Cybersecurity

Is the DNC Hack an Act of War?

By Jack Goldsmith
Monday, July 25, 2016, 9:40 PM

At Slate I have a discussion about the DNC hack with Isaac Chotiner.  A flavor:

Is the election aspect of this hack unique?

There have been reports in recent years of cyberattacks or cyberoperations in computer networks in other countries related to elections. Still, if this if a Russian (or some other foreign governmental) operation, I know of nothing parallel on this scale, with this impact. And yet, as I wrote this morning, “the Russian hack of the DNC was small beans compared to the destruction of the integrity of a national election result.” Presumably the DNC email hack and leak involve genuine emails. But what if the hackers interspersed fake but even more damning or inflammatory emails that were hard to disprove? What if hackers break in to computers to steal or destroy voter registration information? What if they disrupted computer-based voting or election returns in important states during the presidential election? The legitimacy of a presidential election might be called into question, with catastrophic consequences. The DNC hack is just the first wave of possible threats to electoral integrity in the United States—by foreign intelligence services, and others. …

 

How seriously do you think the government takes issues of cyberwarfare? Do you feel confident about our defensive capabilities and competence?

“Cyberwar” is a misleading term—the Russian hack, if it is that, is not an act of war, at least not by traditional standards. It is closer to an intelligence operation with the twist of a damaging publication of the stolen information. That said, the U.S. government takes all major cyberoperations against it and its major public and private institutions very seriously. My confidence about our defensive capabilities and competence depends on what institutions you are talking about. Today, some components of the government (e.g. the Defense Department) do better than others (e.g. the Office of Personnel Management, which recently suffered an very damaging hack). And private sector defenses, even of important critical infrastructure networks, are a very mixed bag. The scale of the challenge is enormous, and offense has many advantages over defense. I don’t know anyone who is sanguine about our defensive capabilities overall.

 

Topics: