- Teacher caught on video in racist rant put on leave without pay Tuesday 5:44 PM
- Pornhub pulls Girls Do Porn videos amid sex trafficking charges Tuesday 4:49 PM
- Gina Rodriguez sings N-word on Instagram story Tuesday 4:41 PM
- Trump Jr. mocked for Hunter Biden tweet about profiting from dad’s name Tuesday 3:58 PM
- All the holiday movies and shows coming to Netflix in 2019 Tuesday 3:48 PM
- Smoke ’em, pass ’em Week 7: The QB blues Tuesday 3:29 PM
- Microsoft developing voice filters to block ‘toxic’ users on Xbox Live Tuesday 3:27 PM
- Jennifer Aniston already has 2 million followers on Instagram Tuesday 3:25 PM
- Why facials oils are a must for your winter skincare routine Tuesday 3:20 PM
- Father of mega-popular Ace Family YouTube channel accused of rape Tuesday 1:59 PM
- This Italian town ‘banned’ Google Maps after people kept getting lost Tuesday 1:31 PM
- Fornite emerges from black hole with Chapter 2 Tuesday 1:21 PM
- Everything Google announced at today’s Pixel event Tuesday 1:12 PM
- Netflix sued over line about interrogation technique in ‘When They See Us’ Tuesday 12:52 PM
- Twitch streamer says racist trolls got her banned for ‘suggestive’ outfit Tuesday 12:47 PM
When the hell are we going to know, with absolute certainty, who hacked the Democrats? And what are Americans going to do about it?
More and more fingers are pointing to Moscow as American authorities mull a government reaction. But many experts say that certainty is extremely difficult to come by when it comes to cyberattacks at the highest level.
“I think there’s a disconnect between the rhetoric and what people assume is possible because of Hollywood and CSI,” Chris Finan, a former director of cybersecurity legislation in the Obama administration, told the Daily Dot.
“The reality is, it’s messy and hard,” Finan, now CEO of the security firm Manifold Technology, said. “You’re playing poker, you’re often guessing based on probabilities. You can make great guesses, there are really good poker players. But you’re often guessing.”
Finan described the process of combing through forensic evidence—the guts of the hack including potentially many millions of files—and comparing it to previous malware. But nothing is so simple as it seems.
“If the guys are really good, they’re not leaving much evidence or they’re leaving evidence to throw you off the scent entirely. Those are known as false flag operations.” Finan continues:
If they’re a really high end intelligence service, they could route their attack through China and somebody might think the attack emanated from China where it in fact came from somewhere else. But they made it look Chinese.
It’s some combination of the forensic evidence coupled with some other information, like human intelligence or signals intelligence, like an intercept or a phone call where someone directed somebody to do this hack. You want some other intel source that corroborates the forensic evidence.
But the ones who are really good at it, it’s hard to know they’re even there. And they’re there for years.
“Frankly, the idiots that immediately think about just retaliating in kind in cyberspace aren’t thinking very creatively or critically about how you do deterrence or how you send signals or how you make people feel pain,” Finan argued.
Attribution is hard—that’s your disadvantage as a defender but your advantage once you go on the offense. Telegraphing an attack in advance is asking for failure.
“Why would you want to send a signal in a space where stealth is your biggest advantage?” Finan said. “Whereas sanctioning the head of the FSB and GRU [Russia’s intelligence agencies widely thought to be involved in the DNC hacking], that’s pain, and it sends a really crisp signal.”
The American response is a potential political minefield if it appears to be trying to help Hillary Clinton be elected president. That appears less and less likely today as more Republicans are calling for action. But in that sense, retaliation becomes a political decision.
“Some people say it’s in the DNC’s interest to focus on the act and not the content [of the breach],” Finan said.
“My response is, do you really think the DNC is the only political party hacked? Look at the glass house you’re living in before you start throwing rocks.”
Patrick Howell O'Neill is a notable cybersecurity reporter whose work has focused on the dark net, national security, and law enforcement. A former senior writer at the Daily Dot, O'Neill joined CyberScoop in October 2016. I am a cybersecurity journalist at CyberScoop. I cover the security industry, national security and law enforcement.