Cybersecurity expert Tim Bandos reveals which political party is most vulnerable, common hacking techniques, and what companies can learn from watching how the DNC and RNC respond to cyberthreats.
The Democrats and Republicans stand united. Not in policy, and not in politics. A fear of hackers is the unifying, nonpartisan theme shared by both parties during the 2016 election.
The parties and candidates should be afraid. This political season candidates up and down the ticket from both major parties were hacked. In December 2015 the Sanders campaign was caught snooping at Clinton data in the NGP VAN data platform. In June and July, 2015 the DNC and the Clinton Foundation were targeted by hackers sympathetic to the Russian government. According to data firm ThreatConnect, the Republicans also lost data in related hacks.
The recent rise of political hacks (pun intended) during the 2016 cycle has raised questions about the possibility of election-day hacking. CNET's Laura Hautala reported on the likelihood of election day ballot-tampering. In her story, CrowdStrike CTO Dmitri Alperovitch explained, "Those are just regular PCs. God knows what's protecting those."
In an interview with TechRepublic notable hacker-turned-cybersecurity-consultant Kevin Mitnick said the DNC hack showed just how vulnerable political parties are to simple attacks. "It sounds like people at the DNC would be easy to phish and very easy to exploit," he said. "There's no such thing as 100 percent security. Even people that take training can be exploited ... you could have had training, and you're stressed for the day... you're thinking about your kids or your school. You could still fall for stuff."
Startups and campaigns are alike in several ways. Tim Bandos, Director of Cybersecurity at Digital Guardian, explained how business can learn from election year hacks.
What types of hacking are political parties vulnerable to, and what can companies learn from watching how campaigns respond to attacks?
Parties are vulnerable to the same types of cyberattacks that occur in any industry. The difference between attacks on a political party or a corporation is the adversary's intent. Some of the most recent attacks on the Democratic National Committee are believed to have stemmed from the intention of impacting the US presidential election. So like a corporation's need to protect trade secrets from being stolen, the DNC must protect its email communication and information about the campaign.
What techniques are used?
Parties are commonly hacked via targeted phishing email. A phishing email is a specially crafted message that tricks the end user into clicking a link or an attachment that introduces malicious code to their personal computer. As soon as one computer is infiltrated, the opportunity for infecting others and moving laterally within that network becomes immediately available.
Which party is more vulnerable to cyberattack?
The party that has not taken steps to mitigate against cyberattacks and educated its users on security awareness is most vulnerable. A combination of staying patched and up to date on the operating system, installing an endpoint data leak prevention suite, and hardening the configurations to make it difficult for a compromise would all be required to ensure an adequate level of protection.
Which political party is best prepared to mitigate cyberattacks after the General Election?
The best prepared party to mitigate against a cyberattack is one that has learned from the mistakes of their counterpart, or from their own, and invested in the appropriate technology to better protect them against an intrusion. Threats will continue to evolve along with the tactics leveraged by attackers to compromise their targets. Without paying attention to this evolution and ensuring best practices are being followed, the same outcome will continue to occur. The bad guy winning.
How much does a cyberattack cost?
The financial cost of a cyberattack to a party is far outweighed by the impact to their reputation based on the type of information that is released. If there are any email exchanges or significant cover-ups that cast a negative light upon the party, it can ultimately influence whom the next leader is of this nation with people voting for the other party.
With regard to a typical company: According to IBM's Cost of a Data Breach study the total cost grew from $3.8 million to $4 million for a breach. The study also reported that the average cost incurred for each stolen record containing sensitive information was set at $158. Keep in mind, this is just an average number. If we look at actual incidents, such as the Home Depot attack, their breach-related cost came in at around $62 million so it's relative to what was actually taken along with the public's perception of the attack and how the company responded.
What can companies learn from campaign hacks?
Companies need to learn and accept that nobody is immune. There is not a day or week that goes by now without hearing about the latest hack attack that has occurred. One of the biggest issues today is knowing whether or not you've been breached. If you look at the statistics associated with the amount of time spent by an adversary going undetected within an environment, often years or months, it becomes instantly alarming. We need to learn from each other and continue to stay educated on cyber threats; while also putting in measures to better position ourselves for either preventing or at a minimum detecting an attack.