James Thew - Fotolia
The White House has confirmed that the potential for election hacking led to using the special "red phone" to contact Russia eight days before the U.S. presidential election to issue a warning about influencing the process.
The original report said the White House used a secret "hotline"-style message on Oct. 31 to clearly ask Russia to stop any cyberattacks that could undermine the election results. Anonymous White House officials told The Washington Post about the election hacking warning and said the Russian government's response was "noncommittal." Even so, the officials said they hadn't seen an escalation in cyberattacks from Russia leading up to the election.
In a statement to The New York Times, the White House confirmed it had "contacted the Russian government directly regarding malicious cyber activity" that was "targeting U.S. state election-related systems." The White House contacted the Russian government using the Washington-Moscow direct communications link connecting the Nuclear Risk Reduction Centers in both countries.
Cyberattacks attributed to Russia have been so plentiful this year that the White House previously admitted to considering a "proportional response" to the election hacking following attacks on voter registration systems and the Democratic National Committee. These attacks, as well as the breach of Hillary Clinton's campaign chairman John Podesta's email account, were attributed to Russian hacker groups allegedly under orders from the Russian government.
Konstantinos Karagiannis, CTO of security consulting at BT Americas, said via Twitter that the leaks from these attacks likely prompted the warning.
Yes, we warned Russia about election hacking. Yes, they probably had a lot to do with leaks https://t.co/YRJSaBU5Uq— Konstant Karagiannis (@KonstantHacker) November 17, 2016
The Privacy Professor CEO Rebecca Herold said the leaks imply Russia's intent was likely to influence the election rather than perform direct election hacking. However, she said the White House's warning may have been aimed at stopping more leaks in the lead-up to the election.
"It is likely Russia had just as much information, emails and databases from the Republicans as they did for the Democrats [reports indicated the GOP systems were just as weak and vulnerable as the DNC's were], but chose to only release select information about the DNC, Clinton and others, and possibly use it in other ways as well, to influence voters," Herold told SearchSecurity via email.
FBI Director James Comey said in September that state voter registration systems had been targeted by malicious actors, and the Department of Homeland Security offered to help states to make sure systems were protected against potential election hacking. However, Comey also assured the public that the presidential election itself would be "very, very hard for someone to hack into because it's so clunky and dispersed."
Herold agreed that the hacking of any election systems was unlikely, but Russia's attacks on voter registration databases would have provided "such things as voting histories, political group memberships, cause group memberships, addresses, polling and survey results, etc."
"It is feasible for such data to be run through big data analytics to determine the topics for which the voting population groups would have the most concerns, and thus, the topics and/or specific types of hacked information that could be publicized with regard to each of the candidates to potentially help sway the voters to switch votes to the other candidate, or to even kill their motivation to even vote at all," Herold said. "If Russia had such data and wanted to use it to try and make one candidate look bad, the other good, etc., that is how they would be viewed as influencing, or 'hacking' the election."
Get info on the president-elect being silent on cybersecurity