August 21st, 2018

Russian Cyber Warfare: What’s At Stake?

While Russia always seems to be in the news, the stories are so tangled that it’s difficult to figure out what is happening. There are meetings in Helsinki, intelligence agencies saying one thing, the President saying another and confusion on both sides of the political spectrum.

The most important thing that people need to know is that this issue is bigger than Republican vs. Democrat. The security and independence of the country is under threat, which is something that both sides need to unite against.

Beneath all the headlines and hearsay, what we know for sure is that Russia has been trying to influence the US. In itself, this isn’t surprising, because all major powers do this in order to manipulate global events in their favor. What is surprising are the lengths that the Russians are going to, especially when it comes to their cutting-edge cyber attacks and online propaganda.

What Has Russia Done So Far?

According to Politico, these attacks go back to the Spring of 2014 when the Internet Research Agency (IRA), a Russian propaganda company with ties to the Putin administration, began building a campaign to influence the 2016 elections. Through social media posts and misleading advertising, the intent was to cause division in the American political scene.

It’s important to note that these activities were not solely in favor of Trump, but they also promoted Bernie Sanders and other minor candidates. It was not an issue of left or right, but instead an attempt to upset the status quo and cause disharmony in a way that favored Russian objectives. According to Facebook, these ads were geographically targeted to key areas where they could have the greatest influence.

DNC, DCCC & Clinton Email Hacks

On top of the social media campaigns aimed at influencing key voters, Russian intelligence officers also targeted the email accounts of various members of the DNC, the DCCC and the Hillary Clinton campaign. These attacks used phishing or malware to make their way into the accounts of whichever party members could be tricked.

The most famous victim is John Podesta, who was chairman of Hillary Clinton’s campaign. According to Vox, Podesta was among those who clicked on a link in an email which sent him to a website where he was instructed to reset his password. Of course, the website was fake, and Russian intelligence officers used it to steal his login credentials and those of many others.

As a side note, this should serve as another timely reminder of just how easy it is for attackers to manipulate their way into your email account. You should always take the utmost care, particularly when asked to change your password. If you aren’t sure, it’s best to ask your IT department or someone else who is more knowledgeable, because the results can be devastating.

In the case of the DNC and DCCC, Russian intelligence officers first managed to find their way into the DCCC’s network, and from there they were able to make their way to the DNC’s as well. Once they were in, they installed malware called X-Agent, which allowed them to take screenshots of the targets’ devices, as well as log their keystrokes. This made it simple to gather the credentials of the victims and access their communications.

The information that was gathered was released in June and July of 2016 through DC Leaks, Wikileaks and various reporters. The release of these emails was a huge talking point throughout the election, and few could deny that they at least had some impact.

Indictments of Russian Intelligence Officers

While a lot of what was mentioned above gets obscured by the political narratives of each side, 13 Russians were indicted in February with charges related to the social media campaign. In July, another 12 Russian intelligence officers were indicted for the email hacks. Some may still believe that this is all just political maneuvering, but it important to note just how impressively detailed the indictments are. They are hardly vague accusations in an attempt to provide a smokescreen.

Attacks on Voter Databases

In addition to these attacks, Russian hackers also flexed their muscles by breaking into voter databases in 39 states. Voter data was altered in at least one case, but fortunately, it was detected and fixed without causing any damage. On top of this, 90,000 records were stolen from Illinois, containing the victims’ driver’s license numbers and the last four digits of their Social Security numbers. Although these particular attacks don’t seem to have had an effect on the election, they show what Russia is capable of and just how much destruction it could wreak if it wanted to.

Hacks Against US Electric Utilities

According to the Wall Street Journal, attackers also made their way into the networks of electric utilities in 2017. The report says that they used watering-hole attacks and spear-phishing to gain entry, which allowed the attackers to get so deeply into the systems that they had the potential to cause blackouts. It is most likely that utility companies are continuing to be targeted, and there is the potential for an attack that causes widespread disruptions.

What Could Happen in the Future?

With things heating up ahead of the by-elections, there are some pretty well-justified fears that Russian operatives will continue to try and influence the elections. Just last month, The Daily Beast published a report alleging that Russians are responsible for attempts at hacking into the accounts of Senator Claire McCaskill’s staff members.

On top of this, Facebook has uncovered a campaign that intended to cause further disruptions in the November midterms. A number of fake accounts and pages were found to be targeting minority groups and key issues in order to exacerbate political divisions. These pages have not yet been conclusively tied to Russia, although it does seem likely.

Dan Coats, the Director of National Intelligence recently stated that intelligence agencies “…continue to see a pervasive messaging campaign by Russia to try to weaken and divide the United States.” The threat is very real, and it could have greater impacts than most people realize. Russia has already proved themselves to be capable of a wide range of attacks, from sophisticated propaganda that has the potential to alter election results to being able to penetrate key infrastructure.

This is just the beginning, and it is important for the country to wake up and start to take its cybersecurity seriously. The cyber warfare that we have seen so far is relatively tame compared to the possibilities. If relationships between the two nations sour even further, it is not unrealistic to expect attacks against key infrastructure which could be devastating.

Just last year, a Saudi Arabian petrochemical plant was almost blown up in a cyber attack. While faulty code prevented the explosion from taking place, the attack still devastated the company and took months to recover from. This attack may have occurred oceans away, but the computer systems that were compromised were developed by Americans and are used in industry all across the world.

This isn’t something from a Die Hard film, it’s the current state of cyber warfare. If the United States doesn’t begin to take a serious and cohesive approach to its cybersecurity, there could be devastating results and widespread havoc in the future.

Leave a Comment

You must be connected or logged in to post a comment. This is to reduce spam comments.

If you have not previously commented, you can connect using existing social media account, or register with a new username and password.