The Tallinn Manual, a rulebook on cyberwarfare. (AP Photo/Matt Dunham)
One of the most remarkable aspects of the breathless headlines over the last few months about Russian hackers targeting the US is that so much of it has centered on whether said hackers could have influenced the US presidential election and whether their intent was merely to sow distrust in the electoral system or whether they were focused on trying to get Donald Trump elected. This has been fed by similarly breathless statements from various US officials arguing that trust in our democratic way of life has been undermined or that the legitimacy of Trump’s presidency has been eroded. Yet, missing from all of this is the far more important story of just how the Russians could have managed to do all of this against the very nation that brought the modern Internet to life?
Out of the thousands of headlines on Russian hacking in just the past month, relatively few have stopped to ask just how it was possible for foreign hackers to wreak the level of harm they are claimed to have done. Instead of focusing exclusively on the topic of whether the Russians tried to elect Donald Trump, it is fascinating that there not more discussion placing that hacking in the context of other major cyber intrusions, such as the US Office of Personnel Management breach in which the sensitive personnel and background records of more than 21.5 million individuals were exfiltrated, allegedly by the Chinese government.
In the leadup to the election, numerous news reports offered that the US had hacked deeply into its adversaries’ computer networks, ready to launch large scale cyberwarfare if those nations interfered with the US election. NBC News, for example, offered that “U.S. military hackers have penetrated Russia’s electric grid, telecommunications networks and the Kremlin’s command systems, making them vulnerable to attack by secret American cyber weapons should the U.S. deem it necessary.” Yet, President Obama offered the very next month that his administration was extremely reluctant to enter into full-scale cyber conflict because “Our economy is more digitized, it’s more vulnerable, partly because we’re a wealthier nation, and we’re more wired than other nations.”
In 2007 Estonia became the first nation to weather a national cyberattack and in the aftermath took its lessons learned and made many changes to its national cyber posture. Today it plays host to the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE), which is “an International Military Organisation with a mission to enhance the capability, cooperation and information sharing among NATO, its member nations and partners in cyber defence by virtue of education, research and development, lessons learned and consultation.”
In contrast, while the US has certainly made improvements to its cyber posture in the aftermath of a series of high profile breaches, ranging from OPM to the State Department to the White House itself, those changes have not been as sweeping, nor have they accounted for the increasingly cyber-oriented and cyber-first Russian activity globally, which often incorporates complex and multimodal misinformation campaigns.
Elections have long been a prized hacking target and the US itself has a long legacy of covert intervention in foreign elections through both physical and technical means. Thus, it is remarkable that the US Government did not do more to prioritize securing of the US election process. Much as the Government covers the cost of providing physical security to presidential candidates via the Secret Service, should it in future pay the cost of providing either governmental or private cybersecurity for candidates and their campaigns and national parties? It is intriguing to note how much of the anti-Clinton information campaign revolved around the use of leaked hacked emails and materials whose release could have been avoided through better cyber posture.
Putting this all together, it is certainly critically important to understand Russia’s potential role in influencing the US presidential election and that deserves significant investigation. However, just as important is that the focus of those investigations not be strictly on the election itself, but rather on understanding the vulnerabilities that made that influence possible, from underdefended presidential campaigns to journalistic and academic norms on the use of stolen data. Incoming Chief of Staff Reince Priebus himself noted that “Yes, we have bad actors around the world. We have had bad actors, including the Russians. But we also have a problem when we have a major political institution that allows foreign governments into their system with hardly any defenses or training. That’s a huge story, and that’s what people aren’t talking about as well.”
At the end of the day, Russian influence in the US presidential election represents just one tiny sliver of the overall daily onslaught of foreign cyberattacks against the United States from both private individuals and nation states. Focusing too narrowly on the election itself risks failing to take in the big picture view of how such hacking and influence operations could be so successful against the birthplace of the modern internet and what can be done to harden the nation against future attacks.