lolloj - Fotolia
In this week's Risk & Repeat podcast, SearchSecurity editors discuss former FBI Director James Comey's testimony on election hacking and election interference from Russia.
Former FBI Director James Comey made his highly anticipated appearance before Congress Thursday, and he took the opportunity to issue a stern warning about election hacking efforts from Russia.
"They're coming after America," Comey said during his testimony before the Senate Intelligence Committee on Russian interference in the 2016 presidential election. "[W]e're talking about a foreign government that, using technical intrusion, lots of other methods, tried to shape the way we think, we vote [and] we act. That is a big deal. And people need to recognize it."
Comey, who was fired by President Donald Trump in a controversial move last month, also said Russian hackers hit hundreds of targets, from local governments to nonprofits and nongovernmental organizations. He described how Russian threat actors conducted a massive spear phishing campaign, which started in 2015 and ramped up considerably last year.
The former FBI director emphasized that he saw no indication that the election hacking efforts resulted in any altered votes. Still, Comey warned that the Russian government isn't finished, and that the U.S. government should prepare itself for more election hacking attempts.
"The Russians interfered in our election during the 2016 cycle. They did it with purpose. They did it with sophistication. They did it with overwhelming technical efforts. And it was an active-measures campaign driven from the top of that government," Comey said. "They'll be back."
In this episode of the Risk & Repeat podcast, editors Rob Wright and Peter Loshin discuss Comey's testimony on election interference, what it means for the investigation into Russian hacking and the vulnerability of the U.S. election infrastructure to cyberattacks.
Risk & Repeat: Shadow Brokers launch subscription service for zero-day exploits
Risk & Repeat: GDPR compliance looming over enterprises
Risk & Repeat: How EternalBlue fueled the vulnerability disclosure debate