Ex-NSA official: Russian hack of Democrats was 'assembly line operation'

Photo illustration: Yahoo News; photos: AP, Getty
Photo illustration: Yahoo News; photos: AP, Getty

SAN FRANCISCO — While last week’s indictment of 12 Russian intelligence officers seeking to influence the outcome of the 2016 presidential election may have come as a surprise to many U.S. citizens, a leading cybersecurity expert believes it shows just how sophisticated the threat is to our democracy.

“One of the most striking things in the indictment is really how much of a campaign it is, and how many hundreds of people and how much of an assembly line operation it is. And that speaks to the nature of the hacking and what it really takes to be successful,” Oren Falkowitz, CEO of cybersecurity firm Area 1 Security, told Yahoo News’ podcast “Bots & Ballots.” “Cyberoffensive operations, or stealing or hacking, it’s a numbers game and it requires large campaigns. We often talk about these things as if they’re ultra-targeted, and that’s simply not the case.”

Falkowitz, who held senior positions at the National Security Agency, told “Bots & Ballots” host Grant Burningham that the threat from bad “cyber actors” is continually evolving.

“The goals have really shifted significantly, from website defacement to stealing data to manipulating data to some sort of financial gain to now larger and more thematic or outcomes that really challenge society, like elections,” Falkowitz said.

At the same time, however, the Justice Department indictment showed what Falkowitz knew all too well. Hillary Clinton’s campaign chairman John Podesta was hacked because he fell for a phishing expedition disguised as a Google login page.

Download or subscribe on iTunes: “Bots & Ballots” by Yahoo News

“That is a technique that is used by all cyber actors; over 95 percent of the campaigns start with these types of phishing,” Falkowitz said. “Sometimes it looks like it comes from the CEO and it says, ‘Hey, could you call me,’ or ‘Could you send me this?’ So there’s a variety of lures or visual or authentic cues, but it’s always targeting a user.”

Having broken into Podesta’s computer and the DNC’s server, the Russian agents are alleged to have launched a variety of tools to widen what Falkowitz calls “data access” to further compromise Clinton’s presidential bid. The operation played out in a predictable way, Falkowitz says, but it shows just how effective the hacking techniques are. More worrisome is just how vulnerable elections in the United States remain.

“There’s a lot of discussion about what might happen from a cybersecurity perspective in the 2018 midterms and the 2020 presidential election just following that,” Falkowitz said. “And, as of late, what I’ve been observing is that people are talking about voting machines and some of the infrastructure that’s run on a state-by-state basis. But candidates are increasingly targets for these types of cyber-campaigns, and we’re not doing enough early to get in front of it and we’re likely to see more of this going forward. I think we really only saw the tip of the iceberg.”

_____

More “Bots & Ballots” episodes from Yahoo News: