In 2016, cyber criminals launched a massive disinformation assault, hacked the Democratic National Committee, probed state voter registration databases and compromised communications from the Clinton campaign. Given all that, you might expect an all-out push for government and industry to share whatever they know about the threat.
That’s not quite what’s happening, so far.
More than 18 years since the U.S. government released its plan for a major, public-private partnership on cyber security, policy experts say that what its creators hoped for never came to pass. Yet what’s emerged in its place is still useful – and there’s hope that the Department of Homeland Security will be promising more intel as the November elections inch closer.
Indeed, Jeff Greene, Symantec’s Vice President for Global Government Affairs, says that while some of the original ideas never quite met expectations, he doesn’t think DHS gets enough credit for its efforts.
“Historically, people have said we give information, but we don’t get it,” he said. But Greene noted that while DHS officials too often refuse to divulge details in the name of national security, “we’re getting more back, now. Recently, we had a 15-minute conversation and came up with five things we can tell our people on the phone.”
That’s a significant improvement.
“A lot of times they would not tell us what to look for,” Greene continued. “And if I can’t tell an analyst what to look for, they can’t look for telemetry.”
That on-again, off-again relationship pops up in unexpected ways. Lawmakers recently grilled Mark Zuckerberg over Russian agitprop on Facebook before, during and after the 2016 elections. Just a few weeks later, DHS reportedly met with eight big tech companies, including Facebook, to talk about what they expected from Russians and other bad actors this November. The conversation reportedly did not go well.
“The Department of Homeland Security was reluctant to talk about what kind of tactics or issues they were seeing ahead of the midterms and that led to frustration on the part of the tech companies who know what to prepare for,” CNET Editor Connie Guglielmo later told CBS news.
Then again, other times the spigots governing the information sharing pipeline have been wide open. Indeed, Greene recalled the response to the WannaCry attack that first hit Mother’s Day weekend, 2017.
“Starting that Friday through the weekend, we probably gave more than we got, but that’s probably because we’re on more systems (than the government is.),” Greene said. “I’m told some of the stuff we sent them saved them weeks of research time.”
Michael Daniel, President and CEO of the Cyber Threat Alliance, says Russian propaganda efforts continue and will likely accelerate as the calendar moves into the fall. But what happens on Facebook has been about words and nothing more
Paying Attention to the Technical Details
“There’s an interesting question about whether anyone is picking up on attempts to mess with voting infrastructure,” Daniel said. “At the end of the day, people still have to go into the voting booth and cast their ballots.”
He noted that while hackers famously compromised voting machines at the recently-concluded Def Con security conference, the heart of the systems – registration databases, vote tallying systems and the like – are much more sensitive and open to compromise as long as they are connected to the internet. Those things will matter more when it comes time to count votes.
Many techies continue to focus on sharing technical information back and forth, but that misses the point, according to Daniels, who pointed out that many companies still struggle to fill their ranks with experienced technical staff. Instead, he said that companies need information they can execute with the people they have to protect the real-world businesses in which they operate. They need to know which patches really matter now – and which they can put off. What’s more, he added, they want to know which products and services can get them in trouble and which are (probably) safe.
“What we’re sharing in other environments is how people can change their business practices to protect themselves,” he said. “It’s a complex issue, but we’re getting better at it.”
If you found this information useful, you may also like to learn more about Symantec's Election Security page:
We encourage you to share your thoughts on your favorite social platform.