Political hacking is the “in” thing right now. The most recent hacking took place on none other than a fundraising website of President Donald Trump on Feb 19th. The site, now offline, was defaced and the home page replaced with an image of a man wearing a fedora with the message:
Hacked by Pro_Mast3r~
Nothing Is Impossible
Peace from Iraq.
The alleged attacker told a journalist that he was from Iraq while claiming credit for exploiting a domain name service (DNS) misconfiguration that allowed him to take control of the donaldjtrump subdomain. The advice given in the report of this hacking was:
Donald Trump’s IT people need to do a better job of checking the DNS configuration for subdomains that are currently not in use.
Such logical and brilliant advice that is certain to fall on deaf ears as Trump can’t even stop using his commercial Android device in favor of a Secret Service-approved secure mobile device. Trump’s lackadaisical approach to technology will contribute to his demise. Does he think it won’t happen to him?
It’s not difficult to imagine someone telling Trump his site was hacked and his reply being “I told you using couriers was the right way to go”. Listening to a man in his 70’s reference cybersecurity protection as using couriers instead of military grade encryption is annoying and frustrating. In an age where the majority of Americans have some form of mobile computing device in their household, it’s hard to relate to someone who rejects most technology in general. This is the same man who issues an Executive Order (he wasn’t “briefed” on) that altered the structure of the National Security Council to insert Bannon and demote the Director of National Intelligence and the Chairman of the Joint Chiefs of Staff; the two people who should automatically be there. If he had even the slightest grasp on the importance of intelligence, that EO would never have been issued.
With all the reports of Russian’s hacking our democratic institutions, malware campaigns that just get bigger, and the integration of technology where most Americans don’t remember how to live without; you can’t ignore the threat of cyber attacks against the U.S. What most don’t quite understand, is that cyber attacks are global and can come from anywhere; technology has created a sub-world that is partial reality and partial virtual reality. Recently Rep. Michael McCaul, chairman of the House Homeland Security Committee, told the crowds at the 2017 RSA Conference:
There is no doubt in my mind that the Russian government tried to influence and undermine our election, if we don’t hold the line on sanctions and deliver meaningful consequences, they will do it again.
McCaul, being vague as to what those consequences could be, is a signal to those in the IT security industry that our government just doesn’t know how to protect our country from attacks. McCaul raised his concerns about election hacking in 2016 to then-President Obama and then-candidate Trump but was disappointed in their response and lack of concern. Cyber attacks are not partisan issues, they’re republic issues. Our experiences in 2015 and 2016 with cyber warfare, while profound and frightening, has made the country much more realistic when considering the dangers posed by cyber attacks. Our infrastructure is at risk. Our networks are at risk. Our own Internet of Things (IoT) devices, that are so cool and automated, are seriously at risk.
There is a reason that Android 6 and 7 have device encryption enabled by default. There is a reason that Apple iPhones allow you to encrypt. Let’s follow the lead of our tech companies, for now, as they appear to still hold the interests of the “common people”. President Trump would be wise to listen to the experts in technology around him and start taking steps to protect the systems that run our country. We can’t have a repeat of 2016 in 2020 when deciding who our next President will be.