Elections To Personal Data, We Must Do Better At Cybersecurity

One of the many hot buzzwords floating through today’s world is “cybersecurity.” There have been multiple, huge breaches of sensitive data at large tech companies like Yahoo, as well as allegations of computer hacking by foreign powers — specifically Russia — in an effort to influence the outcome of our recent national election. We are living in a world run by computers. What happens when our computers turn on us?

In the spotlight is the presidential election, which even without hacking allegations ended with an uncomfortable split — Donald Trump earning a majority of the Electoral College’s presumptive votes and, therefore, the presidency, but Hillary Clinton compiling some 2.83 million more votes in the popular vote tally. In recent days, there have been reports that the federal government knew in advance of the election that Russia was playing fast and loose with the campaign, using cyber warfare in an attempt to give Russian President Vladimir Putin’s preferred candidate an edge. This has led many people on both sides of the aisle to seek investigations on just what was known during the campaign and how the election was impacted by those actions.

Nine Senate Democrats have asked the Director of National Intelligence to provide what is called a National Intelligence Estimate by Jan. 20, the day that President-Elect Trump is set to take the oath of office. “Direct and deliberate interference in our election is an unprecedented breach and threat to U.S. democracy and national security,” the senators wrote to Director of National Intelligence James Clapper. “It is absolutely critical that information about these matters be disclosed to the public and to Congress.”

“Investigating reports of Russia’s interference into our presidential election and civic institutions is not a partisan issue,” Michigan Sen. Gary Peters said. “It’s about protecting our democracy and our national security. Americans deserve transparency and accountability.”

At the same time, bipartisan action is taking place. Two Democratic congressmen (Maryland’s Elijah Cummings and California’s Eric Swalwell) have introduced legislation creating an independent commission to investigate Russian government involvement in the digital attacks, and Republican senators Lindsay Graham and John McCain are also pushing for investigations into the hacking incidents. Cybersecurity experts are echoing those calls for a deeper, public investigation into the evidence of Russian hacking — both the majority who already believe that the Russian government carried out the attacks, and the minority who don’t.

Cybersecurity concerns are not new. The biggest U.S. government data breach of 2015 was the Office of Personnel Management (OPM) data breach, which was the result of a longstanding hack that started in March 2014. The government announced the data breach in June 2015 and estimates of stolen records increased from an initial number of 4 million to 21.5 million. In a survey of 24 federal agencies, the General Accounting Office found that between 2006 and 2015, the number of cyberattacks climbed 1,300 percent — from 5,500 to over 77,000 a year.

So, what’s the solution? How do we stem the cybersecurity threats to our nation, our financial institutions and our own personal safety? Unfortunately, according to Adm. Michael Rogers, commander of U.S. Cyber Command and director of the National Security Agency, “When it comes to cyber defense, there is no one single strategy, there is no one single tool or capability.”

“I think it’s fair to say that right now the odds favor the offensive side,” Rogers said during a presentation at Harvard University in October. “That’s in no small part because the reality is today we are dealing with network structures that were designed and built in a totally different environment.” Specifically, our national computer infrastructure was not built with cyber attacks in mind.

Confronting the cyber threat, Rogers said, will require better network protection, altering normal protocols and changing “the risk calculations for actors so they stop and say to themselves, ‘Even if I could technically do this, would the benefits outweigh the risks and costs?’”

We encourage a bipartisan investigation, and encourage our elected leaders to take meaningful action against any and all perpetrators. We have been losing cybersecurity battles, but we must put in the necessary resources to win the war.