Cybersecurity, Digital Transformation and Automation & Control services to clients across the U.S. and Canada.

SRG Security Resource Group

SRG Security Resource Group

SRG Security Resource Group is a Canadian company dedicated to providing world-class Physical and Cyber Security services.

Ostrich Cyber-Risk

Ostrich Cyber-Risk

Ostrich Cyber-Risk is a risk management company that helps organizations reduce the complexity of identifying financial and operational risks related to your cybersecurity posture.

Schillings

Schillings

Shillings defends your rights to privacy, reuptation and security. We fight passionately against breaches of your privacy, attacks on your reputation and threats to your security.

endpointX

endpointX

endpointX is a preventative cyber security company. We help companies minimize their risk of breach by improving cyber hygiene.

Redington Group

Redington Group

Redington offer products and services in solution areas including digital transformation, hybrid infrastructure and cybersecurity.

IT Voice

IT Voice

IT Voice specializes in Managed IT and VoIP solutions. Our focus is simplifying the technology so our customers can stay focused on what they do best.

CallCabinet

CallCabinet

CallCabinet is the premier cross-platform SaaS provider for end-to-end compliant call recording, AI-driven conversation analytics, call QA, and custom business intelligence reporting.