Experts: DNC Hack Shows Inadequate U.S. Security Against Russian Cyber Attacks

Russia has made cyber warfare a national priority while U.S. lags

Vladimir Putin
Vladimir Putin / AP
July 27, 2016

FT. LAUDERDALE, FloridaSpecialists who have studied Russia’s cyber warfare capabilities said the Kremlin is responsible for the hacking and eventual release of 20,000 emails from the Democratic National Committee, adding that there is no sure way to stop these kinds of attacks from recurring.

Experts who spoke to the Washington Free Beacon cautioned that it is difficult to prove the connection between the hackers and the Russian government with a legal degree of certainty, but they said the evidence indicated Russian involvement.

Russia’s intelligence services decided years ago to make cyber warfare a national defense priority, said Dr. David Stupples, director of the Centre for Cyber Security Sciences at City University London. They have become increasingly proficient in cyber operations as a result.

"From around 2007, Russia decided that information warfare was key to winning any world conflict, and that it was this area of capability and technology they decided would benefit from vastly increased military investment," Stupples said. "What made this decision easier was that Russia was also home to the largest numbers of some of the world’s best hackers."

While the DNC is not a high-value military target, "there was still a threefold motivation to hack its system," Stupples said. "One was to demonstrate that Russia is on top of its game in this kind of shadowy warfare. Another was to embarrass the Democrats and undermine the presidential election process at a critical time. A third was to test U.S. security measures."

Testing U.S. defenses would reveal to Moscow how Washington might react in response to further provocations.

"The goal of testing U.S. security measures is not now, nor has it in the past—proved to be a difficult objective for Moscow," Stupples said. "The National Security Agency and FBI have long suspected that Russia had penetrated a significant number of sensitive U.S. infrastructure systems in order to test efficacy and document structure—not to mention steal military secrets."

The goal of Russia’s cyber warfare activities is not just random disruption or embarrassing revelations, Stupples said in May at the European Electronic Warfare Symposium in Rotterdam.

"What Russia is doing is linking cyber attacking and hacking with its open information warfare methods—propaganda disguised as news programming, funding of NGOs, etc.—and in coordination with its military establishment’s use of electronic warfare," Stupples said. "By employing all three methods together in an integrated pattern of activity Moscow can achieve what its military theorists call ‘reflexive control’—in other words warping your adversary’s perceptions to the point where that adversary begins to unknowingly take wrong or damaging actions."

Russia has a distinct advantage in the cyber realm because it engages the services of non-governmental cyber crime entities, which masks its role in cyber attacks.

"This is what the U.S. and others of us do not have—proxy cyber warriors," said Stupples. "What the Russians are saying is that ‘we will make these criminal organizations our partners—recruiting them to do cyber work for the Russian state.’"

The Kremlin promises its criminal partners it will "turn a blind eye to their attacking banks, disrupting commerce in the west, etc." as long as they make themselves available to do the odd job for Russia’s intelligence services and military.

There are currently more than one million Russian programmers engaged in cyber crime, according to the United Kingdom and other NATO intelligence services. These programmers are affiliated with 40 Russian-based cyber crime rings. The United States and its partners could not feasibly match this level of manpower using only government agencies and employees.

The United States has maintained misplaced faith in international agreements or treaties as other state actors have raced ahead in developing cyber warfare capabilities, according to several experts. While Russia, China, North Korea, and other nations sign accords about cyber warfare, they use proxies to carry out prohibited operations and then blame them on criminal enterprises. "How do you prove which cyber attacks by a criminal gang were ordered by Moscow or Beijing and which were not?" asked one European expert.

The experts said no firewall or security scheme was ever going to be effective to acceptable levels against these kinds of attacks. The most effective deterrent, they said, was an offensive response more severe than the attack suffered.

"The U.S. administration not only continues to ‘fight the last war’ with ineffective measures, but it refuses to engage in reprisals against Moscow," said a cyber security specialist in Poland.

In 2008, a malware program named Agent.btz compromised some of the most sensitive U.S. military computer networks, including those of the NSA. The U.S. military’s offensive cyber unit proposed counter measures that could be taken against the Russian government, which was thought to be responsible for the attack.

Senior administration officials turned down these suggestions, reasoning that the Russian operation was "an act of espionage and not an outright attack," according to the Washington Post.  NATO specialists on electronic warfare said Russia exploits these ambiguities in U.S. policy.

According to Stupples, "Washington is now playing catch up" in a field where its adversaries have invested considerable resources.

The problem will only worsen with time, said another European expert, who said the current administration’s refusal to confront Russia directly had only made the situation worse.

"Regardless of who wins this U.S. election, this issue needs to be addressed at the highest levels as soon as a new president takes office in January 2017."

Published under: Cyber Security