What really happened during the presidential election of 2016? Part II of a IV Part Series

There has certainly been a lot of buzz about it for a long time afterward not to mention some extraordinarily strong feelings that created a significant gap among Americans. The intensity of that gap and its “aftershocks” are still felt today. Let’s examine some of the history of our most recent presidential election.

REFLECTION & ANALYSIS

As early as the summer of 2015, the Democratic National Committee (DNC) was targeted and penetrated by Russian-based threat groups. Extensive investigative research by a variety of cybersecurity firms (notably CrowdStrike, Fidelis Cybersecurity, and Madiant) pointed to the DNC’s network originally having been breached in 2015 and continually accessed until at least April 2016. Throughout that time, two highly sophisticated Russian threat groups known as COZY BEAR and FANCY BEAR were able to get ahold of the DNC’s private documents, opposition research, and personal communications through emails. Additionally, this article was published by ThreatConnect, another cybersecurity giant and ProtectedIT MSSP of choice, following up on CrowdStrike’s initial investigative findings and solidified the conclusions that this attack was of Russian origin.

ThreatConnect Logo - Logo RGB.png

On the eve of the Democratic National Convention, a “dump” of over 20,000 emails and documents was released on Wikileaks. It became clear that DNC data had been exfiltrated and filtered with the intent of victimizing a few high ranking officials in the Democratic party, with one of the most revealing points showing the Democratic National Committee had favored Hillary Clinton over Bernie Sanders in the primaries. Months after the election, the Mueller indictments indicated the timing of this email “dump” was intentional, with the purpose of pushing a huge wedge between Clinton supporters and Sanders supporters and sowing discord and anger within the party during their national convention.

What is interesting is that many people mistakenly believe this email dump was “damning” or “incriminating” evidence that exposed Hillary and pointed to her ulterior motives and underground, unlawful practices. However, while these emails were certainly not helpful to the democratic candidate (and they without a doubt revealed the DNC's clear favoritism) this leak was the MOST damaging in that it became a seed that sprouted a vine that grew and began winding its way around everything and everyone for the rest of the year…all the way up to election day.

Of course, there were other players in the game besides Russia. Potential profit attracts many.

An analytics firm called Cambridge Analytica was employing a “data-driven digital campaign” for the Trump campaign to micro-target citizens based on their digital movements and actions. Data indicates that they used algorithms and behavior analytics to monitor effectiveness of messaging and engagement levels on commonly used platforms like Google, Snapchat, Twitter, Facebook, and YouTube.

In March 2018, a whistleblower and prior employee of Cambridge Analytica opened the lid on a scandal revealing that, leading up to the election, over 50 million Facebook profiles had been harvested in a shocking data breach and extremely disquieting invasion of personal privacy. This data was then used to build a system that could profile a single voter and target that individual with personalized political propaganda…based on how they were leaning/feeling towards Mr. Trump. In reference to the American public, whistleblower Christopher Wylie stated “[We] built models to exploit what we knew about them and target their inner demons.”

A separate digital tactic in 2016 utilized your geographic location and the politics of where you lived. If you were in an area that was likely to be a Trump supporter, the image shown was Mr. Trump “triumphant-looking,” and then a supplemental link to the closest polling station. If you lived in an area that suggested you may not be a strong Trump supporter or a possible swing voter, instead the algorithm would show you an ad of one of his “high-profile” supporters like a celebrity from the TV show Duck Dynasty or the president of the UFC (Ultimate Fighting Championship). Another ad listed a successful link promoting “10 inconvenient truths about the Clinton Foundation,” and analytics showed it had an average engagement time of 4 minutes per person.

NOTE: It is important to recognize here that the Sanders campaign and Clinton campaigns also purchased and utilized “smear ads” against their opponents. With that said, it is also worth recalling attention to the “seed of the vine” I spoke of earlier in this article, and how this particular seed - the DNC email leak - was given…oh, let’s say an ample supply of “nourishment” in the form of the growing dissent and doubt within the Democratic party. It quickly had all the sustenance needed to better wrap itself around its victims…AKA the voters. Us.

What I have discussed in this piece are just a few examples. We could keep turning the pages and finding more but I will leave conclusion-drawing for our final bit in a few weeks, Part IV! For simplicity’s sake, let us wrap up this reflection and analysis.

Some call what occurred an outside intrusion campaign - other times they are referred to as influence campaigns. ‘Outraging lack of ethics and control’ could put it mildly. All are synonymous examples encapsulating these concepts of strategic, manipulative methods and cyber-attacks. Not direct physical attacks - like a punch in the face or kick in the side - but slower, more passive. In a way, it is more dangerous because while you believe you’re thinking and deciding for yourself your emotional reaction, mental processing, and conclusion-reaching has been planned and calculated by something unseen.

While reading up and fact-finding for writing this, a quote I found from Senator Mark Warner (D-VA) stuck with me - I think he summed up this situation nicely:

“This story is more evidence that the online political advertising market is essentially the Wild West. Whether it's allowing Russians to purchase political ads, or extensive micro-targeting based on ill-gotten user data, it’s clear that, left unregulated, this market will continue to be prone to deception and lacking in transparency.”

It is not the first time I have heard the “Wild West” in reference to what happened in 2016. And this “undermining of public faith in the US democratic process” is a monumental problem that this country is facing. It is occurring all around us, and oftentimes we do not even seem to notice it is happening.

Next week, Part III of IV: COMPARISON & PERSPECTIVE, where we’ll add in a bit of outside perspective to this discussion and look at similar situations that have occurred outside of the US. How have the governments of other countries handled cyber election threats and potential election hackings? What can we learn from their efforts and countermeasures, whether successful or not?

For more information about ProtectedIT and our Managed Security Services find us here.

Damian Ehrlicher