"Proud Boy Demonstrator, May Day 2017" by AdamCohn is licensed under CC BY-NC-ND 2.0
Iran Impersonates the "Proud Boys" in Emails
Voters apparently registered as Democrats received emails purportedly from notorious right-wing group “The Proud Boys,” threatening them unless they voted for Donald Trump. The US quickly pointed the finger at Iranian intelligence as having sent the emails. A related email campaign also purported to show how one could easily cast multiple ballots. Although the emails originated from a domain the Proud Boys’ use, it does not appear the group was hacked." There is little concern that these Iranian emails would alter electoral outcomes, but the purpose is to sow confusion.
Dubious emails are unlikely to change votes, but changing votes is not the strategy. The emails distort voters’ perceptions of the electorate. Email recipients may conclude the Proud Boys and fellow travelers are more popular than they are, and are thereby driving electoral outcomes. Furthermore, the emails’ content claims voter fraud is possible, which implies the election may not be a legitimate reflection of popular will.
The Iranian strategy even harms the election now that their involvement is publicly known. The emails demonstrate that Iran can inject itself into elections online. Now voters rightly see international actors involved in elections, and must conclude for themselves how who else is involved in the election. Voters may reasonably, though erroneously, conclude other electoral coalitions are as phony as these emails.
No Evidence "Biden Laptop" is Russian Op
We’ve learned more about the laptop purportedly owned by Hunter Biden, that again thrust information security into national politics. Biden campaign, and others, have argued without evidence that the laptop is a Russian disinformation plant. The Director of National Intelligence threw water on the idea of Russian involvement, which the FBI seemingly supported. At least one person named in the emails has authenticated them as genuine.
The Biden laptop is another example of information security harming elections, by increasing ambiguity. While there is no evidence the laptop is Russian disinformation, it is plausible and consistent with Russian operations. We could have more confidence in the laptop’s legitimacy if information security from start to finish were reliable. As it stands, voters predisposed to believe international actors are injecting themselves into the election can plausibly point to the laptop as an example. Others take the laptop as an example of elites corrupting the government.
NSA Urges Patches of Exploits China Uses
The NSA released a list of 25 known vulnerabilities that APTs associated with China are exploiting. The vulnerabilities are not new discoveries, but were previously disclosed and have already been patched. The NSA claims to have found Chinese APTs using these vulnerabilities “in the wild,” which means there are victims of these exploits.
The US Government has taken an increasingly strong stance encouraging information security and vulnerability patching. This particular announcement targeted China, but Russia and Iran remain top threats, too. Known vulnerabilities do not usually draw much attention in cybersecurity communities, because cybersecurity professionals already know about them. Lack of attention belies the threat known vulnerabilities pose. When users have not updated their computers, a known vulnerability is a loaded gun pointed directly at their information. Chinese APTs are just the latest to exploit those vulnerabilities.
Noteworthy
David Benson is a Professor of Strategy and National Security focusing on cyberstrategy and international relations. You can reach him at dbenson@osiriscodex.com.
To get more insightful analysis like this in your inbox at no cost please subscribe.
Share this Brief with someone who might appreciate it.
Ask a question! Raise an objection! Leave a comment!