Computers. Hackers. Cyber networks.
These are all terms that have been thrown around with increasing anger and fear, especially as the United States is experiencing a frightening increase in the frequency of cyberattacks carried out by foreign hackers. But little is known about the real implications of these hacks and the dangerous potential it has moving forward.
Most recently, the U.S. Department of Energy confirmed that it was breached by the Sunburst Hack in a supply-chain attack, which, as of January 5, has been attributed to Russian hacker groups like APT29 (also known as CozyBear). More than 18,000 customers installed malware in an update for the popular software, Orion, unknown to its creator, the Texas-based SolarWinds company. Orion is an IT management software used by businesses, labs, and organizations to scale, manage networks, and analyze data on one platform. It is able to be deployed on other platforms too, one of which is the prominent Microsoft Azure, one of the best public cloud computing platforms on the market. Orion is used by nearly all the Fortune 500 companies, including the New York Times, Boeing, and Los Alamos National Laboratory where Nuclear Weapons are designed.
According to the Cybersecurity and Infrastructure Agency, this breach was “highly complex and challenging,” damaging “critical infrastructure” and posing a great threat to the national security of the country. And all it took was for the hackers to inject a snippet of code into the software installation, giving them access to confidential information in companies and government agencies for months. Upon downloading updates, SolarWinds’ customers unknowingly installed malicious software, and were being monitored by the attackers since March, giving them well over eight months to collect confidential information. Even after the attack was identified, exactly who was affected and what information was stolen remains ambiguous.
Of the 18,000 users who installed the malware, Microsoft’s antivirus software identified nearly 40 of its customers who were specifically targeted in the attack, including government agencies, companies and think tanks. Federal agencies and cabinet branches like the U.S. Department of the Treasury and the Departments of Homeland Security, State, Defense and Commerce were all attacked.
Although there is no evidence indicating intention of causing direct real-world damage, Microsoft’s president Brad Smith noted that the attack was “remarkable for its scope, sophistication and impact,” and that it “represents an act of recklessness that created a serious technological vulnerability for the United States and the world.”
The Disintegration of American Democracy
In recent years, the growing prominence of cyberattacks has been extremely effective in inciting widespread chaos and sowing deep-seeded distrust in American democracy. Some of the largest targets of political cyberattacks are U.S. government agencies that deal with information pertaining to U.S. elections.
In the 2016 U.S. Presidential Election, many groups of Russian hackers “probed state voter databases for insecurities” and hacked into the Clinton campaign, the Democratic Congressional Campaign Committee and several other key government groups. As confirmed by the U.S. intelligence community and supported by then-Special Counsel Robert Mueller, the 2016 cyber attacks aimed to “damage the Clinton campaign” and boost the Trump campaign while sowing chaos into the American democracy.
However, while Time reports that the Russians did “target voter registration systems or state websites in at least 21 states,” and stole hundreds of thousands of voters’ personal information, they did not alter the actual vote count or election infrastructure. Though no votes were directly changed, the U.S. Senate Intelligence Committee’s report said that the Russians “were able to gain access to restricted elements of election infrastructure” and “were in a position to, at a minimum, alter or delete voter registration data.”
According to the Brookings Institution, despite possibly having the technical ability to alter votes, it is unlikely that Russia or other countries like China and Iran have done so yet, likely in the interest of maintaining political amity. According to experts, they are instead more likely seeking to spread disinformation and indirectly feed into the distrust and polarization among Americans, which could even be more detrimental than altering the outcome of the actual election. Through disinformation, hackers have managed to shake the fundamental backbone of American democracy, causing citizens’ trust in the government to decline to below 20%. For Russia, the accumulation of information is a continual threat to the United States and a demonstration of the country’s growing power and increased cyber capabilities.
From fabricating conspiracies like “Pizzagate” to spreading false news about election rigging, U.S. citizens’ confidence in the election system has turned on its head by indirect online cyberattacks that go largely unregulated by law. According to Director of Strategic Threat at Darktrace Marcus Fowler, who spent 15 years at the CIA developing global cyber operations, adversaries have learned to use disinformation with surgical precision that allows hackers to “focus on a single issue, such as sowing doubt about the validity of the U.S. elections, raising assertions about the possibility of widespread election fraud, and suggesting that some methods of voting may be corrupt.” Additionally, the effects of disinformation are further exacerbated by the polarizing bubbles formed by social media exposure, limiting users’ exposure to those of similar beliefs.
Ultimately, American democracy is nothing without voters’ faith in it and a secure system is pointless if citizens lose the confidence to participate in it. By inciting chaos through seemingly harmless cyberattacks, the hackers would be achieving their goal without even directly altering votes. As such, rebuilding trust in the election system must be of utmost priority because the best offense on the part of citizens is informed participation.
The Physical Danger of Cyberattacks
For now, cyberattacks seem to be entrenched in espionage and the political fight for confidential information, but it is critical to remember that these attacks have the potential to become a much more tangible threat in the new era of technological warfare. For example, the U.S. Department of Energy is responsible for managing nuclear weapons and has control over some of the deadliest weapons in the world. The breach on that department could have potentially devolved into an increasingly dangerous situation.
Cyberattacks also pose a threat to the safety of innocent civilians if utilized recklessly, as seen during the COVID-19 pandemic. As early as March 2020, cyberattackers targeted hospitals and public health authorities like the World Health Organization. Prominent companies involved in COVID-19 vaccine research have also been impacted by hackers from the Russian hacker group, Strontium, and North Korean groups, Zinc and Cerium. Cybersecurity breaches of hospitals are often ransomware attacks, where hackers “encrypt data and hold it hostage until the victim pays a ransom,” which creates a delay of access to critical patient information. This delay can impede timely treatment, which in September, resulted in the “first known death from a cyberattack.” In a matter of nanoseconds, cyberattacks can undermine the treatment of thousands of hospitals across the world. On a larger scale, these hacks could pose serious threats to the backbone of the entire healthcare system, potentially costing countless lives.
Ultimately, there is an extremely long road ahead for cybersecurity developments. This may be only the start of a much longer cyber-arms race which has the potential to pose threats even greater than the traditional arms race. Thus, improving cybersecurity is imperative, but the topic must be strategically addressed to avoid deterring confidence in the election system.
With the 2020 presidential election now over and a new administration in office, the best time to thoroughly address cybersecurity improvements may be between now and the next major election when critical discussion about the matter will not impulsively dissuade voter confidence. Although education and discourse around these topics are imperative, it’s also important to ensure that cybersecurity concerns do not deter voters amidst the high strung tensions of elections.
Strengthening cybersecurity and educating the public will be crucial to ensuring the safety of the nation, preserving American democracy, and paving the way for greater cyberattack prevention as we enter a new era of technological warfare.