Featured

How 2020 Presidential Candidates Can Guard Against Cyberattacks


The 2016 presidential election witnessed unprecedented Russian cyberattacks and disinformation campaigns designed to disrupt the U.S. electoral system by influencing public opinion. The Russian goal is intended to destabilize the U.S.  through ideological activism, advancing their interest and further their political agenda. Their methods compromised computer systems of candidates and political parties using the exfiltrated data to spread disinformation and influence presidential elections.

On January 6, 2017, the U.S. Director of National Intelligence released a declassified report “Assessing Russian Activities and Intentions in Recent U.S. Elections.” According to the report, Vladimir Putin ordered a massive campaign orchestrating attacks from multiple fronts that involved spreading pro-Trump propaganda on social media to hacking the Democratic National Committee (DNC). Their methods resulted in massive data breaches within the DNC that included access to John Podesta's email from his Gmail account. Russian trolls began spreading falsehoods, conspiracy theories, and controversies to create a cloud of scandal around Hillary Clinton’s presidential campaign.

On April 18, 2019, the U.S. Department of Justice released a redacted version of Special Counsel Robert Mueller’s report on “The Investigation Into Russian Interference In The 2016 Presidential Election”.  The report details how the Russian government interfered with the 2016 presidential election in “sweeping and systematic fashion.”  According to the report, the Russian government’s Internet Research Agency (IRA) based in St. Petersburg, Russia executed a social media campaign designed to “provoke and amplify political discord in the United States.” Moreover, the report details how the IRA began to support then-presidential candidate Trump using social media to sow the discord in the U.S. political system through “Information Warfare.”

The Russian Playbook 

With the global game of information warfare afoot, various independent researchers have found a host of adversarial state-sponsored cyberattack operations conducting disinformation campaigns and hacking to influence political discord in the U.S. These countries include not only Russia who succeeded but China, Israel, Saudi Arabia, North Korea, United Arab Emirates, Venezuela, and Iran.

Influencing the political system of another country is nothing new, but security professionals world-wide have been warning of the dangers caused by lapses in information security for years in today’s cyber world.

Federal Election Laws and Political Headwinds

Current federal laws prohibit presidential candidates from obtaining the necessary tools and techniques from various corporations. The Federal Election Commission (FEC) prohibits corporations from offering free or discounted cybersecurity services to presidential candidates. Political parties are prohibited from providing these services because it is considered a non-monetary donation.

In a profound example of the political discord sowed from the 2016 election interference, the sharp partisan division prevented reform of the FEC laws allowing more significant cybersecurity assistance to candidates. Senator Ron Wyden introduced such a bill; however, Senate leader Mitch McConnell blocked the bill from a vote on the Senate floor.

The 2020 presidential campaigns reflect the need to have cybersecurity expertise available, but that is unlikely. Current candidates running for election do not have the knowledge needed to thwart sophisticated disinformation campaigns by implementing new defenses to block hackers. What is at stake to prevent the sophistication of state-sponsored cyberattacks requires the minimum of hundreds of thousands of dollars necessary to invest in cybersecurity. The candidates themselves cannot afford outside experts to implement such services during their campaigns that last less than two years in each election cycle.

Without a doubt, presidential candidates and other political candidates involved in congressional, state and local elections are the most targeted by domestic and state-sponsored attacks in the world. Congress and state legislatures are under pressure to address this, and the FEC laws were enacted to prevent corporations and other for-profit or non-profit entities from influencing an election.

The Road Ahead

Cybersecurity has become modern-day technology to shield against election information warfare and physical violence. These cyberattacks present a dangerous threat to global democracies since it had been proven to affect election results. Profound examples include the 2016 U.S. presidential election, the 2019 elections in Indonesia and Ukraine illustrates these threats.

Traditionally and one can argue the corporate world, cybersecurity has been a lower priority for political candidates running for office. The U.S. presidential candidates are too busy raising money to fund for hiring staff, procuring offices, lobby for endorsements, and fund the high expense of travel. It often comes down to using campaign donations to either fund a media ad or using it to invest in a robust security system.

Security Awareness Training

Awareness is an essential fundamental requirement as most political candidates have staff with limited knowledge of proper cybersecurity protocols. The Russian attacks were for the most part low-tech engaging in disinformation (propaganda) campaigns, sending spearfishing attacks against political committee organizations to relinquish their passwords. Many fell victim by Russian spearfishing attacks among other exploits.

Cybersecurity training must be mandatory to prevent such attacks from occurring in addition to technologies such as two-factor authentication and encryption. Even with the best efforts, political candidates can muster, there isn’t enough money to deploy the best security infrastructure. Political party committees are non-profit organizations dependent on donations and can ill-afford a robust security system.

Federally Sponsored Security

Beefing up the presidential public funding program may be an alternative where presidential candidates receive federal funding to finance cybersecurity expenses. Moreover, for the duration of their campaigns, candidates may be allowed the use of separate government monitored resources for their campaigns.

Political Party Incident Data Sharing

The Democratic and Republican National committees need to share cyberattack incidents to defend against attempted and exploited events. Threat intelligence sharing enables political parties to learn from each other’s experiences, gaining insight based on multiple attributes that provide the big picture of the context of cyber events.