By Sarah Taylor
Google the word “hack” these days and thousands of hits come up regarding large, multinational companies being hit by attacks that you think shouldn’t have happened in the first place. In the current media frenzy focusing on the North Korean missile crisis, hurricanes and natural disasters, and humanitarian crises, cybersecurity threats and attacks fly relatively under the radar. Only when the attack threatens an election or millions of identity thefts does the news of a detrimental hack make headlines. Most recently, the Equifax hack released the private information of 143 million of Americans that resulted in many having their identity stolen and leaving their credit ruined. The United States has been the subject of thousands and thousands of cybersecurity threats, and yet the policy (both domestic and foreign) regulating them is relatively undeveloped. The investigation into Russian cyber-meddling in the 2016 Presidential election seems as though it has stalled at best. At worst, it has been completely forgotten in the sidetracking hearings of former F.B.I. Director James Comey. What should have been a hallmark case in foreign cyber attacks turned into a political tête-à-tête.
Cyber attacks are nearly impossible to predict, and even harder to prosecute after the fact, as there are no fingerprints or DNA evidence left behind in a purely digital invasion. Thus, the policy surrounding cybersecurity is notably lacking in specificity, especially with regards to foreign entities performing the attacks. Often times, the attacks are a result of pure human error, which makes policy formulation that much harder. For example, in the Russian hack into the DNC emails, Hillary Clinton’s campaign manager John Podesta clicked a link to reset his password that he thought was sent by “the Gmail team”. This very basic phishing email gave Russian hackers full access to Podesta’s emails and sent the final months of the 2016 presidential campaign into a frenzy that included the word “emails” being exhausted in every debate. By the time the breach was even discovered, the irreparable damage had already been done.
Thirty-nine states have found evidence of invasions by Russian hackers into software systems and voter databases, using this data to attempt to delete or alter votes. While this is clearly an extreme situation, little has been done to our relationship with Russia to ensure this doesn’t happen again, or to at least show that we are taking this as seriously as we should be. The implications of Russia hacking into the election are far-reaching. If they are able to alter voter data to alter to outcome of the election, then the entire integrity of the American political system is at danger. It is as though the fears of the Red Scare and the anti-communism nightmares of the mid-twentieth century are being realized as technology has made them an available possibility. Currently, the Department of Homeland Security has a “Framework” for private sector businesses to investigate and respond to cyber threats. Most multi-national corporations have an information security department that handles these matters as well. However, the United States’ body of foreign policy is lacking specific measures to identify and stop or respond to attacks from foreign nations that have malicious intentions. These attacks are especially dangerous when the attacks are backed by the government, as is suspected in the Russian election intrusion.
While I argue that Homeland Security should develop a similar framework with more specific details on how the United States’ public and private sectors should respond to foreign attacks, it is understandable how this goal can be significantly roadblocked by gaps in capabilities and detection. For obvious reasons, government entities are not quick to lay claim to an attack, especially when it impacts the political integrity of another country or hundreds of millions of Americans. DHS is making positive strides in identifying potential threats. Most recently, they identified a Russian cybersecurity firm, Kaspersky Lab, as using antivirus software to spy on the government. The firm likely has ties to the Kremlin. Though these are steps in the right direction, these incidences are still found when it is likely too late. In the case of Kaspersky, their ties to the Kremlin should have been an automatic red flag and disallowed business in or with the United States. Cybersecurity threats by foreign nations have been proven to have irreparable and unthinkable damage on the core of the United States, whether it be a presidential election or the credit of half the country.