After the furore surrounding the Republican Convention, the Democrats probably thought they just had to show up, sit down, and not say anything whatsoever and they could go into the presidential race proper running on a strong platform. Of course, when it comes to Hillary Clinton, nothing is ever so simple, with the release of stolen emails exposing bias in the supposedly neutral Democratic National Committee sending shockwaves through the party.
This hack was, the DNC believe, an act of sabotage committed by cyber hackers on behalf of the Russian Government looking to influence the result of the Presidential elections. Whether this is true or not, the hack exposes serious vulnerabilities at government level that desperately need to be addressed, and it is baffling that they haven’t been. Indeed, reports now suggest that federal investigators actually tried to warn the DNC about a potential intrusion in their computer network months before the party moved to try to fix the problem.
This casual attitude to cyber security suggests that many who should know better are still not taking the issue seriously, leaving the government seriously vulnerable. This is hard to understand given that the US Government, despite their apparent outrage, is, according to many former insiders, possibly the biggest offender in hacking foreign governments. Mike McConnell, director of national intelligence under President George W. Bush, has said that President Obama’s daily intelligence briefing were primarily based around information of which at 75% has come from government cyberspies, and was going up. Michael Hayden, who headed the NSA, and later the CIA, under Bush, also said, ‘You’re not waiting for someone to decide to turn information into electrons and photons and send it. You’re commuting to where the information is stored and extracting the information from the adversaries’ network. We are the best at doing it. Period.’
Even though they are ‘the best at doing it’, it appears they are completely unprepared for attacks themselves. The DNC hack is likely just the tip of iceberg when it comes to cyber disruptions this election, and when it comes to federal government in general. The Government Accountability Office has reported that ‘persistent weaknesses’ in cybersecurity programs exist at the 24 agencies studied, with almost all agencies struggling with security management, access control, and configuration management. A survey from 451 Research found that three of five federal IT professionals believe their agency has suffered a breach.
This is not to say the Obama administration has been twiddling its thumbs. It is currently seeking to boost federal cybersecurity spending in its 2017 IT budget by 35% up to $19 billion. Last October, the US government also began hiring 6,500 new cybersecurity IT professionals, with 3,000 hired so far, and plans to hire another 3,500 by January 2017. President Obama has also signed a Cyber Incident Coordination policy directive that puts processes in place for how the government will respond to malicious or accidental threats to the nation’s public and private cyber infrastructure. The White House directive is designed to improve coordination between government agencies and bring clarity between departments in the event of any incidents.
These may eventually pay dividends, but for now it is clear that there are real vulnerabilities. It may be that a hack as damaging as this will cause people to take the threat as seriously as they should, but it’s not as if this is the first hack to have taken place. In the last year alone, hacks such as that on LinkedIn have caused tremendous damage, and relying on people to change their ways is unlikely to yield a happy result.
The way to avoid this is, ultimately, to hand everything over to machines. Machine learning and predictive analytics are now being adopted en masse. A Verizon Data Breach Investigations Report recently revealed that more than 50% of data breaches remain undiscovered for months, as seems to have been the case with the DNC hack, but in truth any system that is merely reacting to a hack is not going to be effective, it needs to act in advance. By using predictive analytics tools to analyze network data, patterns of normal behavior can be identified so that any deviation suggesting a potential attack can be identified ahead of time, and the appropriate defenses implemented so that nobody gets in for even a second. These tools work by monitoring activity across multiple network assets and real-time data streams, and immediately detect anomalies in network traffic and data flows while also recognizing new ‘normal’ activity, thus minimizing false-positive alerts.
The DNC hack may not prove fatal to the Clinton campaign, but it should be a warning to those who still don’t consider cyber security to be an issue. The world’s solution to most things has always been to throw money and bodies at a problem, but when it comes to cybersecurity we need to be clever and work smart, adopting tools like predictive analytics and machine learning to ensure that they stay ahead of any attacks, and are not left wanting.