Bots & Ballots Make A Sophisticated Threat

The recent indictment of 12 Russian intelligence officers seeking to influence the outcome of the 2016 presidential election may have come as a surprise to many US citizens. But a leading cybersecurity expert believes it shows just how sophisticated the threat is to democracy.

“One of the most striking things in the indictment is really how much of a campaign it is, and how many hundreds of people and how much of an assembly line operation it is. And that speaks to the nature of the hacking and what it really takes to be successful,” Oren Falkowitz, CEO of cybersecurity firm Area 1 Security, told Yahoo News’ podcast

“Bots & Ballots.” “Cyber offensive operations, or stealing or hacking, it’s a numbers game and it requires large campaigns. We often talk about these things as if they’re ultra-targeted, and that’s simply not the case.”

Falkowitz, who held senior positions at the National Security Agency, told TV show “Bots & Ballots” host Grant Burningham that the threat from bad “cyber actors” is continually evolving.

“The goals have really shifted significantly, from website defacement to stealing data to manipulating data to some sort of financial gain to now larger and more thematic or outcomes that really challenge society, like elections,” Falkowitz said.

At the same time, however, the Justice Department indictment showed what Falkowitz knew all too well. Hillary Clinton’s campaign chairman John Podesta was hacked because he fell for a phishing expedition disguised as a Google login page.

“That is a technique that is used by all cyber actors; over 95 percent of the campaigns start with these types of phishing,” Falkowitz said. “Sometimes it looks like it comes from the CEO and it says, ‘Hey, could you call me,’ or ‘Could you send me this?’ So there’s a variety of lures or visual or authentic cues, but it’s always targeting a user.”

Having broken into Podesta’s computer and the DNC’s server, the Russian agents are alleged to have launched a variety of tools to widen what Falkowitz calls “data access” to further compromise Clinton’s presidential bid.

The operation played out in a predictable way, Falkowitz says, but it shows just how effective the hacking techniques are. More worrisome is just how vulnerable elections in the United States remain.

“There’s a lot of discussion about what might happen from a cybersecurity perspective in the 2018 midterms and the 2020 presidential election just following that,” Falkowitz said.

“And, as of late, what I’ve been observing is that people are talking about voting machines and some of the infrastructure that’s run on a state-by-state basis. But candidates are increasingly targets for these types of cyber-campaigns, and we’re not doing enough early to get in front of it and we’re likely to see more of this going forward. I think we really only saw the tip of the iceberg.”

Yahoo Finance

You Might Also Read:

The Mueller Investigation Identifies Russian Spies:

Hillary Clinton’s Cyber Warfare Warning:

« COSCO Cyber Attack And The Importance Of Maritime Cybersecurity
Law Firms Are Uneducated & Exposed »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Perforce Software

Perforce Software

Perforce helps companies build complex software products more collaboratively, securely, and efficiently.

Markel International

Markel International

Markel International is an international insurance company which looks after the commercial insurance needs of businesses. Specialist services include Cyber Risk insurance.

ADF Solutions

ADF Solutions

ADF Solutions is a leading provider of digital forensic and media storage exploitation tools.

InAuth

InAuth

InAuth Security Platform delivers advanced device identification, risk detection, and analysis capabilities to help organizations limit risk and reduce fraud.

CyberPoint

CyberPoint

CyberPoint delivers innovative, leading-edge cyber security products, solutions, and services to customers worldwide.

NXO France

NXO France

NXO is an independent leader in the integration and management of digital workflows with services covering digital infrastructures, communications & collaboration, and security.

Tigera

Tigera

Tigera provides zero-trust network security and continuous compliance for Kubernetes platforms that enables enterprises to meet their security and compliance requirements.

Langner

Langner

Langner is a software and consulting firm specialized in cyber security for critical infrastructure and large-scale manufacturing.

Veracity Industrial Networks

Veracity Industrial Networks

Veracity provides an innovative industrial network platform that improves the reliability, efficiency, and security of industrial networks and devices.

CIRISK

CIRISK

CIRISK offers a wide range of services from consulting to audit or project management to help you develop your cyber security or information security strategy.

Syber Technology

Syber Technology

Syber Technology is an IT project implementer empowering IT systems of Small to Medium Enterprises in the Middle East.

Ackcent Cybersecurity

Ackcent Cybersecurity

Ackcent's mission is to help our clients to protect their critical digital assets by providing them with a portfolio of specialised professional services.

Ukrainian Special Systems (USS)

Ukrainian Special Systems (USS)

Ukrainian Special Systems (USS) is a state-owned commercial enterprise providing confidential communication, trust services and services in the field of information protection.

Silicon Cloud International

Silicon Cloud International

Silicon Cloud is a high performance and secure cloud computing platform for engineering and scientific applications.

KeyData Associates

KeyData Associates

KeyData is a recognized leader in cybersecurity services specializing in Identity and Access Management (IAM), Customer Identity & Access Management (CIAM) and Privileged Access Management (PAM).

AuthMind

AuthMind

Prevent your next identity-related cyberattack with the AuthMind Identity SecOps Platform. It works anywhere and deploys in minutes.