To William Evanina, director of the U.S. National Counter Intelligence and Security Center, the Equifax breach is more than just a cautionary tale. It’s also a success story about public-private partnerships and intelligence sharing, and it directly speaks to election security and protecting democracy.
In the 2017 cyberattack, Chinese military hackers carried out the largest-ever theft of personally identifiable information by state-sponsored attackers. “That is a counterintelligence activity,” Evanina said, while speaking on an election security panel during CrowdStrike’s virtual Fal.Con event.
“We have to acknowledge what’s happening right now around the globe where nation-state actors are using intelligence services to attack private-sector companies,” Evanina said, adding that U.S. government agencies and private companies should team up, too.
“And that partnership starts not only with intelligence sharing on steroids, but we have to find a happy medium where we can provide due diligence with sharing information but at the same time privacy protection, and protection from regulatory [actions] and sanctions after a company becomes victimized,” he explained. “Being a victim cannot be something that can carry penalties. We have to find a happy medium.”
Intelligence Sharing With Protection
Specific to the 2020 election and beyond, this means the government partnering with social media companies to prevent the spread of misinformation — similar to efforts that these platforms took, in partnership with the public sector, to stop promoting terrorist content and racism on their sites.
“This election cycle, as we partner with Facebook and YouTube and Twitter, all the social media companies … want to help be a solution in protecting our democracy,” Evanina said. “But they also have to be protected somewhere down the road when their constituents that are global might complain. I do think the government needs to speed up and catch up to technology in this space.”
Russian, China, and Iran continue to use social media to spread disinformation meant to influence the election and sew distrust in democracy, Evanina said. This represents a “vulnerability” for democratic elections around the world, he added.
Disinformation Reigns Supreme
“The public, in democratic nations around the world, really don’t understand what disinformation influence looks like and feels like when you see,” Evanina said. “Social media, and the ability to promulgate information expediently on the web, is going to be a big vulnerability for democracies going forward.”
This echoes warnings from other security and election officials. Social media platforms make it very cheap and easy for threat actors to create and spread disinformation, and other nations are taking pages from the Russian playbook about how to use social media to their advantage.
“As early as 2004, state actors begin to realize that this infrastructure is at their disposal as well, and that they can turn the social web into a vast propaganda and disinformation machine,” said Renée DiResta, research manager at Stanford Internet Observatory, in her Black Hat keynote.
Cisco Talos threat researchers spent the past four years investigating election security and published three reports about their investigation. Two of the three focused on disinformation
“The threat actors aren’t just after, or even solely after, the modification of votes,” said Matt Olney, director of Cisco Talos Threat Intelligence. “They’re after the collective faith in the electoral process and in Western democracy in general.”
By Jessica Lyons Hardcastle, October 16, 2020, published on SDX Central