Fear our dumb new world

By on
Fear our dumb new world

[Blog post] Stop the idiocracy taking over before it's too late.

When the potential future president of the United States quite happily becomes involved in dodgy hacking dealings to support his election campaign and asks a foreign superpower to hack his main rival, it’s truly a watershed moment in history.

In a saga that continues to evolve, Republican Donald Trump has been jeering at the dirt that’s supposedly been leaked by the data breach at the Democratic National Convention (DNC).

But he wants more than the already leaked emails, and asked Russia to hack running rival Hillary Clinton to dig up further ammunition against her.

“Russia, if you’re listening, I hope you’re able to find the 30,000 emails that are missing,” he said.

“I think you will probably be rewarded mightily by our press. Let’s see if that happens. That will be next.”

Those are his exact words.

These words support what constitutes multiple crimes in the US, alongside blatant disregard for ethics and privacy. Trump's already tried to retract, claiming he didn't mean what he said, but it's up to you whether you believe him.

Regardless, we should absolutely be concerned that a candidate in the running to become the head of the most powerful country in the world sees nothing wrong with encouraging a foreign power to hack US government officials.

So far, everything points to Russia being behind the DNC hack: from the malware used to gain access to its systems to the bad attempt at pretending the hacker was Romanian.

It's enough to write a movie script for a dark comedy called The Three Loose Cannons: a presidential candidate that's happy to exploit hacks almost certainly done by agencies controlled by Russian pal Putin.

Data leaked by the hackers was given to Julian Assange and Wikileaks, a self-confessed foe of the Obama administration and Hillary Clinton. You couldn't make this stuff up.

Nevertheless, the hackers probably didn't have to work too hard, as the Democrats clearly did not have the ability to defend against relatively unsophisticated phishing attacks let alone detect them. Forensic analysis of the DNC systems revealed that the attackers had been present since late 2015; last week, it transpired that the Dems’ fundraiser systems had been hacked too.

Yep, by the Russians again, apparently.

Compounding that carelessness, the DNC systems contained way too much juicy data. Credit card details, sensitive personal information and emails in plain-text, totally unsecured, just waiting to be copied over and put into any context by adversaries.

Leaking financial and personal details of people in ordinary situations is bad. Tying them up with a political party? Priceless.

Combine this with Trump's privacy-be-gone approach and it undoes years of work and collaboration around security, effectively authorising hacking as a political weapon.

Not only does this run counter to existing law, the effects on society and democracy in general will be untold.

At the moment, the agreed position generally is that just because we can hack each other, doesn't mean we should.

Trump's comments suggest he falls outside this consensus, raising questions about the future of existing anti-computer and network intrusion legislation, and international collaboration to shore up IT security.

Whatever happens in the presidential election, here’s hoping the DNC hack will be thoroughly and publilcly analysed to prevent such attacks from becoming commonplace and part of political life.

But meanwhile, if your organisation has operations in the US and is going anywhere near a similarly sensitive situation as the DNC did, it might not hurt to batten down the security hatches and prepare for the worst.

Got a news tip for our journalists? Share it with us anonymously here.
Tags:
In Partnership With
Juha Saarinen
Juha Saarinen has been covering the technology sector since the mid-1990s for publications around the world. He has been writing for iTnews since 2010 and also contributes to the New Zealand Herald, the Guardian and Wired's Threat Level section. He is based in Auckland, New Zealand. Google
Read more from this blog: SigInt

Most Read Articles

Log In

Username / Email:
Password:
  |  Forgot your password?