The 2016 election was, arguably, the first of its kind to have been truly impacted by cyber security. With the narrow gap in the vote, and the number turned off from voting, much can be placed on the Clinton email scandal.
The answer to why Hillary Clinton originally used her own server will likely depend on your political views, and the objective truth may remain elusive, but the cascading series of events it caused, culminating in a series of state-sponsored hacks, most likely by Russia, is something few will dispute as having had a profound effect on the outcome of this campaign.
Tensions over a hack
Many, seeing a Clinton victory as inevitable, equally saw continued tensions between the US and Russia, and retribution over the country’s alleged involvement in these cyber attacks. This may now change.
Trump appears to have a more sympathetic view of Russia, asking why the nations have to be against each other, and calling Putin a “strong” leader. In his first address since the election, Putin said: “Russia is ready and wants to restore a fully-fledged relationship with the United States.”
However, the same team responsible for the hack of Clinton campaign chair John Podesta, ‘Cozy Bear,’ is now believed to be targeting American political thinktanks and non-government organizations (NGOs), according to cyber incident response firm Volexity.
Therefore, it is safe to assume that, despite calls for a normalization of relations, if Russia is indeed behind ‘Cozy Bear,’ the cyber war between the two nations will continue.
Unfortunately, details from Trump regarding this matter have been slim. During his campaign, he said “I will tell you this, Russia: If you’re listening, I hope you’re able to find the 30,000 emails that are missing. I think you will probably be rewarded mightily [pause] by our press.”
Did Trump really ask Russia for confidential Democratic Party material? He has since called the statement a joke, and denied that Russia was the likely originator of the attacks on the Clinton campaign and Democratic National Committee. During a debate against Clinton, he said it “could be somebody sitting on their bed that weighs 400 pounds.”
With the US government having officially accused Russia of being the attacker, Trump’s views could change now that he is set to be in charge of the government.
Of further concern is China, which engaged in repeated cyber attacks - mostly corporate intellectual property theft - during Obama’s two terms. After long, deliberate and difficult negotiations, September 2015 saw an agreement to cease such actions, and indeed a marked decrease in cyber espionage has been noticed. With Trump threatening trade wars and taking a much more aggressive stance on Sino-American relations, this trend could soon reverse.
Looking at cyber security more generally, Trump has promised to “order an immediate review of all US cyber defenses and vulnerabilities, including critical infrastructure, by a Cyber Review Team of individuals from the military, law enforcement, and the private sector.”
He said in October: “As President, improving cyber security will be an immediate and top priority for my Administration.”
Continuing: “I will make certain that our military is the best in the world in both cyber offense and defense. I will also ask my Secretary of Defense and Joint Chiefs to present recommendations for strengthening and augmenting our Cyber Command.
”As a deterrent against attacks on our critical resources, the United States must possess the unquestioned capacity to launch crippling cyber counter-attacks. This is the warfare of the future, America’s dominance in this arena must be unquestioned.”
With America having been proven to be so vulnerable to even small cyber attacks, this is dangerous ground that will likely prove increasingly problematic. Data center and Internet infrastructure operators should not look to the government for protection, rather implementing all that they can with the expectation that governments will try to access their systems.
Trump has taken a negative view on encryption, prioritizing law enforcement’s ability to access data. During the campaign, when Apple declined to hack an encrypted iPhone used by one of the San Bernardino shooters, he tweeted: “Boycott all Apple products until such time as Apple gives cellphone info to authorities regarding radical Islamic terrorist couple from Cal.”
He added in an interview with Fox & Friends: “I agree 100 percent with the courts. In that case, we should open it up. I think security overall — we have to open it up. And we have to use our heads. We have to use common sense.”
Boycott all Apple products until such time as Apple gives cellphone info to authorities
Donald Trump, tweet
When it comes to broader surveillance issues, details are slim. Vice President-elect Mike Pence, who is leading Trump’s transition team, voted yes on retroactive immunity for telecoms’ warrantless surveillance in 2008. This meant that AT&T, Verizon, Sprint and other telecoms companies could not be held accountable for their participation in the NSA warrantless eavesdropping program.
But Trump himself has said less on he matter of digital surveillance and the NSA. When talking on the issue of the DNC hack, he said that he had nothing to do with it but added: “I wish I had that power, man, that would be power.”
He has also spoken in favor of other forms of surveillance, controversially calling for mosques to be monitored. He told NBC News in late 2015 that he wanted a database of all muslims within the US: “I would certainly implement that. Absolutely. There should be a lot of systems, beyond databases. We should have a lot of systems.” Later he clarified that he had meant all Syrian refugees.
Read the rest of our Trump analysis here: