Mr. Liles did not attribute the attack to any specific country, but told the Senate Intelligence Committee during his testimony that there are only a select few who had the capability to carry out this kind of attack. The media then filled in the gaps.
First Published 23rd June 2017
Spot the alleged hacker.
4 min read | Reflare Research Team
Earlier this week Mr. Samuel Liles, acting director of the Office of Intelligence and Analysis Cyber Division of the United States Department of Homeland Security, testified before the Senate Intelligence Committee investigating alleged Russian interference in the US election of 2016.
In this briefing, we will take a look at new claims and their implications, revisit the concept of proof of attack vs. proof of attacker, and 'hacking the election vs. hacking to influence'.
What is new?
The statements given by Mr. Liles are the first incident of a US government official naming a number of States which have allegedly had their voting mechanisms attacked. More precisely, 21 states are stated to have been targeted. Unfortunately, which 21 states remains unspecified.
The US states Arizona and Illinois have self-reported being targets of the attacks.
What are the implications?
While no additional proof has been made available, these statements still represent an important shift in the handling of the alleged hacking attempts.
So far, all official statements were focused on attempts to use confidential or embarrassing information gained through hacking activities to discredit the Democratic Party during the election. We refer to this approach as “hacking to influence” in previous briefings. The new claims indicate that a foreign actor may have also tried to hack the election mechanism itself. Such attacks carry much more weight as votes could be misrepresented.
While proof of attacker is required for an attack aiming to influence public opinion to become geopolitically relevant, mere proof of attack would be sufficient to trigger far-reaching consequences including a potential re-casting of votes when the election mechanism itself is concerned.
Were the attacks successful?
To the best of our knowledge at the point of writing, no organization within the US government is claiming that voting systems were successfully compromised during the 2016 election. The new claims merely outline attempted attacks, not successful breaches.
Therefore, the new allegations are unlikely to lead to major political consequences by themselves.
Will there be more details?
While we cannot rule out the release of additional details such as the naming of further affected states, the anonymous nature of cyber attacks and the confidential nature of national security means that we consider it unlikely for such information to be released.