{"id":30400,"date":"2017-02-06T12:30:52","date_gmt":"2017-02-06T01:30:52","guid":{"rendered":"https:\/\/www.aspistrategist.ru\/?p=30400"},"modified":"2017-02-02T16:41:19","modified_gmt":"2017-02-02T05:41:19","slug":"understanding-cyber-threat-defence-response-democracy","status":"publish","type":"post","link":"https:\/\/www.aspistrategist.ru\/understanding-cyber-threat-defence-response-democracy\/","title":{"rendered":"Understanding the cyber threat: defence, response, democracy"},"content":{"rendered":"
<\/figure>\n

As Russia\u2019s campaign to influence the US election falls out of the news cycle, it’s important to maintain a focus on the key lessons from the Democratic National Committee hack in order to understand what could\u2019ve prevented it. The main takeaway is that any actor with enough resources and determination can compromise almost any system using an extraordinary range of tools (see here<\/a>, here<\/a> and here<\/a>). The other is a fundamental change of thinking: total security is currently impossible to obtain and that there\u2019s always a risk of your system being penetrated. With operations and data breaches increasingly being used to embarrass<\/a>, extort<\/a> and influence,<\/a> there are several ways to better understand and manage the risk.<\/p>\n

Nefarious actors waging information operations come from diverse backgrounds and have different agendas, from foreign governments and private enterprise to NGOs and lone actors. And sometimes they\u2019ll \u201cwork\u201d together, like<\/a> when Russian military and domestic intelligence allegedly<\/a> used a fake lone actor (Guccifer 2.0) to leak stolen government information to a real NGO (WikiLeaks). Hacker Andres Sepulveda and his team sold their services<\/a> through private enterprises to political parties across Latin America seeking to infiltrate rivals and manipulate elections. Such examples highlight the complexity of information operations. To establish credibility or plausible deniability, the real mastermind may hide under many layers of intermediaries.<\/p>\n

For those engaged in information warfare, the theft of data is one thing, but it\u2019s getting the information out that\u2019s key<\/a>. For such operations to work effectively<\/a> an adversary needs broad dissemination, acceptance of legitimacy and internalisation by the target audience. This was two-fold in the case of Russia\u2019s influence campaign. First the perpetrators had to gain enough credibility to be picked up by mainstream US media, which was why WikiLeaks was used to get the word out. (A previous dissemination point, a website called DC Leaks<\/a>, was set up in April but failed to gain traction.) WikiLeaks had the profile and produced the veneer of legitimacy needed for mainstream media sites to disseminate to the second audience, the US electorate. Internalisation\u2014when your message or content is voluntarily used by actors within your target audience\u2014occurred<\/a> when Donald Trump used the leaked material during the second presidential debate to threaten Hillary Clinton with jail. The execution of this information loop helped Russia\u2019s preferred candidate get elected. The operation was a success.<\/p>\n

If the majority of media resources and effort go to covering the breach and the scoops found in the leaked data, then the adversary has \u201cwon\u201d because they\u2019ve reshaped the narrative. Government responses are then formed in reaction to the adversary\u2019s information, allowing them to set the parameters of the game. Instead of investigating the source, the FBI chose to investigate the leaked information. It was only a month after the election that the White House ordered a separate investigation<\/a>, which revealed the source as Russian intelligence.<\/p>\n

When faced with information warfare on the scale of the DNC hack<\/a>, focusing on the cause of the breach rather than the dissemination and exploitation of the stolen data is self-defeating. Inviting<\/a> the foreign intelligence service to hack your country again is also counterproductive because it further legitimises the opponent and their narrative.<\/p>\n

So, what to do? In terms of passive defence, network compartmentalisation<\/a> and resiliency-building<\/a> can reduce the amount and quality of data available, so decreasing the value of penetration. Building in network redundancy can also assist by keeping vital parts of the network away from attackers and reducing the time a network is down. Low-tech offset strategies, like using typewriters<\/a> for sensitive communications, can also reduce exposure.<\/p>\n

The other side is active defence. Having well-trained and well-resourced computer emergency response teams is crucial. The quicker they can detect, mitigate and neutralise the hack the less damage it can do in both the cyber and public relations realms. Forensic analysis of intrusions is also crucial in tracing the culprit, who can then be named and shamed to discredit their narrative.<\/p>\n

These efforts are symbiotically attached to the need for much stronger strategic communications. Establishing a coherent, unified platform is crucial to reveal and defeat that narrative. Cyber units and the affected organisation must coordinate and deliver a unified message. The confusion<\/a> around the Australian Census DDoS<\/a> attack is an example of where this could have been applied. Attempts should also be made to create nuanced policies to deal with fake news, with several approaches being tried by countries<\/a> and companies<\/a> alike.<\/p>\n

Discrediting or denying the adversary legitimacy is crucial to minimising the significance of an attack. Part of that relies on seeing the bigger picture and calling out intrusions for what they are. A breach represents a cyber-attack, but if the end goal of that attack is to destabilise an election or compromise an individual, it\u2019s imperative that the scope of the attack be acknowledged transparently. This helps orientate discourse around the true intent of the malevolent actor. If their information can\u2019t build traction, it\u2019ll quickly be left behind as the news cycle moves on.<\/p>\n

Focusing strategic efforts at the dissemination-end of information operations reduces the overall appeal of mounting an attack. A concerted response can form an implied deterrent which doesn\u2019t risk escalation or miscalculation<\/a>. If actors can\u2019t produce the range or scale of effects they seek, their attacks are rendered impotent. With elections in France and Germany imminent it\u2019s crucial we learn from attacks like this to tighten cyber security and protect democratic processes.<\/p>\n","protected":false},"excerpt":{"rendered":"

As Russia\u2019s campaign to influence the US election falls out of the news cycle, it’s important to maintain a focus on the key lessons from the Democratic National Committee hack in order to understand what …<\/p>\n","protected":false},"author":547,"featured_media":30401,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_mi_skip_tracking":false,"footnotes":""},"categories":[1],"tags":[391,106,728,1606,163],"class_list":["post-30400","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-general","tag-cyber","tag-democracy","tag-hacking","tag-presidential-election-2016","tag-russia"],"acf":[],"yoast_head":"\nUnderstanding the cyber threat: defence, response, democracy | The Strategist<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.aspistrategist.ru\/understanding-cyber-threat-defence-response-democracy\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Understanding the cyber threat: defence, response, democracy | The Strategist\" \/>\n<meta property=\"og:description\" content=\"As Russia\u2019s campaign to influence the US election falls out of the news cycle, it’s important to maintain a focus on the key lessons from the Democratic National Committee hack in order to understand what ...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.aspistrategist.ru\/understanding-cyber-threat-defence-response-democracy\/\" \/>\n<meta property=\"og:site_name\" content=\"The Strategist\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/ASPI.org\" \/>\n<meta property=\"article:published_time\" content=\"2017-02-06T01:30:52+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2017-02-02T05:41:19+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2017\/02\/28379867933_f55dc180c9_z.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"640\" \/>\n\t<meta property=\"og:image:height\" content=\"427\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Alexander Vipond\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@ASPI_org\" \/>\n<meta name=\"twitter:site\" content=\"@ASPI_org\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Alexander Vipond\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.aspistrategist.ru\/#website\",\"url\":\"https:\/\/www.aspistrategist.ru\/\",\"name\":\"The Strategist\",\"description\":\"ASPI's analysis and commentary site\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.aspistrategist.ru\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-AU\"},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-AU\",\"@id\":\"https:\/\/www.aspistrategist.ru\/understanding-cyber-threat-defence-response-democracy\/#primaryimage\",\"url\":\"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2017\/02\/28379867933_f55dc180c9_z.jpg\",\"contentUrl\":\"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2017\/02\/28379867933_f55dc180c9_z.jpg\",\"width\":640,\"height\":427},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.aspistrategist.ru\/understanding-cyber-threat-defence-response-democracy\/\",\"url\":\"https:\/\/www.aspistrategist.ru\/understanding-cyber-threat-defence-response-democracy\/\",\"name\":\"Understanding the cyber threat: defence, response, democracy | The Strategist\",\"isPartOf\":{\"@id\":\"https:\/\/www.aspistrategist.ru\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.aspistrategist.ru\/understanding-cyber-threat-defence-response-democracy\/#primaryimage\"},\"datePublished\":\"2017-02-06T01:30:52+00:00\",\"dateModified\":\"2017-02-02T05:41:19+00:00\",\"author\":{\"@id\":\"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/679950d1f5a49362b42191950f2891d0\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.aspistrategist.ru\/understanding-cyber-threat-defence-response-democracy\/#breadcrumb\"},\"inLanguage\":\"en-AU\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.aspistrategist.ru\/understanding-cyber-threat-defence-response-democracy\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.aspistrategist.ru\/understanding-cyber-threat-defence-response-democracy\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.aspistrategist.ru\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Understanding the cyber threat: defence, response, democracy\"}]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/679950d1f5a49362b42191950f2891d0\",\"name\":\"Alexander Vipond\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-AU\",\"@id\":\"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/5f0105e021fadbd2e16e6e2955a0b958?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/5f0105e021fadbd2e16e6e2955a0b958?s=96&d=mm&r=g\",\"caption\":\"Alexander Vipond\"},\"url\":\"https:\/\/www.aspistrategist.ru\/author\/alexander-vipond\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Understanding the cyber threat: defence, response, democracy | The Strategist","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.aspistrategist.ru\/understanding-cyber-threat-defence-response-democracy\/","og_locale":"en_US","og_type":"article","og_title":"Understanding the cyber threat: defence, response, democracy | The Strategist","og_description":"As Russia\u2019s campaign to influence the US election falls out of the news cycle, it’s important to maintain a focus on the key lessons from the Democratic National Committee hack in order to understand what ...","og_url":"https:\/\/www.aspistrategist.ru\/understanding-cyber-threat-defence-response-democracy\/","og_site_name":"The Strategist","article_publisher":"https:\/\/www.facebook.com\/ASPI.org","article_published_time":"2017-02-06T01:30:52+00:00","article_modified_time":"2017-02-02T05:41:19+00:00","og_image":[{"width":640,"height":427,"url":"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2017\/02\/28379867933_f55dc180c9_z.jpg","type":"image\/jpeg"}],"author":"Alexander Vipond","twitter_card":"summary_large_image","twitter_creator":"@ASPI_org","twitter_site":"@ASPI_org","twitter_misc":{"Written by":"Alexander Vipond","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebSite","@id":"https:\/\/www.aspistrategist.ru\/#website","url":"https:\/\/www.aspistrategist.ru\/","name":"The Strategist","description":"ASPI's analysis and commentary site","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.aspistrategist.ru\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-AU"},{"@type":"ImageObject","inLanguage":"en-AU","@id":"https:\/\/www.aspistrategist.ru\/understanding-cyber-threat-defence-response-democracy\/#primaryimage","url":"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2017\/02\/28379867933_f55dc180c9_z.jpg","contentUrl":"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2017\/02\/28379867933_f55dc180c9_z.jpg","width":640,"height":427},{"@type":"WebPage","@id":"https:\/\/www.aspistrategist.ru\/understanding-cyber-threat-defence-response-democracy\/","url":"https:\/\/www.aspistrategist.ru\/understanding-cyber-threat-defence-response-democracy\/","name":"Understanding the cyber threat: defence, response, democracy | The Strategist","isPartOf":{"@id":"https:\/\/www.aspistrategist.ru\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.aspistrategist.ru\/understanding-cyber-threat-defence-response-democracy\/#primaryimage"},"datePublished":"2017-02-06T01:30:52+00:00","dateModified":"2017-02-02T05:41:19+00:00","author":{"@id":"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/679950d1f5a49362b42191950f2891d0"},"breadcrumb":{"@id":"https:\/\/www.aspistrategist.ru\/understanding-cyber-threat-defence-response-democracy\/#breadcrumb"},"inLanguage":"en-AU","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.aspistrategist.ru\/understanding-cyber-threat-defence-response-democracy\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.aspistrategist.ru\/understanding-cyber-threat-defence-response-democracy\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.aspistrategist.ru\/"},{"@type":"ListItem","position":2,"name":"Understanding the cyber threat: defence, response, democracy"}]},{"@type":"Person","@id":"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/679950d1f5a49362b42191950f2891d0","name":"Alexander Vipond","image":{"@type":"ImageObject","inLanguage":"en-AU","@id":"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/5f0105e021fadbd2e16e6e2955a0b958?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/5f0105e021fadbd2e16e6e2955a0b958?s=96&d=mm&r=g","caption":"Alexander Vipond"},"url":"https:\/\/www.aspistrategist.ru\/author\/alexander-vipond\/"}]}},"_links":{"self":[{"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/posts\/30400"}],"collection":[{"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/users\/547"}],"replies":[{"embeddable":true,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/comments?post=30400"}],"version-history":[{"count":1,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/posts\/30400\/revisions"}],"predecessor-version":[{"id":30402,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/posts\/30400\/revisions\/30402"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/media\/30401"}],"wp:attachment":[{"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/media?parent=30400"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/categories?post=30400"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/tags?post=30400"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}