How do you prove Russia meddled with the presidential election? That’s a question the U.S. government is facing, but may never fully answer, at least not publicly. Last week, the U.S. punished Russia, claiming the country’s cyberspies hacked Democratic groups and figures during the election season. However, missing from last week’s announcement was any new evidence — or a smoking gun — proving the Kremlin’s involvement. This isn’t sitting well with everyone in the security industry, especially since identifying the culprit of any cyberattack is no easy matter. “Maybe Russia did do it, but until we have sufficient evidence, it’s a mistake to move forward,” said Jeffrey Carr, a cybersecurity consultant. Carr isn’t the only skeptic. Incoming President Donald Trump has also been doubtful over Russia’s suspected role in the cyber-meddling. “Unless you catch ‘hackers’ in the act, it is very hard to determine who was doing the hacking,” tweeted Trump, who’s compared the problem to the U.S. incorrectly concluding that Iraq possessed weapons of mass destruction over a decade ago. Nevertheless, the outgoing administration of President Barack Obama remains convinced that the Kremlin directed the high-profile hacks in an effort to sway public opinion in the run-up to the election.
Private security firms have concluded the same. As evidence, they’ve pointed to the targets hacked, in addition to the malware and methods used — all of which suggest that elite hackers out of Russia were responsible. But in Carr’s view, the evidence is missing important links, such as proof showing that the suspected Russian-speaking hackers were actually enlisted by the Kremlin.
Malware can also circulate. What’s to stop any hacker from using malicious coding developed in Russia? “We should be setting a high bar (on this investigation),” he said. “But the government has so mangled this campaign to show the public evidence. It’s such a mess.”
Full Article: Uncertainty clouds debate on Russia’s suspected role in election hacks | PCWorld.