Russian hackers have caused chaos and crossed a line by spilling data out to the public
Hacking and election tampering – state-on-state activity is never clear cut.
Major governments around the world regularly conduct cyber-espionage to gain political leverage, collect intelligence and uncover secrets from deep within rival nations. Be it ally or adversary, any country with the ability to do so conducts clandestine activities.
In 2015, the attention was on China, especially after the theft of federal records from the Office of Personnel Management (OPM). A year later, as the 2016 presidential election loomed, it emerged Russia was probably responsible for infiltrating numerous political groups in the US.
As the treasures (leaked emails) were released into the public domain, US intelligence said the hackers – state-sponsored APT28 and APT29 – had actively plotted to influence the outcome of the vote and help elect Republican candidate Donald Trump.
According to Toni Gidwani, a former Department of Defense (DoD) analyst who now heads up operations research at cybersecurity firm ThreatConnect, it was this move to aggressively influence democracy that separated the Russian hacking from US activities.
In an interview with IBT, Gidwani said: "Any government that's not yours is a legitimate target", but added that, generally, the purpose of espionage is "to steal information for a decision advantage."
What the hackers did, if true, was cross a line by spilling data to the public. "To cause chaos," she said.
"As much as we may not like it, a presidential campaign is a legitimate intelligence target," Gidwani continued. "Foreign governments want to know who the next leader of the United States is going to be, who influences them and what their views are.
"What made [it] weird, was how they operationalised the data.
"I was not at all surprised to see the campaign was targeted and it was successfully hit, [but] much more surprised to see the way that information was leaked for a clear political objective."
The leaks were spread by a number of outlets suspected of being managed by Russian intelligence – including Guccifer 2.0 and a website called DC Leaks. In official statements, the US government also namechecked WikiLeaks as another front being "weaponised" by the Kremlin.
The disclosures caused outrage in the US establishment, but state-on-state activity is never as clear-cut as it seems. Some critics have pointed to the US's own murky history of tampering with foreign elections, with a recent report in The Week citing numerous damning examples of this.
Way back in 1997, the New York Times reported how the US Central Intelligence Agency (CIA) had orchestrated "dozens of covert political operations" in the 1960s and 1970s throughout Southeast Asia, Latin America, the Middle East and Africa.
Meanwhile, most recently, US intelligence agencies including the National Security Agency (NSA) and the Federal Bureau of Investigation (FBI) have been criticised for their vast surveillance capabilities used to target foreign nations and companies.
Even high-profile intelligence chiefs have admitted the US has hacked foreign politicians in the past.
Michael Hayden, who has previously held top positions at the NSA and CIA, said on 18 October that US spies – much like their Russian counterparts – often conduct similar operations. Like Gidwani, however, he noted the weaponisation of pilfered information was a step too far.
"I have to admit my definition of what the Russians did [at the Democratic National Committee] is, unfortunately, honourable state espionage," Hayden explained at the time.
He continued: "A foreign intelligence service getting the internal emails of a major political party in a major foreign adversary? Game on. That's what we do.
"By the way, I would not want to be in an American court of law and be forced to deny that I never did anything like that as director of the NSA, because I could not."
Gidwani, however, maintained Russia's actions were far-removed from anything that would occur by intelligence operatives in the US. She said: "Going forward, the situation may force a change in the way governments will have to respond to these types of provocations.
"It's definitely a provocation but it's not the same as literally blowing something up," she explained. "So, how they assess the harm that's being done and what the correct way is to respond, those are all things that all these governments will have to figure out.
"The rules here are not as clean in terms of what's allowable and what the consequences are."
There is little denying that Russian hackers are effective, and persistent. Recently, as its own elections are approaching, officials in Germany have noticed a spike in cyberattacks suspected of originating in Russia. As The Guardian notes, this may be "cyberwar" in action.
"The Russians have been doing these activities in Europe for a number of years," Gidwani told IBT. "I think part of what we are seeing is the spread, and the refinement, of those activities.
"To see [the hackers] come after so many US targets that were specifically civilian and political was a shift, it was a distinct change in their targeting. For me, one of the questions that still remains is what happened to cause that shift.
"Was this a central directive from Putin himself, was this a result of multiple parts of the Russian security apparatus competing for influence?
"I don't think we really have a good answer for it yet."
© Copyright IBTimes 2024. All rights reserved.