Research

Governments, Politics & Cyber Warfare - Part 2

Written by Reflare Research Team | Aug 3, 2016 11:22:00 AM

The DNC hack has created a tense political climate, not only bringing both presidential candidates to their feet on numerous occasions but also raising many questions regarding cyber warfare.

First Published 3rd August 2016

"Oh, say can't you seeee..."

4 min read  |  Reflare Research Team

In last week's briefing, we took a look at the recent DNC hack and analyzed the three main characteristics of political cyber attacks

  1)   The ability of the attacker to deny the attack,

  2)   The ease of attacks against soft targets, and

  3)   The ability of the attack target to blame a chosen party for the attack.

The continued fallout resulting from leaked DNC emails highlights all three characteristics.

First and most importantly, with the resignation of additional leading DNC figures the attackers have managed to impact the US election process by hacking a soft target with minimal effort and perfect deniability. Short of one of the hackers involved in the attack confessing to the attack and naming his or her benefactors, no solid proof can be established. Circumstantial evidence such as techniques and tools used can always be framed as having been placed.

Even with a confession and direct implication of a given state actor, the state actor can spin the attacker himself/herself as a placed stooge.

With the current level of technology and international cooperation, the origination of a hack of this scale and sophistication simply can't be proven with enough weight to convince the international community. The fact that there are currently no international laws applicable to cyber-attacks further cements the consequence-free nature of political cyber attacks from an attacker's perspective.

The assumption which has been asserted by a number of media outlets, that the Russian government is in some capacity behind the DNC hack does hold some weight from a political perspective. Some of the tools and techniques used in the attacks do resemble those of Russian hacking teams. The DNC has seized on these factoids to establish a narrative implicating Mr. Trump in cooperating with a foreign government to manipulate a US election.

Several of Mr. Trump's statements asking Russia to "find missing emails" have further strengthened said narrative.

This is exemplary of point (3) in our analysis: The anonymous nature of cyber attacks allows the victim to choose an attacker in the public eye.

At this point, the identity of the attackers is meaningless.

The damage to the DNC has been done, the electoral views of some have been impacted by a soft target and the narrative that Russia is behind the attack has been identified as the most viable mitigation strategy.

This leads us to several forecasts:

1) The extreme effectiveness of this attack means that any actor wishing to impact election processes in any given country is likely to consider similar attacks in the future.

2) Any non-Russian actor wishing to perform a cyber attack against the US in the near future will likely take care to conduct the attack through Russian servers or infrastructure as any link to Russia would immediately set the narrative, preclude most further investigations and thus protect the real actor from prosecution.

3) Should the assertion be true that Russia was involved in the DNC hacks or plans future cyber attacks against the US, it now has a clear framework within which to act.

In summary, we, therefore, expect a sharp uptick of politically motivated attacks against soft targets associated with state actors in the near future.