Return to Video

How (and why) Russia hacked the US election

  • 0:01 - 0:04
    Let's say you despise
  • 0:04 - 0:05
    Western democracy.
  • 0:07 - 0:09
    Democracy, in all its trappings,
  • 0:09 - 0:11
    free elections, town halls,
  • 0:12 - 0:14
    endless debates about
    the proper role of government.
  • 0:14 - 0:16
    Too messy,
  • 0:16 - 0:17
    too unpredictable,
  • 0:17 - 0:19
    too constraining for your taste.
  • 0:20 - 0:24
    And the way these democracies
    band together and lecture everyone else
  • 0:24 - 0:26
    about individual rights and freedoms --
  • 0:26 - 0:28
    it gets under your skin.
  • 0:29 - 0:31
    So what to do about it?
  • 0:32 - 0:37
    You can call out the hypocrisy
    and failures of Western democracies
  • 0:37 - 0:40
    and explain how your way is better,
  • 0:40 - 0:42
    but that's never really worked for you.
  • 0:43 - 0:45
    What if you could get the people
  • 0:45 - 0:49
    whose support is the very foundation
    of these democracies
  • 0:49 - 0:51
    to start questioning the system?
  • 0:52 - 0:55
    Make the idea occur in their own minds
  • 0:55 - 0:59
    that democracy and its institutions
    are failing them,
  • 0:59 - 1:01
    their elite are corrupt puppet masters
  • 1:01 - 1:04
    and the country they knew is in free fall.
  • 1:06 - 1:07
    To do that,
  • 1:07 - 1:10
    you'll need to infiltrate
    the information spheres
  • 1:10 - 1:11
    of these democracies.
  • 1:11 - 1:15
    You'll need to turn
    their most powerful asset --
  • 1:15 - 1:17
    an open mind --
  • 1:17 - 1:19
    into their greatest vulnerability.
  • 1:20 - 1:22
    You'll need people to question the truth.
  • 1:24 - 1:29
    Now, you'll be familiar of hacking
    and leaks that happened in 2016.
  • 1:29 - 1:32
    One was the Democratic
    National Committee's networks,
  • 1:32 - 1:35
    and the personal email
    accounts of its staff,
  • 1:35 - 1:36
    later released on WikiLeaks.
  • 1:37 - 1:39
    After that, various online personas,
  • 1:39 - 1:44
    like a supposed Romanian cybercriminal
    who didn't speak Romanian,
  • 1:44 - 1:48
    aggressively pushed news
    of these leaks to journalists.
  • 1:49 - 1:51
    The media took the bait.
  • 1:51 - 1:54
    They were consumed by how much
    the DNC hated Bernie.
  • 1:55 - 1:59
    At the time, it was that narrative
    that far outshined the news
  • 1:59 - 2:03
    that a group of Russian government
    sponsored hackers
  • 2:03 - 2:06
    who we called "Advanced
    Persistent Threat 28,"
  • 2:06 - 2:08
    or "APT28" for short,
  • 2:08 - 2:11
    was carrying out
    these operations against the US.
  • 2:12 - 2:14
    And there was no shortage of evidence.
  • 2:15 - 2:19
    This group of Russian government hackers
    hadn't just appeared out of nowhere
  • 2:19 - 2:20
    in 2016.
  • 2:20 - 2:23
    We had started tracking
    this group back in 2014.
  • 2:23 - 2:28
    And the tools that APT28 used
    to compromise its victims' networks
  • 2:28 - 2:32
    demonstrated a thoughtful,
    well-resourced effort
  • 2:32 - 2:34
    that had taken place for now over a decade
  • 2:34 - 2:36
    in Moscow's time zone
  • 2:36 - 2:38
    from about 9 am to 6 pm.
  • 2:39 - 2:44
    APT28 loved to prey on the emails
    and contacts of journalists in Chechnya,
  • 2:44 - 2:48
    the Georgian government,
    eastern European defense attachés --
  • 2:48 - 2:52
    all targets with an undeniable interest
    to the Russian government.
  • 2:52 - 2:54
    We weren't the only ones onto this.
  • 2:54 - 2:57
    Governments, research teams
    across the world,
  • 2:57 - 2:59
    were coming to similar conclusions
  • 2:59 - 3:01
    and observing the same
    types of operations.
  • 3:02 - 3:05
    But what Russia was doing in 2016
  • 3:05 - 3:07
    went far beyond espionage.
  • 3:08 - 3:15
    The DNC hack was just one of many
    where stolen data was posted online
  • 3:15 - 3:17
    accompanied by a sensational narrative,
  • 3:17 - 3:19
    then amplified in social media
  • 3:19 - 3:22
    for lightning-speed adoption by the media.
  • 3:25 - 3:27
    This didn't ring the alarm bells
  • 3:27 - 3:32
    that a nation-state was trying
    to interfere with the credibility
  • 3:32 - 3:34
    of another's internal affairs.
  • 3:34 - 3:39
    So why, collectively,
    did we not see this coming?
  • 3:39 - 3:43
    Why did it take months
    before Americans understood
  • 3:43 - 3:47
    that they were under a state-sponsored
    information attack?
  • 3:48 - 3:50
    The easy answer is politics.
  • 3:50 - 3:54
    The Obama Administration was caught
    in a perfect catch-22.
  • 3:54 - 3:58
    By raising the specter that the Russian
    government was interfering
  • 3:58 - 4:01
    in the US presidential campaign,
  • 4:01 - 4:05
    the Administration risked appearing
    to meddle in the campaign itself.
  • 4:06 - 4:08
    But the better answer, I think,
  • 4:08 - 4:12
    is that the US and the West
    were utterly unequipped
  • 4:12 - 4:17
    to recognize and respond
    to a modern information operation,
  • 4:17 - 4:22
    despite the fact that the US
    had wielded information
  • 4:22 - 4:25
    with devastating success
    in an era not so long ago.
  • 4:26 - 4:30
    Look, so while the US and the West
    spent the last 20 years
  • 4:30 - 4:32
    caught up in cybersecurity --
  • 4:32 - 4:33
    what networks to harden,
  • 4:33 - 4:36
    which infrastructure to deem critical,
  • 4:36 - 4:40
    how to set up armies of cyber warriors
    and cyber commands --
  • 4:40 - 4:43
    Russia was thinking in far more
    consequential terms.
  • 4:45 - 4:49
    Before the first iPhone
    even hit the shelf,
  • 4:49 - 4:53
    the Russian government understood
    the risks and the opportunity
  • 4:53 - 4:55
    that technology provided
  • 4:55 - 4:59
    and the inter-communication
    and instant communication it provided us.
  • 5:00 - 5:04
    As our realities are increasingly
    based on the information
  • 5:04 - 5:06
    that we're consuming
    at the palm of our hand
  • 5:06 - 5:08
    and from the news feeds
    that we're scanning
  • 5:08 - 5:11
    and the hashtags and stories
    that we see trending,
  • 5:11 - 5:14
    the Russian government
    was the first to recognize
  • 5:14 - 5:16
    how this evolution
  • 5:16 - 5:21
    had turned your mind into the most
    exploitable device on the planet.
  • 5:23 - 5:25
    And your mind is particularly exploitable
  • 5:25 - 5:29
    if you're accustomed
    to an unfettered flow of information,
  • 5:29 - 5:33
    now increasingly curated
    to your own tastes.
  • 5:35 - 5:38
    This panorama of information
    that's so interesting to you
  • 5:38 - 5:44
    gives a state, or anyone for that matter,
    a perfect back door into your mind.
  • 5:45 - 5:49
    It's this new brand of state-sponsored
    information operations
  • 5:49 - 5:51
    that can be that much more successful,
  • 5:51 - 5:52
    more insidious,
  • 5:52 - 5:56
    and harder for the target audience --
    that includes the media --
  • 5:56 - 5:58
    to decipher and characterize.
  • 5:59 - 6:01
    If you can get a hashtag
    trending on Twitter,
  • 6:01 - 6:04
    or chum the waters with fake news
  • 6:04 - 6:06
    directed to audiences
    primed to receive it,
  • 6:07 - 6:09
    or drive journalists to dissect
    terabytes of email
  • 6:09 - 6:11
    for a cent of impropriety --
  • 6:11 - 6:14
    all tactics used in Russian operations --
  • 6:14 - 6:18
    then you've got a shot at effectively
    camouflaging your operations
  • 6:18 - 6:20
    in the mind of your target.
  • 6:22 - 6:26
    This is what Russia's long called
    "reflexive control."
  • 6:27 - 6:31
    It's the ability to use
    information on someone else
  • 6:31 - 6:33
    so that they make a decision
  • 6:33 - 6:34
    on their own accord
  • 6:34 - 6:36
    that's favorable to you.
  • 6:38 - 6:42
    This is nation-state-grade image control
    and perception management,
  • 6:42 - 6:45
    and it's conducted by any means,
  • 6:45 - 6:49
    with any tools, network-based
    or otherwise, that will achieve it.
  • 6:50 - 6:51
    Take this for another example.
  • 6:51 - 6:56
    In early February 2014, a few weeks
    before Russia would invade Crimea,
  • 6:56 - 6:58
    a phone call is posted on YouTube.
  • 6:58 - 7:01
    In it, there's two US diplomats.
  • 7:01 - 7:04
    They sound like they're playing
    kingmaker in Ukraine,
  • 7:04 - 7:08
    and worse, they curse the EU
    for its lack of speed and leadership
  • 7:08 - 7:09
    in resolving the crisis.
  • 7:10 - 7:13
    The media covers the phone call,
  • 7:13 - 7:16
    and then the ensuing diplomatic backlash
  • 7:17 - 7:20
    leaves Washington and Europe reeling.
  • 7:21 - 7:25
    And it creates a fissured response
    and a feckless attitude
  • 7:25 - 7:27
    towards Russia's land grab in Ukraine.
  • 7:28 - 7:30
    Mission accomplished.
  • 7:31 - 7:34
    So while hacked phone calls
    and emails and networks
  • 7:34 - 7:36
    keep grabbing the headlines,
  • 7:36 - 7:39
    the real operations are the ones
  • 7:39 - 7:42
    that are influencing
    the decisions you make
  • 7:42 - 7:43
    and the opinions you hold,
  • 7:43 - 7:47
    all in the service of a nation-state's
    strategic interest.
  • 7:48 - 7:50
    This is power in the information age.
  • 7:52 - 7:55
    And this information is all
    that much more seductive,
  • 7:55 - 7:59
    all that much easier to take
    at face value and pass on,
  • 7:59 - 8:00
    when it's authentic.
  • 8:01 - 8:06
    Who's not interested in the truth
    that's presented in phone calls and emails
  • 8:06 - 8:09
    that were never intended
    for public consumption?
  • 8:10 - 8:12
    But how meaningful is that truth
  • 8:12 - 8:14
    if you don't know why
    it's being revealed to you?
  • 8:16 - 8:20
    We must recognize that this place
    where we're increasingly living,
  • 8:20 - 8:22
    which we've quaintly termed "cyberspace,"
  • 8:22 - 8:25
    isn't defined by ones and zeroes,
  • 8:25 - 8:28
    but by information
    and the people behind it.
  • 8:29 - 8:32
    This is far more than a network
    of computers and devices.
  • 8:32 - 8:35
    This is a network composed of minds
  • 8:35 - 8:38
    interacting with computers and devices.
  • 8:39 - 8:41
    And for this network,
  • 8:43 - 8:46
    there's no encryption,
    there's no firewall,
  • 8:46 - 8:48
    no two-factor authentication,
  • 8:48 - 8:51
    no password complex enough to protect you.
  • 8:52 - 8:54
    What you have for defense
  • 8:54 - 8:58
    is far stronger, it's more adaptable,
    it's always running the latest version.
  • 8:59 - 9:02
    It's the ability to think critically:
  • 9:02 - 9:04
    call out falsehood,
  • 9:04 - 9:05
    press for the facts.
  • 9:07 - 9:11
    And above all, you must have the courage
  • 9:11 - 9:14
    to unflinchingly pursue the truth.
  • 9:16 - 9:21
    (Applause)
Title:
How (and why) Russia hacked the US election
Speaker:
Laura Galante
Description:

Hacking, fake news, information bubbles ... all these and more have become part of the vernacular in recent years. But as cyberspace analyst Laura Galante describes in this alarming talk, the real target of anyone looking to influence geopolitics is dastardly simple: it's you.
more » « less
Video Language:
English
Team:
closed TED
Project:
TEDTalks
Duration:
09:33

English subtitles

Revisions Compare revisions

Our website uses cookies for analysis purposes.