TED2017
Laura Galante: How (and why) Russia hacked the US election
Filmed:
Readability: 5.9
2,575,021 views
Hacking, fake news, information bubbles ... all these and more have become part of the vernacular in recent years. But as cyberspace analyst Laura Galante describes in this alarming talk, the real target of anyone looking to influence geopolitics is dastardly simple: it's you.
Laura Galante - Cyberspace analyst
Laura Galante profiles advanced cyber threats and network breaches and investigates the political, military and financial implications of cyber operations. Full bio
Laura Galante profiles advanced cyber threats and network breaches and investigates the political, military and financial implications of cyber operations. Full bio
Double-click the English transcript below to play the video.
00:13
Let's say you despise
0
1325
2238
00:15
Western democracy.
1
3587
1446
00:18
Democracy, in all its trappings,
2
6592
2212
00:20
free elections, town halls,
3
8828
2663
00:23
endless debates about
the proper role of government.
the proper role of government.
4
11515
2836
00:26
Too messy,
5
14375
1333
00:27
too unpredictable,
6
15732
1156
00:28
too constraining for your taste.
7
16912
1964
00:31
And the way these democracies
band together and lecture everyone else
band together and lecture everyone else
8
19711
4250
00:35
about individual rights and freedoms --
9
23985
2291
00:38
it gets under your skin.
10
26300
2040
00:41
So what to do about it?
11
29380
1444
00:44
You can call out the hypocrisy
and failures of Western democracies
and failures of Western democracies
12
32141
4538
00:48
and explain how your way is better,
13
36703
3229
00:51
but that's never really worked for you.
14
39956
2055
00:54
What if you could get the people
15
42716
2676
00:57
whose support is the very foundation
of these democracies
of these democracies
16
45416
3140
01:00
to start questioning the system?
17
48580
2592
01:04
Make the idea occur in their own minds
18
52442
2448
01:06
that democracy and its institutions
are failing them,
are failing them,
19
54914
4112
01:11
their elite are corrupt puppet masters
20
59050
2260
01:13
and the country they knew is in free fall.
21
61334
2766
01:17
To do that,
22
65783
1274
01:19
you'll need to infiltrate
the information spheres
the information spheres
23
67081
2998
01:22
of these democracies.
24
70103
1302
01:23
You'll need to turn
their most powerful asset --
their most powerful asset --
25
71429
3701
01:27
an open mind --
26
75154
1905
01:29
into their greatest vulnerability.
27
77083
1982
01:32
You'll need people to question the truth.
28
80088
2052
01:36
Now, you'll be familiar of hacking
and leaks that happened in 2016.
and leaks that happened in 2016.
29
84102
4742
01:40
One was the Democratic
National Committee's networks,
National Committee's networks,
30
88868
2822
01:43
and the personal email
accounts of its staff,
accounts of its staff,
31
91714
2831
01:46
later released on WikiLeaks.
32
94569
1853
01:49
After that, various online personas,
33
97024
2326
01:51
like a supposed Romanian cybercriminal
who didn't speak Romanian,
who didn't speak Romanian,
34
99374
4880
01:56
aggressively pushed news
of these leaks to journalists.
of these leaks to journalists.
35
104278
3506
02:00
The media took the bait.
36
108991
1796
02:02
They were consumed by how much
the DNC hated Bernie.
the DNC hated Bernie.
37
110811
3107
02:06
At the time, it was that narrative
that far outshined the news
that far outshined the news
38
114918
4240
02:11
that a group of Russian government
sponsored hackers
sponsored hackers
39
119182
3340
02:14
who we called "Advanced
Persistent Threat 28,"
Persistent Threat 28,"
40
122546
3233
02:17
or "APT28" for short,
41
125803
2581
02:20
was carrying out
these operations against the US.
these operations against the US.
42
128408
3057
02:24
And there was no shortage of evidence.
43
132192
2159
02:26
This group of Russian government hackers
hadn't just appeared out of nowhere
hadn't just appeared out of nowhere
44
134984
3718
02:30
in 2016.
45
138726
1164
02:31
We had started tracking
this group back in 2014.
this group back in 2014.
46
139914
3157
02:35
And the tools that APT28 used
to compromise its victims' networks
to compromise its victims' networks
47
143095
4881
02:40
demonstrated a thoughtful,
well-resourced effort
well-resourced effort
48
148000
3593
02:43
that had taken place for now over a decade
49
151617
2826
02:46
in Moscow's time zone
50
154467
1499
02:47
from about 9 am to 6 pm.
51
155990
1986
02:51
APT28 loved to prey on the emails
and contacts of journalists in Chechnya,
and contacts of journalists in Chechnya,
52
159095
5082
02:56
the Georgian government,
eastern European defense attachés --
eastern European defense attachés --
53
164201
3507
02:59
all targets with an undeniable interest
to the Russian government.
to the Russian government.
54
167732
4041
03:03
We weren't the only ones onto this.
55
171797
1960
03:05
Governments, research teams
across the world,
across the world,
56
173781
3417
03:09
were coming to similar conclusions
57
177222
1907
03:11
and observing the same
types of operations.
types of operations.
58
179153
2321
03:14
But what Russia was doing in 2016
59
182332
3108
03:17
went far beyond espionage.
60
185464
1914
03:20
The DNC hack was just one of many
where stolen data was posted online
where stolen data was posted online
61
188060
6618
03:26
accompanied by a sensational narrative,
62
194702
2254
03:28
then amplified in social media
63
196980
1938
03:30
for lightning-speed adoption by the media.
64
198942
2839
03:36
This didn't ring the alarm bells
65
204836
2542
03:39
that a nation-state was trying
to interfere with the credibility
to interfere with the credibility
66
207402
4491
03:43
of another's internal affairs.
67
211917
1924
03:45
So why, collectively,
did we not see this coming?
did we not see this coming?
68
213865
4662
03:51
Why did it take months
before Americans understood
before Americans understood
69
219111
3882
03:55
that they were under a state-sponsored
information attack?
information attack?
70
223017
4121
04:00
The easy answer is politics.
71
228456
1639
04:02
The Obama Administration was caught
in a perfect catch-22.
in a perfect catch-22.
72
230119
3923
04:06
By raising the specter that the Russian
government was interfering
government was interfering
73
234066
4398
04:10
in the US presidential campaign,
74
238488
2092
04:12
the Administration risked appearing
to meddle in the campaign itself.
to meddle in the campaign itself.
75
240604
4261
04:17
But the better answer, I think,
76
245992
2055
04:20
is that the US and the West
were utterly unequipped
were utterly unequipped
77
248071
3853
04:23
to recognize and respond
to a modern information operation,
to a modern information operation,
78
251948
4654
04:28
despite the fact that the US
had wielded information
had wielded information
79
256626
5112
04:33
with devastating success
in an era not so long ago.
in an era not so long ago.
80
261762
3185
04:38
Look, so while the US and the West
spent the last 20 years
spent the last 20 years
81
266284
3894
04:42
caught up in cybersecurity --
82
270202
1554
04:43
what networks to harden,
83
271780
1495
04:45
which infrastructure to deem critical,
84
273299
2309
04:47
how to set up armies of cyber warriors
and cyber commands --
and cyber commands --
85
275632
3993
04:51
Russia was thinking in far more
consequential terms.
consequential terms.
86
279649
3733
04:57
Before the first iPhone
even hit the shelf,
even hit the shelf,
87
285322
3327
05:00
the Russian government understood
the risks and the opportunity
the risks and the opportunity
88
288673
4473
05:05
that technology provided
89
293170
1425
05:06
and the inter-communication
and instant communication it provided us.
and instant communication it provided us.
90
294619
4411
05:12
As our realities are increasingly
based on the information
based on the information
91
300491
3217
05:15
that we're consuming
at the palm of our hand
at the palm of our hand
92
303732
2356
05:18
and from the news feeds
that we're scanning
that we're scanning
93
306112
2253
05:20
and the hashtags and stories
that we see trending,
that we see trending,
94
308389
2966
05:23
the Russian government
was the first to recognize
was the first to recognize
95
311379
2927
05:26
how this evolution
96
314330
1875
05:28
had turned your mind into the most
exploitable device on the planet.
exploitable device on the planet.
97
316229
4789
05:34
And your mind is particularly exploitable
98
322954
2464
05:37
if you're accustomed
to an unfettered flow of information,
to an unfettered flow of information,
99
325442
3775
05:41
now increasingly curated
to your own tastes.
to your own tastes.
100
329241
3279
05:47
This panorama of information
that's so interesting to you
that's so interesting to you
101
335244
2891
05:50
gives a state, or anyone for that matter,
a perfect back door into your mind.
a perfect back door into your mind.
102
338159
5946
05:56
It's this new brand of state-sponsored
information operations
information operations
103
344978
3678
06:00
that can be that much more successful,
104
348680
2135
06:02
more insidious,
105
350839
1302
06:04
and harder for the target audience --
that includes the media --
that includes the media --
106
352165
4086
06:08
to decipher and characterize.
107
356275
1784
06:10
If you can get a hashtag
trending on Twitter,
trending on Twitter,
108
358702
2193
06:12
or chum the waters with fake news
109
360919
3115
06:16
directed to audiences
primed to receive it,
primed to receive it,
110
364058
2441
06:18
or drive journalists to dissect
terabytes of email
terabytes of email
111
366523
2877
06:21
for a cent of impropriety --
112
369424
1975
06:23
all tactics used in Russian operations --
113
371423
2642
06:26
then you've got a shot at effectively
camouflaging your operations
camouflaging your operations
114
374089
4291
06:30
in the mind of your target.
115
378404
1804
06:33
This is what Russia's long called
"reflexive control."
"reflexive control."
116
381867
3832
06:38
It's the ability to use
information on someone else
information on someone else
117
386849
3782
06:42
so that they make a decision
118
390655
2184
06:44
on their own accord
119
392863
1551
06:46
that's favorable to you.
120
394438
1543
06:50
This is nation-state-grade image control
and perception management,
and perception management,
121
398291
4079
06:54
and it's conducted by any means,
122
402394
2318
06:56
with any tools, network-based
or otherwise, that will achieve it.
or otherwise, that will achieve it.
123
404736
4299
07:01
Take this for another example.
124
409811
1430
07:03
In early February 2014, a few weeks
before Russia would invade Crimea,
before Russia would invade Crimea,
125
411265
4953
07:08
a phone call is posted on YouTube.
126
416242
2229
07:10
In it, there's two US diplomats.
127
418495
2375
07:12
They sound like they're playing
kingmaker in Ukraine,
kingmaker in Ukraine,
128
420894
3194
07:16
and worse, they curse the EU
for its lack of speed and leadership
for its lack of speed and leadership
129
424112
3443
07:19
in resolving the crisis.
130
427579
1586
07:22
The media covers the phone call,
131
430067
2459
07:24
and then the ensuing diplomatic backlash
132
432550
3338
07:29
leaves Washington and Europe reeling.
133
437183
2335
07:32
And it creates a fissured response
and a feckless attitude
and a feckless attitude
134
440962
4079
07:37
towards Russia's land grab in Ukraine.
135
445065
2130
07:40
Mission accomplished.
136
448118
1535
07:42
So while hacked phone calls
and emails and networks
and emails and networks
137
450648
3380
07:46
keep grabbing the headlines,
138
454052
2046
07:48
the real operations are the ones
139
456122
2634
07:50
that are influencing
the decisions you make
the decisions you make
140
458780
2808
07:53
and the opinions you hold,
141
461612
1818
07:55
all in the service of a nation-state's
strategic interest.
strategic interest.
142
463454
3874
07:59
This is power in the information age.
143
467944
2011
08:03
And this information is all
that much more seductive,
that much more seductive,
144
471527
3444
08:06
all that much easier to take
at face value and pass on,
at face value and pass on,
145
474995
3787
08:10
when it's authentic.
146
478806
1382
08:12
Who's not interested in the truth
that's presented in phone calls and emails
that's presented in phone calls and emails
147
480877
5394
08:18
that were never intended
for public consumption?
for public consumption?
148
486295
2851
08:22
But how meaningful is that truth
149
490241
1754
08:24
if you don't know why
it's being revealed to you?
it's being revealed to you?
150
492019
2440
08:27
We must recognize that this place
where we're increasingly living,
where we're increasingly living,
151
495966
4188
08:32
which we've quaintly termed "cyberspace,"
152
500178
2285
08:34
isn't defined by ones and zeroes,
153
502487
2206
08:36
but by information
and the people behind it.
and the people behind it.
154
504717
2989
08:40
This is far more than a network
of computers and devices.
of computers and devices.
155
508828
3143
08:43
This is a network composed of minds
156
511995
3152
08:47
interacting with computers and devices.
157
515171
2399
08:50
And for this network,
158
518950
1901
08:54
there's no encryption,
there's no firewall,
there's no firewall,
159
522628
3381
08:58
no two-factor authentication,
160
526033
1723
08:59
no password complex enough to protect you.
161
527780
2876
09:03
What you have for defense
162
531568
2414
09:06
is far stronger, it's more adaptable,
it's always running the latest version.
it's always running the latest version.
163
534006
4447
09:11
It's the ability to think critically:
164
539310
2925
09:14
call out falsehood,
165
542259
1719
09:16
press for the facts.
166
544002
1427
09:18
And above all, you must have the courage
167
546802
4193
09:23
to unflinchingly pursue the truth.
168
551019
2948
09:27
(Applause)
169
555752
5038
ABOUT THE SPEAKER
Laura Galante - Cyberspace analystLaura Galante profiles advanced cyber threats and network breaches and investigates the political, military and financial implications of cyber operations.
Why you should listen
Laura Galante analyzes how states use cyberspace, or more precisely, our information space. She describes a domain where militaries, intelligence services, criminal groups and individuals actively pursue their interests -- with far fewer restraints than in the physical world.
A leading voice on information operations and intelligence analysis, she founded Galante Strategies in spring 2017 to assist governments and corporations in recognizing and responding to cyber and information threats.
Galante previously served as Director of Global Intelligence at FireEye where her teams investigated network activity, profiled advanced cyber threats and portrayed the political, military and financial implications of cyber operations. A founding member of Mandiant Intelligence, her work has included leading strategic analysis, developing intelligence capabilities and offerings and directing intelligence publications including APT28: A Window into Russia's State Cyber Espionage; Red Line Drawn: China Recalculates its Use of Cyber Espionage and Hacking the Street? FIN4 Likely Playing the Market among others.
In November 2016, Galante spoke at the UN Security Council's meeting on cybersecurity and international peace and security. She frequently appears on and provides commentary to CNN, Bloomberg, NPR, BBC, Fox News, the New York Times, the Financial Times, The Wall Street Journal, Reuters, the Associated Press and other global and industry media.
Prior to her work at FireEye and Mandiant, Galante led a contractor team analyzing cyber capability development and military doctrine at the US Department of Defense. She supported the 2010 US-Russia bilateral information security talks.
Galante holds a J.D. from the Catholic University of America and a BA in Foreign Affairs and Italian from the University of Virginia.
Laura Galante | Speaker | TED.com