Can hackers sway public opinion with DNC and NSA leaks?
When Edward Snowden fled his job at the National Security Agency to publicly leak details of US surveillance programs, it may have seemed unlikely that American adversaries would replicate听his whistleblowing tactics.
But with confidential Democratic National Committee emails and a stockpile of what appear to be top secret NSA hacking tools surfacing online in the past month, cybersecurity experts increasingly suspect that the Kremlin has borrowed from听Mr. Snowden鈥檚 playbook in a bid to manipulate public opinion.听
"Putin loves to torment the US," said Tom Kellermann, chief executive at Strategic Cyber Ventures. But in this case, he said,听鈥渢here鈥檚 no way [the US] can condemn Russia for distributing an arsenal of military-grade cyberweapons on the streets of cyberspace."
If the Obama administration did accuse Moscow, he said, it would not only acknowledge that its clandestine cyberoperations were compromised but that it withheld information about serious computer vulnerabilities from US corporations.
"It鈥檚 obvious that a foreign intelligence gathering operation leaked this information to humiliate the US government," said Kellermann.
The group calling itself the Shadow Brokers, which leaked the cache of likely NSA hacking tools, remains anonymous after last week鈥檚 dump. Moscow has also denied involvement in the DNC hack.
But with the听US and Russia increasingly at loggerheads around the world, experts say the successive leaks bear the hallmarks of a Kremlin intelligence operation. This time, however, they say Russian spies are taking advantage of the听internet's reach to undermine their American adversaries.
If the trove of DNC emails leaked on the antisecrecy site WikiLeaks last month originated in Russian hands 鈥撎齛s experts believe 鈥撎齣t could be one of the first known state-backed digital attacks intended to manipulate a US presidential election. The hack even led Secretary of Homeland Security Jeh Johnson to admit that his agency is considering ideas to bolster cybersecurity protections for voting ahead of the November election.
And as the US government reportedly听 against Moscow for the DNC hack, experts say听the disclosures of purported NSA malware may shift some of the public's focus听away from Russia and toward the NSA's apparent use of software vulnerabilities in widely used business products.听听
"This is just an effort to confuse the issue," says James Lewis, a senior fellow at the Center for Strategic and International Studies, a Washington think tank. "If they think the US is going to come out and blame [Russia鈥檚 federal security service] for the DNC hack, they鈥檙e going to want to deflect attention and remind people they should be mad at the NSA."
Though the NSA dump has not engendered Snowden-like public controversy, the leaks听exposed serious vulnerabilities in consumer firewall products that left security companies such as Cisco, Juniper, and Fortinet scrambling to patch their software, fearing retaliation from rogue criminal hackers who may have obtained the exploits.
Last week, British security researcher Mustafa Al-Bassam used a software exploit contained in the leak to extract passwords from Cisco virtual private networks, and the company that they weren鈥檛 notified of the vulnerability beforehand.
So whether or not the Shadow Brokers intended for it, the leak seems to have reinvigorated a debate over the White House's oft-used protocol for disclosing software vulnerabilities used by the US intelligence community to vendors. That could impact the US government鈥檚 position in domestic cybersecurity debates just months after the FBI鈥檚 controversial decision to purchase a software exploit to unlock an iPhone belonging to the San Bernardino, Calif. shooter.
"There鈥檚 this belief that the US is a wicked hegemon that seeks to control the world," says CSIS鈥檚 Mr. Lewis. "The Russians think they鈥檙e fighting against western information hegemony."
If Moscow is trying to make that case, they have more tools to do it than ever before. Russia Today (RT), a television network funded by the Kremlin, boasts a large global audience and has for criticism of the West.听In January, however, British regulators sided with the BBC after the network complained about unfair treatment in an RT program. The program called The Truthseeker said the BBC staged a chemical weapons attack for a report about the Syrian war and edited an interview to misinterpret comments from a source. But Ofcom, the British regulator, said RT treated the BBC unfairly by not giving the broadcaster the opportunity to respond before the program aired.
Information also appears to figure into Moscow's foreign policy. Russia鈥檚 latest military doctrine,听, describes the use of information warfare to cause political upheaval.
"The first entree into cyberconflict isn鈥檛 physical destruction," says Matthew Devost,听President of FusionX, a cybersecurity and risk management company. "If an airplane with 200 people falls out of the sky, it鈥檚 very easy to determine our response. But with the DNC hack, the impact isn鈥檛 as tangible."
Though efforts to limit cybersecurity espionage made progress last year after the US and China agreed to curb听digitally-enabled theft of economic secrets and a United Nations committee focused on disarmament issues approved a report that applies portions of the UN charter to cyberspace in November, cybersecurity experts worry those steps would do little to halt the growing wave of damaging leaks.
"No international framework or statement matters here. The only thing that matters is what the concrete reaction is here by the US government," says Thomas Rid, a professor at Kings鈥 College London. "We have to ask ourselves, do we want this operation to set the de facto precedent which others may then try to emulate?"
This story was updated after publication to add new information. It was also corrected to accurately characterize a dispute between the BBC and RT. The case was a regulatory matter.
听
