Cyber Attacks on the Campaign Trail

It is rare for the key topics typically covered in this blog -- cybercrime and computer security -- to be wielded as talking points by a major presidential candidate. But in a foreign policy speech last week, presumptive Republican Party presidential nominee John McCain cited cyber attacks from Russia as a reason for strengthening NATO and for excluding Russia from the Group of Eight.

The reference to cyber attacks came in remarks McCain made at the Los Angeles World Affairs Council, wherein he argued that the future of the transatlantic relationship lies in confronting the challenges of the 21st century worldwide, such as "developing a common energy policy, creating a transatlantic common market tying our economies more closely together, addressing the dangers posed by a revanchist Russia, and institutionalizing our cooperation on issues such as climate change, foreign assistance, and democracy promotion."

McCain continued:

"We should start by ensuring that the G-8, the group of eight highly industrialized states, becomes again a club of leading market democracies: it should include Brazil and India but exclude Russia. Rather than tolerate Russia's nuclear blackmail or cyber attacks, Western nations should make clear that the solidarity of NATO, from the Baltic to the Black Sea, is indivisible and that the organization's doors remain open to all democracies committed to the defense of freedom." (emphasis added)

When I first read that quote I assumed McCain was addressing the larger issue of Russian organized crime in fueling a sizeable portion of the cyber criminal activity today, from spamming and phishing to virus writing and online extortion. But Randy Scheunemann, one of the McCain campaign's foreign policy advisers, said McCain was specifically addressing last year's week-long volley of cyber attacks against Estonia, one of Europe's most-wired nations.

That attack, which briefly knocked large swaths of the country's key digital systems offline, was widely alleged to have originated in Russia. Some have alleged that the attack came at the direction of the Russian government, which was upset over Estonia's relocation of a Soviet war memorial. Russian officials have denied any government involvement.

"Senator McCain believes there needs to be a much more forthright discussion about a range of challenges posed by Moscow, including their role in cyber attacks on a NATO ally in Estonia," Scheunemann said.

Of course, the foot soldiers in the Estonian cyber attack were almost certainly many thousands of "bots," personal computers that cyber crooks control remotely for a variety of criminal aims, only one facet of which are these types of distributed denial of service (DDoS) attacks. Still, it is nice to see cyber crime being raised to the level of attention I believe it deserves, which is to say the level of national defense and economic trade treaties and negotiations.

Now, would any of the presidential hopefuls care to discuss their intent to address identity fraud, a problem that affects tens of millions of Americans annually?

What about you, dear Security Fix readers? Sound off in the comments below on the tech issues you'd like to hear more about from the presidential candidates.

By Brian Krebs |  March 31, 2008; 3:08 PM ET Fraud , From the Bunker , U.S. Government
Previous: Happy 3rd Birthday To Security Fix | Next: April Fool's Day Warning, And Some Fun

Posted by: Bartolo | March 31, 2008 4:36 PM

Posted by: rhenley | March 31, 2008 10:36 PM

Posted by: TJ | April 1, 2008 12:41 AM

Posted by: Robert17 | April 1, 2008 8:20 AM

Posted by: Heron | April 1, 2008 10:01 PM

Posted by: TJ | April 2, 2008 9:20 AM

Posted by: Pete from Arlington | April 2, 2008 4:03 PM

Posted by: Todd | April 25, 2008 10:01 PM

Name:

Comments: