A majority of cybersecurity professionals think cybercriminals are interfering in the U.S. election, and agree with the 2016 Republican Party platform endorsing strike-backs against hackers, a new study from cybersecurity company Tripwire found.
The breach of the Democratic National Committee’s computer network and subsequent leaks of sensitive information so close to the U.S. election is the most high-profile way in which cybercriminals are trying to manipulate the election, wrote Tripwire director of IT security and risk strategy Tim Erlin.
The FBI is investigating the hack, which security experts have said would be in keeping with Russian tactics.
Two-thirds of respondents said cybercriminals were influencing the outcome of the upcoming election and the vast majority of respondents — 82 percent — believed that state-sponsored attacks around elections should be considered acts of cyberwar.
Just over half of the respondents — 55 percent — agreed with a proposal in the GOP Party’s 2016 platform that would allow victims of such attacks to retaliate by hacking back, a proposal that was widely criticized by many tech experts when it was first revealed in July.
In a section titled “Facing 21st Century Threats: Cybersecurity in an Insecure World,” the GOP platform suggests how the U.S. should launch counterattacks against state sponsored cyberattacks from Russia and China and other hostile actors.
“Our response should be to cause diplomatic, financial, and legal pain,” says the document. “We will explore the possibility of a free market for Cyber-Insurance and make clear that users have a self-defense right to deal with hackers as they see fit.”
Attribution of cyberattacks is extremely difficult, which is a strong counter-argument against encouraging victims to retaliate, wrote Dwayne Melancon, Tripwire’s chief technology officer and vice president of research and development.
“Investigations sometimes discover that attacks appearing to come from other countries actually have a command and control base in the U.S., and vice versa,” he wrote. “If a cyberattack escalates into war or retribution, you’d better be certain of its origin.”
Cyber-attacks will happen on election day, Lamar Bailey, senior director of security research and development at Tripwire wrote in the press release. Rather than a large-scale attack akin to the DNC hack — which takes a lot of time and resources — hackers are much more likely to attempt to discredit the results of the U.S. election with lots of small attacks on various states and counties, he wrote.
“It could be like the 2000 election but with a virtual hanging chad,” Bailey warned.
Tripwire interviewed more than 220 security professionals at the annual Black Hat security conference in Las Vegas, NV which runs from July 30 to August 4.