The world is now a little over 100 days with Donald Trump at the helm of the United States government. Say what you will of “The Donald’s” tenure so far, but one thing is for sure, his race to the Whitehouse had us talking about a new dimension to politics: hacking.
We’ve probably all seen in mainstream media, stories of so-called ‘nation states’ (governments, or government-backed organizations) conducting hacks against other nation states, large companies and so on. When Sony Pictures Entertainment was hacked, the trail led to hackers in North Korea. Similarly we’ve also seen malware designed to wipe data from thousands on computers in Saudi Arabia most likely deployed by Iranian ‘threat actors’ (as we security types like to call them).
Hearing about government (or government sponsored) attacks isn’t new, but what has changed is the reason for these. Traditional attacks focused on industrial espionage, looking to steal trade secrets and other information to help domestic policy interests. A perfect example of this would be the hacking of US military defense contractors to obtain information on the F-35 Joint Strike Fighter aircraft. China was looking to kick-start its own fighter aircraft project, and why start from a blank slate when you can acquire the results of years of US (and other partner country) research and development? China now has a fighter jet that looks remarkably like the F-35, and very likely the resemblance is much more than skin deep, as Chinese threat actors were known to have taken extensive volumes of data on the new aircraft during its development.
Over the past few years, we have seen a decline in industrial espionage activities from traditional nation states—in the case of China, a marked decline after an agreement signed by President Obama and President Xi to reduce such activities. Instead, we are now seeing a rise in a new motivation: hacking to further the political narrative.
In the run-up to the 2016 US Election, we heard about hackers tied to Russia compromising the Democratic National Committee (DNC) and stole opposition research on Donald Trump. Was that information used by the Trump campaign to outmanoeuvre the Democrats? Ongoing investigations may help to shed some light on the links between Russia and the Trump campaign, but one thing is clear, the hacking helped to steer a few hearts and minds in a particular direction.
Now in France, we hear that hackers are once again dabbling in the electoral process, targeting the campaign of candidate Emmanuel Macron. Is this an attempt to tilt the political table in favour of far-right rival Marine Le Pen? Some say so. Whatever the truth, the fact that we’re having that conversation is evidence enough that such activities are enough to verify hacking as a new component of politics.
As the UK approaches a General Election, perhaps we’ll see hacking as a component of that story. It is clear that some world governments are seeing hacking as a way of influencing the agenda of other countries. It’s not that this is a new practice, we have been doing it for years, but the cyber component is a new tool to wage the same campaigns.
Does this mean we can sit back and relax, knowing attackers are focused on world politics? Sadly, no. We still see continued attacks against small business, and that problem, too, is growing. Threats like ransomware and wire fraud spurred on by phishing continue to plague companies of all sizes. We must remain vigilant.