Today’s US reactions to Russia’s alleged hacker support for the Republican election campaign show us how NOT to counter a cyber attack campaign.
- Don’t reveal you know you’ve been attacked.
- Don’t tell anybody that you know how it was done.
- Don’t identify the organisations involved, especially if they’re operating on your own soil.
- Don’t tell anybody how successful the attacks were.
- Don’t threaten any sort of retaliation.
There’s nothing mysterious about these five principles – just common sense.
When dealing with cyber crime, there are two more:
- Find and freeze the money so it can be returned to the victims.
- Work out whether taking the criminals to court is likely to gain a conviction, and if “Yes” whether that’s worth risking compromising your security systems, which need to continue being effective to counter all the other cyber criminals.
But no money was stolen. And it’s doubtful if any of the alleged hacks stole information of US national security importance.
It also seems highly unlikely that the outcome of the US election was influenced.
This last point returns us back to the beginning of this laughable but serious business; that allegations of Russian political hacking were made long before there could possibly have been any evidence to support the accusation. Cycling back through the five principles above, this really doesn’t seem like it should be taken seriously.
Instead, it seems that the USA has unmasked its state cyber warfare capability in order to do what exactly – prevent further political cyber-interference by Russian, of the Trump Administration? Does this seem likely? Could the Russians do this? Would they want to?
Or as it seemed with the Hilary email investigation saga, is the FBI just making noises? I’m baffled as to why. Or rather, let’s just say this is all so stupid I’m baffled full stop.
#russianhacking #electionfraud #cyberwar #russia