This article increases awareness for organizations seeking to enhance their security posture regarding three aspects of digital risk exploited by Russia as part of its larger effort to influence the 2016 U.S. election process.
Digital opportunism is playing an unprecedented role in the global virtual battlefront for political gain, as outlined in the declassified report released on 06 Jan 2017 on Russian influence in the 2016 U.S. election process. If our adversaries are using cyber means as part of a multifaceted campaign for political influence, then they will likely seek to leverage cyber means for other competitive advantages as well including economic, innovation, and market share. Here are three things to ‘bear’ in mind as this cyber war of influence unfolds:
- Spear phishing played a starring role in Russia’s influence campaign. Russian cyber operators breached the Democratic National Committee (DNC) network in 2015 and in 2016 with highly targeted spear phishing campaigns, according to a 29 Dec 2016 U.S. government Joint Analysis Report. The exfiltrated information from multiple senior party members was subsequently leaked. Organizations that have a strategic response plan and train their workforce to guard against spear phishing attacks will be better postured against this threat.
- Fake news and propaganda extends the virtual battlespace surface that organizations must defend. In the Russian campaign, a government funded propaganda machine fed a steady stream of Kremlin messaging to audiences worldwide. Fake news attacks and propaganda typically originate outside of an organization’s firewall, coming from tweets, wikis, digital images, etc. Organizations that have a formal external threat monitoring effort in place will be better postured to mitigate digital risk to their stock price, reputation, and brand in the event of a fake news or propaganda attack.
- Brand defacement (aka digital swiftboating) can play a pivotal role in a cyber influence campaign. The declassified report emphasized that likely Russian government-backed trolls disparaged Sen. Clinton with accusations and repeatedly highlighted her potential involvement in scandals. In a matter of minutes, trolls can aggressively spread disinformation via Twitter, YouTube, Wikipedia, etc. Organizations that have a strategic plan in place for responding to a targeted brand defacement attack will be better positioned to protect their brand from the short and long-term consequences of a negative cyber influence campaign.
Strategic mitigation and responses for spear phishing, fake news and propaganda, and brand defacement attacks should be incorporated into an organization’s computer security plan for combatting cyber warfare influence.