7 January 2017

2016 presidential election and a national cybersecurity investigation

By: Kevin Coleman

Many cybersecurity practitioners are sitting on the edge of their seats waiting for the results of the investigation directed by the White House into the hacking events that surrounded the 2016 presidential election. They became even more anxious after recent publications, such as “ The Perfect Weapon: How Russian Cyberpower Invaded the U.S.” by The New York Times. Their level of anticipation was further increased when a bipartisan effort to investigation cyberattacks on our election process was publicly discussed.

A previous investigation found that the compromise of the democratic system was due to a phishing email after it was miscategorized as being legitimate! Phishing attacks are easy to conduct and focus on the weakest link — humans instead of vulnerabilities in computer hardware and software.

It should be noted that many cybersecurity professionals consider phishing emails as the No. 1 cyberthreat given their ease of construction and success rates. However, you must also consider that on average, a phishing website is online for less than 15 hours.

Although the White House request is the most recent call for an investigation, it is not the first. In mid-November, Rep. Elijah Cummings, D-Md., sent a letter to Rep. Jason Chaffetz, R-Utah, requesting that Chaffetz launch an investigation of Russian intervention in the election.

But wait, there’s more! In early November, the website of Donald Trump was hacked, resulting in a highly visual text banner proclaiming: “I’M WITH HER." And let’s not forget the mid-October headlines about federal investigators looking into whether Russian hackers were behind cyberattacks that targeted a vendor involved with Florida’s election system. August news reports disclosed information about an FBI investigation of alleged Russian involvement in a hacking campaign designed to undermine the Democratic Party.

With so many highly targeted and reasonably successful cyberattacks taking place over a short period of time and during the height of election season, such an investigation should have been initiated much earlier. Clearly, this was a campaign specifically designed to cast doubt on the democratic process of the United States. Additionally, this is a national security issue and a growing trend that we cannot and must not ignore.

With so much at stake, there are a fair number of unknowns. These unknown have given rise to several questions:

What is the scope of the hackers tampering with the 2016 presidential election? 
Should an investigation stop with Russia or should the actions of Anonymous (and others) be included? 
Does hard forensic evidence exist that is clearly traceable back to the source of the hacking (Russia, Anonymous, others)? Several sources have claimed that recent hacking tools and techniques make solid attribution nearly impossible. 
What if those cloaking techniques were employed in these hack attacks? 
If we are able to track the attacks back to Russia and/or Anonymous, then what? Do we retaliate? If so, do we hack back? 
Is this an act of cyberwar? It is important to remember we don’t have a widely acceptable definition of what constitutes an act of cyberwar. 
Did “fake news” have an influence on the election? If so, should those “responsible” be investigated and held accountable? 
What about all the interesting social media posts? I wonder who was behind some of those. 

Raytheon has been awarded a $37 million Air Force contract to support anti-jamming efforts for satellite communications.

Raytheon will demonstrate new technology for the Protected Tactical Services Field Demonstration, which aims to improve anti-jamming capability for the Wideband Global Satellite Communications constellation as well as commercial satellites.

"The new, protected SATCOM system will bring a distinct set of capabilities, including flexible access to commercial and government SATCOM channels for seamless transition between SATCOM systems to maximize communications availability for tactical forces," a Raytheon news release said.

"Eventually, hardware developed and tested under the PTSFD contract can be deployed as upgrades to existing satellite communication terminals," the company said. "By reusing the antenna and RF front end of existing terminals, costs are greatly reduced, since those are the most expensive elements of any SATCOM terminal."

No comments: