Cyber Aggression Takes A Back Seat To Other Presidential Campaign Issues

Oct 21, 2016
Originally published on October 21, 2016 1:24 pm

Cybersecurity has plagued this presidential election like no other in U.S. history. Earlier this week, the Obama administration indicated its plans to retaliate against Russia, in some way, for cyberattacks. Hacking came up, again, in the final presidential debate. Yet neither candidate is offering a roadmap for what to do on aggression, or how to handle foreign hackers.

Let's revisit the last debate. Hillary Clinton brings up hacking. She says the Russian government has engaged in espionage against Americans, feeding Wikileaks. And she puts forth this question: "Finally will Donald Trump admit and condemn that the Russians are doing this?"

She wants Trump, who's been drumming up fears about rigged elections, to acknowledge that Vladimir Putin is trying to rig the election using cyber attacks.

Trump deflects at first, saying, "She doesn't like Putin because Putin has outsmarted her at every step of the way."

When pressed by moderator Chris Wallace, the Republican nominee says it's not OK to hack in that way: "Of course I condemn. Of course."

"It's easy for Trump to condemn these attacks," says Tom Cross, chief technology officer at Drawbridge Networks who says he is politically an independent. "But it would have been more interesting, if Trump really wanted to go after Hillary Clinton, to ask her: What are we going to do to stop these things? And what are you doing to stop these things, particularly given that a lot organizations she's associated with were the targets of these attacks?"

He's giving advice to Trump. The intelligence community says Russia is hacking. So, Cross says, questioning that looks "silly." Trump could instead turn the tables and ask Clinton not just about the missing emails from her private server, but what she did (and failed to do) to protect her entire staff at the State Department from foreign hackers.

Both candidates have written positions on cybersecurity. Cross says they both read like "milquetoast," making points like: We must audit our systems to look for vulnerabilities.

"They are stating in different words essentially things that the United States government is already doing," he says.

Imagine an election in which the candidates took on the real issues.

Herb Lin, a senior research scholar at Stanford's Hoover Institution, is a Republican (who says he will not vote for Trump). He says in 2016, we need a leader who can think through cyber strategy with some basic literacy. With Russia, the U.S. could: hack back, maybe try to take down Russia's electric grid; leak embarrassing secrets about Putin; impose economic sanctions.

Lin says a good leader would think through each action and the reaction from adversaries. "Are they going to just cry uncle when we respond? And say oh we've seen the error of our ways. That is unlikely," he says. "The question is how can you persuade them to back off of what they're doing?"

Lin compares today's discussion of cybersecurity — on and off the campaign trail — to the nuclear debate in the 1950s.

Back then, the U.S. was well aware of its immense power with that cutting-edge technology. But policymakers weren't sure what to do with it. President Dwight D. Eisenhower even said there's no reason nukes shouldn't be used "just exactly" as you'd use a rifle.

"No serious commander-in-chief would say that today," Lin says. "Nuclear weapons are really special. They're a really different kind of weapon."

We've evolved in our strategic thinking with nukes — but, Lin says, our leaders' thinking on cyber weapons is in its "infancy." And so, candidates talk a fair amount about hacking — but not about how to solve it as a policy problem.

Susan Landau, a cybersecurity policy professor at Worcester Polytechnic Institute and a Democrat, makes another observation about why the cybersecurity debate has remained so vague, at least for one candidate, on the trail.

"I think there is an underlying issue [that] Secretary Clinton is avoiding — I'm not sure it's hit the radar for Donald Trump — and that's the encryption issue," she says.

Back in the 1990s, Bill Clinton's administration advocated a technology called the Clipper Chip, that would give the federal government a so-called backdoor into encrypted communications. The effort met resistance and ultimately failed. And Landau says, it's baggage for Secretary Clinton.

"She's probably been burned once," Landau says, "and is aware that the issue is problematic, and particularly problematic in California where the tech company strongly supports the deployment of strong encryption."

While encryption is a fundamental issue in the policy debate — and a recent standoff between Apple and the FBI make it a high profile issue — it is in Clinton's interests, Landau says, to not spell out her position and alienate herself from a tech sector that otherwise supports her.

Copyright 2016 NPR. To see more, visit http://www.npr.org/.

RENEE MONTAGNE, HOST:

Cybersecurity has plagued this presidential election like no other in U.S. history. Earlier this week, the Obama administration indicated its plans to retaliate against Russia in some way for cyberattacks. Hacking came up again in the final presidential debate, yet neither candidate is offering a roadmap for what to do on cyber aggression or how to handle foreign hackers. NPR's Aarti Shahani explains.

AARTI SHAHANI, BYLINE: Let's revisit the last debate. Hillary Clinton brings up hacking. She says the Russian government has engaged in espionage against Americans, feeding WikiLeaks. And she puts forth a question.

(SOUNDBITE OF ARCHIVED RECORDING)

HILLARY CLINTON: Finally, will Donald Trump admit and condemn that the Russians are doing this?

SHAHANI: She wants Trump, who's been drumming up fears about rigged elections, to acknowledge that Vladimir Putin is trying to rig the election using cyberattacks. Trump deflects at first.

(SOUNDBITE OF ARCHIVED RECORDING)

DONALD TRUMP: She doesn't like Putin because...

CHRIS WALLACE: Mister...

TRUMP: ...Putin has outsmarted her at every step...

WALLACE: Mr. Trump, I...

TRUMP: ...Of the way.

SHAHANI: When pressed by moderator Chris Wallace, the Republican nominee says it's not OK to hack that way.

(SOUNDBITE OF ARCHIVED RECORDING)

TRUMP: Of course I condemn - of course I can - I don't know Putin.

TOM CROSS: It's easy for Trump to condemn these attacks.

SHAHANI: Cybersecurity expert Tom Cross, who is an independent, has advice for Trump.

CROSS: But it would have been more interesting, if Trump really wanted to go after Hillary Clinton, to ask her, you know, what are we going to do to stop these things? And what are you doing to stop these things, particularly given that a lot of organizations that she's associated with were the targets of these attacks.

SHAHANI: The intelligence community says Russia is hacking. So, Cross says, it looks silly for Trump to question that finding. Trump could instead turn the tables and ask Clinton not just - hey, where are those missing emails? - from her private server - but, hey, what did you do to protect your entire staff at the State Department from foreign hackers?

Both candidates have written positions on cybersecurity and, Cross says, both read like milquetoast - make points like, we must audit our systems to look for vulnerabilities.

CROSS: They're stating, in different words, essentially things that the United States government is already doing.

SHAHANI: Imagine an election in which the candidates took on the real issues. Stanford professor Herb Lin is a Republican who says he will not vote for Trump. And he says, in 2016, we need a leader who can think through cyber strategy with some basic literacy. With Russia, the U.S. could hack back, maybe try to take down Russia's electric grid, leak embarrassing secrets about Putin, impose economic sanctions. Lin says a good leader could think through each action and the reaction from adversaries.

HERB LIN: Are they going to just cry uncle when we respond and say - oh, no, no, we've seen the error of our ways - we're not going to do this anymore? That is unlikely. The question is, how can you persuade them to back off of what they're doing?

SHAHANI: Lin compares today's discussion of cybersecurity, on and off the campaign trail, to the nuclear debate back in the 1950s. Back then, the U.S. was well aware of its immense power with that cutting-edge technology. But policymakers weren't sure what to do with it. President Eisenhower said there is no reason nukes shouldn't be used just exactly as you'd use a rifle.

LIN: No serious commander in chief would say that today. Nuclear weapons are really special. They're a really different kind weapons.

SHAHANI: We've evolved in our strategic thinking with nukes. Lin says our leaders' thinking on cyberweapons is in its infancy. And so, on the campaign trail, candidates talk a fair amount about hacking but not about how to solve it as a policy problem.

Aarti Shahani, NPR News.

(SOUNDBITE OF DJ PAYPAL'S "AWAKENING") Transcript provided by NPR, Copyright NPR.