By: Hank Thomas
COO & Partner at Strategic Cyber Ventures
Russian threats pose a clear and present danger to western society via the cyber arteries that transport the financial, corporate, and federal digital lifeblood to the free world. As multiple major elections quickly approach, senior European government leader must double cyber defensive efforts to include bolstering or creating hunt teams, deploying their own deception operations, really anything to identify the adversary on their networks and contain their ability to move. A dark cloud ominously looms over western democracy as a direct result of the exploit of the 2016 U.S. presidential election. America was the first target in the emergence of political hackings, but it is inevitably not the last, and European elections, with a focus on Germany, are unfortunately next in line.
As additional adversarial campaigns successfully influence/manipulate major western elections, it will dramatically embolden cyber threat actors worldwide to develop new offensive cyber capabilities and deploy more attacks. Western democracies must draw a line in the sand in response to these advanced and evolving cyber threats. The western world desperately needs Europe to lead the charge in defending the “cyber line” against Russia and other maleficent parties throughout the upcoming elections.
The hacking enabled, influence operations on the 2016 U.S. elections overwhelmingly point to Russian burglary, grand theft, and defamation, at a minimum. While no evidence exists of tampered or hacked voting machines, more than enough evidence suggests that the Russian state attempted to manipulate the U.S. election prior to ballot casting though extensive, coordinated influence operations. Influence operations being actions intended to persuade or manipulate populations. Russian influence operations took the shape of fake news, indicators of compromise on DNC servers, and Russian supported Wikileaks publications leading up to the election. However, the European elections will witness more robust and evolved versions of influence operations in the coming months.
Long before cyberspace simplified the process of gaining access to sensitive western data, communications, conversations, and other channels, Russia attempted to steer the direction of Western European politics via more traditional channels, such as print media, photo alterations, bribery, and blackmail. Cyber offers an easier, more secure, and more lucrative platform to conduct assaults. The new landscape of influence operations via cyber vehicles allows attackers to operate remotely and securely, and is ultimately pushing information warfare to another level with much greater impact. Political exploitation via cyber will increase dramatically as a direct result of the successful U.S. attack and should serve as a preemptive warning of what may soon materialize in Europe.
Every European should focus on the #1 national security issue facing the continent, the western world, and democracy today – cybersecurity. Cybersecurity trumps radical Islamic terrorism as the most significant threat to western life, even in Europe. Cyber threats may not at the moment result in blood shed, but swaying millions of votes, stealing national secrets, releasing private emails, and the inevitability of much worse, directly impacts citizens throughout the entire world. Rather than address the threat, some in the western world continue to question the validity and capability of cyber actors, and obsess over smoking gun attribution, which is next to impossible to obtain. This level of confusion, or “fog of war”, makes it easy for enemies, such as Russia, to attack. It provides more time to entrench into networks, carry out attacks, and ultimately drive a wedge into society.
The potential outcomes associated with escalating cyber exploitation and attack, while unseen, are ripe to destroy the current state of democracy. These attacks are still in their infancy and have yet to scale. Cyber targeting will continue to expand from military operations and financial services to elections, power generation, connected vehicles, and everything tied to the internet of things. As our technologies and networks grow in accordance with Moore’s Law, their associated cyber vulnerabilities will grow in tandem. And as a direct result, state sponsored and civilian criminal hacker organizations will mature and operate from their sanctuary of bulletproof virtual hosts, free to assault our growing cyber communities.
Russia is bound and determined to influence western voters and discredit our leaders, to grow the power of organizations supporting causes sympathetic or beneficial to Russia’s rebirth under Putin. Europe must act, and act now. Western security services and organizations like NATO must form increased formal and informal alliances to share real time strategic cyber threat data and intelligence. International allied public-private partnerships must also form to encourage the creation of laws that ensure the sharing of actionable threat data.
Western democratic countries must take immediate action to prevent the erosion of confidence in our digital arteries and democratic systems. The time to band together is now. 2017 is the year that we will collectively defend the cyber line in the sand and not only hold back the Russian bear that already crossed the line, but put him to rest for good.