At RealClearPolitics Charles Lipson outlines what we know about Russia’s cyber-espionage with respect to the 2016 elections:
- According to U. S. intelligence agencies Russia engaged in widespread cyber-espionage.
- The objective of the cyber-espionage was to acquire “secret information” from political operatives.
- Disclosures hurt Hillary Clinton, not Donald Trump.
- There is no consensus about Russian intentions.
and calls for a bipartisan commission to investigate Russia’s hacking, a view that I fully endorse.
Read the whole thing. An important observation from Dr. Lipson: “There is zero evidence they changed any vote counts.”
Over the last 15 years, I have thought that every security breach of a private company, government agency, or data theft due to large pools of easily accessible data would be the catalyst for a cyber security evolution, but it has yet to occur. Stronger passwords and two-form factor logon credentials are the solution to keep the bad guys from getting into the systems.
Security is a pain in the ass. Physical security is bad, but cyber security is worse. Anybody who has to use keycards knows that you are not supposed to “tailgate”. Everybody is supposed to let the door close, and then, each person uses his/her keycard to open the door. With a large group, this is time consuming, and it is easier to just all go through at once.
From what I know, the DNC and John Podesta emails do not have anything illegal, but the participants would rather the contents not have been made public. I still contend that this was the primary reason for Hillary Clinton’s private email server. It makes it easier to keep private email private.
The problem was that the governmental email system was secure but inconvenient, and contrary to some opinions, Hillary Clinton is a human being. As such, she does not like being inconvenienced, and the solution was to transfer documents and information from a secure system to an insecure system.
There are ample reasons to hate on Hillary Clinton, and she should probably be locked-up for any number of things. But, the truth is that she was not doing anything different than most people would do if they could. I refer back to “tailgating”, and I will note that it is so widespread that it has a name.
Until the only networks connected to the internet are those that are mission critical, nothing will change, and in those cases, there should be a physically separate network (workstation – monitor, keyboard, mouse, no USB, locked down). Internal networks should be compartmentalized. These act as firewalls or firebreaks when a security breach does occur limiting the damage, but they are a pain in the ass.
Whether it is the Russians, Chinese, or a teenager cyber joyriding, nobody is concerned about the actual security breaches. What are the solutions being proposed to a Russian security breach, or as Sen. McCain says an act of war? Does the US restart the Cold War, skip to a Hot War, begin a Cyber War, file a complaint with whatever alphabet world organization the US files complaints with when other countries treat the US like toilet paper, begin a clandestine or undeclared Cyber Cold War, sing Kumbaya, nothing, anything?
If Russia has perpetrated an act of war against, the US needs a President who is not afraid to retaliate with the most severe means available, and I was informed by the most knowledgeable foreign policy expert (if you cannot trust a famous fiction writer, who can you trust) that President Trump is apt to start a nuclear war. If the commie bastards want to elect the crazy man, so be it. Their demise is on them.
Now about the Chinese acts of war, I do not recall Sen. McCain getting overly worked up about either his or President Obama’s 2008 campaigns being hacked.
Obama, McCain computers ‘hacked’ during election campaign
More on the 2008 election:
Chinese hacked Obama, McCain campaigns, took internal documents, officials say
Oh wait, that was in 2013. I forgot that is ancient history. My bad. I am tossing it down the memory hole.
I need my rolled-up newspaper. “Bad Russians. Bad Russians. Why can’t you be more like the Chinese?”
I think that the greatest issues are that security is an attitude and a process. It’s not just a matter of putting a lock on it, walking away, and forgetting about it.
I can’t tell you how many times I’ve told my bank “This incident is a potential security breach; you have a process that you’re supposed to follow under these circumstances; follow it.” If they started following their own policies, we’d start seeing changes but, clearly, they don’t. It’s just too much trouble or it’s rocking the boat so they don’t follow the policy. So they’re not aware of how insecure they are.