The day before the election, the White House and other Federal agencies are getting ready to mitigate and strike back if necessary, in the event of a state-sponsored cyberattack against the United States.
Ann Barron-DiCamillo, former director of the Department of Homeland Security’s computer emergency readiness team, told NBC News that the denial-of-service (DDoS) attack against Dyn in October “had all the signs of…a drill.”
Barron-DiCamillo said that the Dyn attack, which took down major websites such as Amazon and PayPal, could’ve been a dry run for Russian hacking activity on Election Day, with the intent to cause the most chaos to disrupt the election. If a similar attack were to occur, the government would have to work with major Internet service providers such as Comcast and Verizon to mitigate the attack, according to Barron-DiCamillo.
The opinion that the Dyn attack was perpetuated by state-sponsored actors differs from that of industry experts that the attack was caused by amateur hackers.
FlashPoint released a report saying that since the attack targeted a wide array of websites as well as a popular video game company, it didn’t seem to be politically motivated.
“The direct correlation is definitely a little hard to see immediately, but what they are really referring to is being a dry run for testing the ability to control and influence the Internet and institute a level of chaos,” said Josh Finke, senior director of sales engineering teams and technology practices at Iron Bow.
Finke said that the hackers could send out false headlines and news at the last minute through Twitter, Facebook, and Reddit, and then shut down the Internet or create cyberattacks to keep citizens or the media from verifying the information. This would also affect the ability to quickly gather and share poll results.
DHS said that most likely, Russian hackers would instigate a last-minute fake file dump, which could spread misinformation about one of the candidates without giving the media enough time to vet the information.
Russia’s extensive cyber operations group began to recruit hackers in 2012 in an effort to rival the United States Cyber Command, according to a report published Monday by the Russian news site Meduza.
Cyber units were tasked with keeping Russian information and infrastructure secure. They were also given linguistic training to learn English in order to “fight cyberthreats.”
First, the cyber operations team began hiring technological experts from research organizations and universities. They were assigned to “research squadrons,” who were embedded with military units across Russia.
Then, the Russian government began to recruit hackers. Dmitri Alperovich, a researcher at Crowdstrike, a U.S.-based cybersecurity company, said that one way the Russian government does this is by forcing criminal hackers to work for the government instead of sending them to prison.
The Meduza report said that the shutdown of Estonia’s banks and government websites in 2007, and the attacks on Ukraine’s power grid in 2015, were most likely perpetuated by Russian hackers.
In 2016, the hacker group Fancy Bear was accused of interfering in the U.S. election by hacking Democratic National Convention emails.
Ilya Sachkov, a cybersecurity expert with Group-IB, a company studying Russian cyber activity, said “cyber war is being waged.”
“Normally, when [hacker] groups realize they have been tracked, they change the structure of [their attacks] completely. Fancy Bear have performed a number of high-resonance hacks, but it doesn’t take a genius to see the connection between these attacks, as they’ve been following the same algorithm,” says Sachkov. “They [Fancy Bear] are either idiots or have no fear.”
Sachkov said that Fancy Bear is confident that their actions won’t have repercussions.
Another hacker affiliated with Russia, Guccifer 2.0, tweeted that it would monitor the U.S. election “from inside the system.” Guccifer claimed to have hacked into the Federal Election Commission’s “electronic system” to observe the election independently in order to inform U.S. citizens about electoral fraud. However, this claim is likely another way of spreading misinformation about the election.
Since the voting process is controlled by individual states, the FEC doesn’t have jurisdiction over the voting process and doesn’t register election observers.
“The commission is not aware of our being hacked, and we couldn’t affect the election results if we were,” said a statement from the FEC.