US, Israeli, EU elections – is West ready to defend its cybersphere?
Around three years after Russia hacked the US presidential 2016 elections, there are still cyber vulnerabilities at the highest levels for countries like Israel, the US and within the EU.
By YONAH JEREMY BOB
It was late March with only weeks until the April 9 Israeli election.There was Blue and White Party leader Benny Gantz, one minute skyrocketing in the polls and the next minute slamming into a ceiling and squandering momentum following losing control of an interview with Channel 12’s Yonit Levy. (Gantz ended up repeating the word “Yonit” several times, until he could figure out how to respond to the embarrassing line of questioning.)Putting aside the particular question, the whole situation started going badly for Gantz when it was revealed that his personal cellphone had been hacked by Iran.That’s right, around three years after Russia hacked the US presidential 2016 elections, there are still cyber vulnerabilities at the highest levels for countries like Israel, the US and within the EU.The positive secondary impact of Russia’s 2016 election hacking was that countries across the globe and giant social media platforms were finally shocked into starting a cyber defense revolution.Not that there were not dangers before and that there was not a campaign to increase cyber security.As early as 2008, Russia used cyber warfare against Georgia on a grand scale to bring much of the country’s government institutions to a halt.And cyber security has been a hot item in the business sector for the better part of a decade.But it has been a long slog and 2016 was a tipping point when Western governments realized that the tools of cyber aggressors like Russia were light years beyond their cyber defense capabilities, especially in deflecting social media influence operations.Every country went into crisis mode, establishing new cyber commands, new regulations, passing or developing new cyber legal frameworks and placing new requirements or limitations on the powers of social media giants like Facebook.
Facebook and others also earned so much awful press and investigations from the 2016 election that they started to alter their very business models to make combating abuse of their platforms by foreign powers a priority, even if it has remained a lower priority than selling ads.YET AT the same time that these advances have been made, cyber aggressors have not remained static.The threats and hacking tools that powers like Russia can employ, as well as second-tier threats like Iran, North Korea, Hezbollah and Hamas, have substantially advanced as well. There are also continued reports of more and more foreign countries using NSA and CIA cyber tools they stole to interfere and hack.Add to that some debate whether in certain areas, there has been some back-tracking.For example, the US cyber command has had some key unfilled positions, including the deputy chief spot from March until late May.Some of the unfilled top cyber spots in the US may stem from the conflict US President Donald Trump has with the topic of Russia’s hacking of the 2016 election, while others may relate to efforts by US National Security Adviser John Bolton to consolidate the US’s cyber apparatus.In Israel, some political parties activated their own networks of bots – paid users who were fakely presented as “nonpartisan.” This may not be as bad as foreign influence campaigns, but it can be highly damaging to a country’s political discourse.Moreover, the Shin Bet (Israel Security Agency) and Israel National Cyber Directorate seem better than anyone else at fending off hacks of government agencies, but they are still not empowered to preemptively protect the cellphone of prime ministerial candidates like Gantz.So have the US, Israel, the EU and others gotten to where they need to be to deflect not only the cyber threats of the past, but also the cyber threats on the horizon?Former Obama administration cyber czar Michael Daniel told the Magazine that he believes “the US (and other countries, such as Israel) are better prepared than in 2016 to deal with threats to elections and the electoral infrastructure.”“The increase in awareness, the investments in cybersecurity and the priority placed on the issue make most countries more capable of dealing with threats than in previous years,” said Daniel, who currently is the president of the Cyber Threat Alliance.He said, “In almost every critical infrastructure sector, the first step in improving cybersecurity was raising awareness; the same is true with the electoral infrastructure sector. Within the US, officials at both the federal and state/local level have invested considerable time and money in improving security and those investments will make a difference.”But Daniel is not naïve and does not see just the rosy side of the picture.He said his optimism about some trends “is not the same as saying that we are fully or adequately prepared for all the threats we face with respect to elections.”“Our adversaries will have improved their techniques since 2016 and we will face more of them. We have not yet come up with effective countermeasures to fake news and influence ops... but that’s not really surprising, since we haven’t come up with good solutions for all the bad information out there on the Internet in general.”Daniel agreed with an assessment by the Magazine. “Many countries haven’t decided how to provide cybersecurity expertise to political campaigns. So we still have more work to do. Election cybersecurity will function like all other areas of cybersecurity – we will never be ‘done.’ We won’t achieve perfect security, instead, we will have to manage risk and drive the risk down to a tolerable level.“Such risk management will require continued, sustained investment in cybersecurity across the board.”The former Obama cyber czar said he distinguished “between the electoral infrastructure [the systems used to conduct elections from beginning to end – registering voters, casting ballots, counting ballots, reporting results, certifying results, etc.] and information operations designed to influence how people vote.“The first is clearly a cybersecurity problem. The second is not, at least in terms of how the US tends to define cybersecurity,” though he said it was also “a very important issue.”Former IDF cyber intelligence officer and current Siemplify CEO Amos Stern explained that one reason cyber aggressors’ social media campaigns are so hard to stop is that “it is inherently against the core of these social media platforms to sensor and monitor behavior, and it is very difficult to identify what is legitimate debate and what are fake and manipulative uses to affect certain demographics.”The former IDF cyber intelligence officer said, “Social media influencing campaigns are more probable than directly hacking into government agencies” to cause damage to Western countries’ elections.“They are much easier to pull off and have higher impact on elections,” noting that often such influence campaigns do not obviously violate any specific existing laws.On the other hand, hacking into specific personal devices of individual candidates is relatively easy for adversaries (especially nation-states), and they likely do not have the same protection level as acting officials.But less than two months after Gantz’s cellphone was hacked by Iran or some other cyber aggressor, he said, “Candidates and their parties should take special care and expect that there is a very high chance that there will be attempts to access their devices and accounts” to “find information that can be used” to “derail their campaign by putting them in a bad light.”Stern noted that Hillary Clinton’s 2016 presidential campaign was vulnerable not only because of her communications, but because of both campaign aides and even former campaign aides.Former and founding Israeli National Cyber Security Authority director Buky Carmeli said that there was no such thing as being “ready enough” for Israel and the West, but that they have developed “many tools and technical” abilities to reduce the surface area of vulnerabilities and to erect cyber fences around the remaining vulnerabilities.Carmeli also distinguished between the broad threat of cyber influence campaigns to try to manipulate voters versus the multiple areas where cyber aggressors can actually try to hack election-related systems.He said that the main areas that could be hacked were those which could impact the ability to hold elections logistically, hacking the tallying of the votes or hacking the reporting of the final results of the votes in real time.The former Israeli cyber czar expressed confidence that Western governments’ abilities to defend their elections are overall tougher today, even relative to the newer threats, than they were in 2016.There are other cyber experts who are still warning of cyber Armageddon at any moment, and none of the above experts treat the cyber challenge to holding elections lightly.Yet in the broadest sense, their cumulative views are that even as hacking of figures like Gantz and Clinton will continue, the impact of those hacks may be reduced as the system continues to strengthen.