Why the attack on the DNC won't be the last one like it

The great DNC email caper
REUTERS/Mark Kauzlarich

The great DNC email caper

The tech news cycle dovetailed with the political news cycle last week when first emails and then voice mails from the Democratic National Committee were released via WikiLeaks. And with the possibility of Russian involvement, the incident went from a domestic squabble to a potentially international incident.

This is perhaps the most high-level intrusion of infosec concerns into American politics, but it isn't even the first this year; Recorded Future has outlined a series of hacks targeting both campaigns over the past 12 months. The truth is that hackers have taken an interest in democracy and the electoral process for some time.

02 gop romney ryan
REUTERS/Shannon Stapleton

Targeting the GOP

Eric O'Neill, National Security Strategist at Carbon Black, points to lower-key break-ins during the last two U.S. elections. "In 2008, foreign intelligence services sought to recruit staffers, used human sources for policy insights, and engaged in hacking of both Obama and McCain's campaigns. One stolen letter, blamed on China, showed McCain supporting Taiwan—certainly information China would want to know about a potential next president. In 2012, Romney's website was attacked and sabotaged, costing the Romney campaign precious donations. Typically spy agencies want this sort of information to inform their geopolitical maneuvering and be able to effectively pivot to address changes in an administration or new international policies that may occur after a new president takes the Oval Office."

Karl Rove
REUTERS/Shannon Stapleton

The secret history of 2012?

Speaking of 2012, one of the stranger rumors about that year was that hacking collective Anonymous had disrupted the Romney's campaign's nefarious plan to steal the election. In this telling, the Republican's ORCA system was secretly aimed at changing vote totals in key state. People claiming to be associated with Anonymous said that their hacking skills prevented this, which explains why Karl Rove had an on-air meltdown when Ohio was called for the Democrats.

There is of course literally zero evidence for it, other than a few anonymous Anonymous wannabes. ORCA was actually a get-out-the-vote system, and its spectacular failure on Election Day—memorably referred to by Breitbart News as "The Romney campaign suppressing its own vote"—can be easily chalked up to all-too-familiar programming and organizational failures.

Russian gang hack
REUTERS/Kamil Krzaczynski

A clean sweep needed

If Russia was behind the attack on the DNC, the U.S. can at least console itself that it's in good company. In 2015, the German parliament was struck by a trojan so pernicious that the legislature considered literally ripping out its entire computer network and hardware to cleanse itself. The trojan was sending data back to its controllers, and the best guess was that it was built by a Russian gang with ties to the government, and aimed at Germany's ruling CDU party.

A pre-election infodump
REUTERS/Romeo Ranoco

A pre-election infodump

The Filipino branch of the LulzSec hacker consortium seems to have been behind a major breach in the Philippines in April of 2016, in which they released what they claimed to be the complete database of the Philippine Commission on the Elections—in essence, a list of every voter in the country. This followed on the heels of Anonymous defacing the commission's website. Both groups claimed their agenda was to highlight the government's insecurity rather than to affect the outcome of the May 2016 elections—but it may not have been a coincidence that the governing Liberal Party was defeated. Either way, those who had their personal information exposed are now more susceptible to fraud or identity theft.

David Michael Levin
Dan Sinclair (screen grab)

Charging in a little too boldly

An act that demonstrates how much security pros and the general public tend to baffle each other, Florida security expert David Michael Levin broke into his local county election supervisor's website earlier this year. He didn't keep it a secret—he posted video of the break-in online—because his stated goal was to demonstrate how insecure the system was. But he hadn't made any attempt to discuss this with the local government beforehand. The act certainly embarrassed the local supervisor of elections, but perhaps had more impact on Levin, who may be heading for prison.

Andrés Sepúlveda
REUTERS/Tomas Bravo

The ultimate fixer

Perhaps the prolific cyber-fixer of elections that we know of is Andrés Sepúlveda, a Colombian hacker who claims to have helped sway races across Latin America for most of a decade. Working mostly on behalf of right-wing campaigns, often through third parties to provide the campaigns plausible deniability, Sepúlveda turned state's witness after an arrest in his native country and told all to Bloomberg Business Week earlier this year. His techniques include installing spyware in campaign offices, stealing campaign strategy documents, and creating artificial enthusiasm and hostility via fake social media accounts. When asked if he thought the U.S. election was being tampered with, he said "I'm 100 percent sure it is."

Canada's New Democratic Party
REUTERS/Blair Gable

A sledgehammer to the process

Many attacks aren't so subtle, and aim to disrupt in a more obvious and less nuanced way. In 2012, unknown attackers based from servers launched a distributed denial of service attack against Canada's New Democratic Party, which was conducting its leadership election online. The election was delayed for hours and turnout was low, which may have had an effect on the outcome. These sorts of attacks are good examples of why true internet voting never seems to happen: it's so much easier to brute-force attack a voting system online than it is to damage or disrupt thousands of physical voting machines.

A hacking scandal struck South Korea
REUTERS/Woohae Cho

Suppressing the cyber-savvy vote

A hacking scandal struck South Korea in 2011, when the assistant to a lawmaker from the ruling Grand National Party confessed to launching DDoS attacks on the website of an opposition candidate and the nation's election regulator. The assistant claimed that he "assumed making it hard for young voters to find polling stations would drive down voter turnout, since I thought young votes may swing the result." The incident caused a crisis within the Grand National Party, leading to a shift in leadership and change in name to the Saenuri Party try to make a new start. The party was re-elected in 2012, but with a reduced majority.

Debbie Wasserman Schultz
REUTERS/Mike Segar

The lesson: Be prepared

So as scandalous as this week's news is, it's not anything unique. "This sort of campaign hacking, and releases of information in a targeted way to embarrass a candidate, has plenty of historical precedent," says Carbon Black's O'Neill. Indeed, the surprise is that it doesn't happen more often. "Each year candidates are warned by the FBI that they are vulnerable and that security is critical," he says. "The DNC is spinning their lack of preparedness into a story about Russia trying to influence the election. This only detracts from the more important focus on the need for effective cyber security to defend secrets, especially the most embarrassing ones. You know, the kind that get a chairperson fired."