Uncertainty clouds debate on Russia’s suspected role in election hacks
How does one prove Russia meddled with the presidential election?
That is a question the US government is facing, but may never fully answer, at least not publicly. The US has punished Russia, claiming the country’s cyberspies hacked Democratic groups and figures during the election season.
However, missing from that announcement was any new evidence – or a smoking gun – proving the Kremlin’s involvement. This is not sitting well with everyone in the security industry, especially since identifying the culprit of any cyberattack is no easy matter.
“Maybe Russia did do it, but until we have sufficient evidence, it’s a mistake to move forward,” said Jeffrey Carr, a cybersecurity consultant.
Carr is not the only sceptic. Incoming President Donald Trump has also been doubtful over Russia’s suspected role in the cyber-meddling.
“Unless you catch ‘hackers’ in the act, it is very hard to determine who was doing the hacking,” tweeted Trump, who has compared the problem to the US incorrectly concluding that Iraq possessed weapons of mass destruction over a decade ago.
Nevertheless, the outgoing administration of President Barack Obama remains convinced that the Kremlin directed the high-profile hacks in an effort to sway public opinion in the run-up to the election.
Private security firms have concluded the same. As evidence, they have pointed to the targets hacked, in addition to the malware and methods used – all of which suggest that elite hackers out of Russia were responsible.
But in Carr’s view, the evidence is missing important links, such as proof showing that the suspected Russian-speaking hackers were actually enlisted by the Kremlin.
Malware can also circulate. What is to stop any hacker from using malicious coding developed in Russia?
“We should be setting a high bar (on this investigation),” he said. “But the government has so mangled this campaign to show the public evidence. It’s such a mess.”
The concerns have been growing. The FBI and the Department of Homeland Security have issued a joint report meant to offer more details on the tools used by the Russian cyberspies during the election-related hacks. However, security experts have complained that the report only reiterates what private security firms have already said.
“The critics who say the report is short on facts – I think they have a point,” said Leo Taddeo, chief security officer at Cryptzone and a former FBI special agent.
But whatever additional evidence the US has about the suspected Russian hacking is probably classified, and may never be made public. Spies from the US and other foreign governments may have already confirmed the Kremlin’s role in the hacks, but exposing these sources would be too risky, Taddeo said.
“An enormous mistake” was made with the US concluding Iraq had weapons of mass destruction, he added. “But it doesn’t make sense for us to never trust the intelligence community again.”
It is also possible the Obama administration will reveal more about Russia’s suspected involvement. The outgoing President has ordered US intelligence agencies to compile a full report on cyberattacks that have tried to tamper with previous elections. Obama intends to make as much of that report public as possible.
US lawmakers, both Republican and Democratic, also plan to investigate the matter.
“People need to understand there are very good reasons that the general public will never hear the full story,” said Phil Burdette, a security researcher with Dell SecureWorks. “It could really hamper ongoing and future investigations.”
His company has also been researching the email hacks of Democratic figures, and has blamed them on Russian government-sponsored hackers with “moderate confidence.” A primary reason is that the hackers have been found attacking a long list of victims including, Russian dissidents, US military officials, Syrian rebels and experts on Ukraine – or targets that the Russian government intelligence would be extremely interested in.
“Attribution isn’t ever black and white,” Burdette said. In cybersecurity, it will deal with uncertainty and grey areas.
“But as far as shades of grey go, this is going to be the darkest grey you can find,” he said of Russia’s involvement.
IDG News Service