Close
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    U.S. Cyber-Warriors Disrupt Russian Election Attacks

    By
    Wayne Rash
    -
    February 28, 2019
    Share
    Facebook
    Twitter
    Linkedin
      election hack

      It started in mid-October 2018, when Russian operatives of the Internet Research Agency started getting emails and direct messages on social media letting them know that the United States was watching them, that it knew their names and where they worked. Then, on Nov. 6, 2018, everything went dark for the Russians. The once-feared IRA found itself with no internet access at all.

      As you might expect, the series of contacts from U.S. agencies had already rattled the Russians, and authorities inside the IRA were trying to figure out who had leaked the information to the Americans. Then, without warning, chaos.

      Reportedly, the Russian operatives were complaining to their support teams that they’d been taken offline and investigations ensued, but the ability of the Russian operatives to access the internet didn’t return for several days, during which the IRA’s disinformation campaigns ceased and the attempts to interfere with the U.S. elections went nowhere.

      Details of the attack, which was first covered by The Washington Post, began to emerge during hearings by the Senate Intelligence Committee in mid-February. Even though that briefing was classified, Gen. Paul Nakasone provided few details. At a later hearing before the Senate Armed Services Committee that same week, Nakasone was obliquely credited with enabling the 2018 mid-term elections to go as smoothly as they did.

      In response to questions by the Committee, Nakasone declined to take credit, other than to say that safeguarding the election was the top priority of the U.S. Cyber Command and the National Security Agency, which Nakasone also heads. Having a common director for both agencies eases the lines of communications and played a direct role in the success of those cyber-operations.

      As you might expect, the details of how those attacks on the Russian IRA were carried out aren’t known, nor are the details of how the U.S. Cyber Command managed to get the personal information of the Russian personnel. In fact, the existence of the attack is only vaguely acknowledged through comments from members of Congress.

      Neither the NSA nor the U.S. Cyber Command was willing to respond to questions from eWEEK, despite repeated requests. Likewise, requests to the White House for comment went unanswered.

      The attacks came about due to changes in administration policy that allowed the Cyber Command more latitude in how the organization conducts cyber-warfare, and in eliminating the requirement that the command get approval from other agencies. In addition, the recently passed National Defense Authorization Act redefined such cyber-operations as a traditional military activity, which removed some limits on such operations.

      ‘Persistent Engagement’ Behind the Operation

      The operations against Russia are part of a policy called “persistent engagement” in which a group made up of specialists from the Cyber Command and the NSA continuously conduct actions against adversaries to keep them off balance and to make them devote resources to defense that they might otherwise use against the U.S.

      It’s notable that the operation to take down the Russian operation was fairly limited. This isn’t because the folks at the Cyber Command couldn’t do more, but rather because it was tasked to simply protect the election and also not give the Russians a reason to escalate their operations. At this point, both sides have the capability to do serious damage to the data infrastructure in the other.

      What it does instead is demonstrate to the Russian operatives that there’s a cost to attacking the U.S. cyber infrastructure, and to make sure that they know that a more serious attack will elicit a more serious response.

      In addition, the attack on the IRA also sends the message to other nation-state cyber-operators that the U.S. can take them offline at will. The fact that we haven’t taken out the Chinese, the North Koreans or the Iranians doesn’t mean that the U.S. can’t. Instead, it demonstrates that a more serious attack from those interests will get a significant attack in return.

      What This Means for Your Organization

      For the average IT manager, the results of this new round of action by the U.S. are unclear. It would seem that the most likely outcome is that the level of attacks against U.S. companies may be reduced as the Russians and others spend more effort protecting themselves.

      But for some attackers, notably the Chinese government-sponsored hackers, it’s likely to make little difference. Those attackers aren’t trying to take your company offline—they’re trying to steal your intellectual property, your processes and your trade secrets. Unless the U.S. Cyber Command decides to attack China as a result, you probably won’t see much difference.

      What this means in the long run is that you must continue to ramp up your defenses. It doesn’t matter much who is attacking you, or even whether it’s a government or a cybercrime syndicate. What matters is that you’re being attacked.

      But one thing you can do is report the details of any attack to the federal government and to other enterprises so that they know what to expect.

      Wayne Rash
      https://www.eweek.com/author/wayne-rash/
      Wayne Rash is a freelance writer and editor with a 35-year history covering technology. He’s a frequent speaker on business, technology issues and enterprise computing. He is the author of five books, including his most recent, "Politics on the Nets." Rash is a former Executive Editor of eWEEK and a former analyst in the eWEEK Test Center. He was also an analyst in the InfoWorld Test Center and editor of InternetWeek. He's a retired naval officer, a former principal at American Management Systems and a long-time columnist for Byte Magazine.

      MOST POPULAR ARTICLES

      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Applications

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      Applications

      Kyndryl’s Nicolas Sekkaki on Handling AI and...

      James Maguire - November 9, 2022 0
      I spoke with Nicolas Sekkaki, Group Practice Leader for Applications, Data and AI at Kyndryl, about how companies can boost both their AI and...
      Read more
      Cloud

      IGEL CEO Jed Ayres on Edge and...

      James Maguire - June 14, 2022 0
      I spoke with Jed Ayres, CEO of IGEL, about the endpoint sector, and an open source OS for the cloud; we also spoke about...
      Read more
      Careers

      SThree’s Sunny Ackerman on Tech Hiring Trends

      James Maguire - June 9, 2022 0
      I spoke with Sunny Ackerman, President/Americas for tech recruiter SThree, about the tight labor market in the tech sector, and much needed efforts to...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2022 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×