I am deeply troubled by recent events in which attackers appear to target U.S. diplomats with the purpose of causing them debilitating health symptoms. These symptoms include dizziness, headache, fatigue, nausea, anxiety, cognitive difficulties and memory loss. This illness has been dubbed “Havana Syndrome” because it was first experienced by U.S. State Department personnel stationed in Cuba beginning in late 2016.
We are observing a similar pattern of brazen and sophisticated attacks on our public officials in the digital world. One type of attack we are increasingly seeing involves attackers using “botnets,” large, coordinated groups of compromised computing devices that attackers direct to attack specific targets, often websites. Attackers are now using sophisticated botnets to scrape government websites for the personal information of U.S. officials. The attackers then use the scraped data to blackmail or phish public officials. Artificial intelligence (AI)-controlled bots can hit vast numbers of sites at lightening speeds and enable attackers to target specific individuals who are likely to have access to sensitive government information. If officials are successfully phished, attackers can steal credentials and potentially access sensitive government information and platforms.
We are also seeing a major uptick in the impersonation or takeover of public officials’ social media accounts by bad actors. While an account takeover would be a frustrating nuisance to most of us, the takeover of a high-level public official’s social media account could have real world security or economic impacts.
We saw a hint of how extensive this threat could be last year, when the Twitter accounts of many public figures, including former President Barack Obama and President Joe Biden were compromised. While attackers only leveraged their position to promote a Bitcoin scam, one could easily see how this could be used for more nefarious and harmful purposes. For example, an account takeover or a convincing impersonation of a Federal Reserve official could potentially result in disinformation that impacts global stock markets.
Solutions that can help mitigate these digital threats against our public officials exist today. One such technology leverages insights gained from monitoring global internet traffic and applications to prevent malicious bots from scraping data from government websites, as well as other malicious activities. The data yielded by this technology can be leveraged by national and international law enforcement to pursue the criminal groups behind these bots, sometimes allowing them to “take down” networks of malicious bots and even identify the attackers that control them. Another applicable technology leverages artificial intelligence and machine learning (AIML) to detect social media threats in real-time and at scale. This technology can disrupt fraudulent activity and even take down impersonated social media accounts.
The cybersecurity industry and the U.S. government must work together to quickly incorporate cutting edge solutions like these into our arsenal for defending our public officials.
I am not suggesting that the cyberattacks on U.S. officials we have observed thus far should be put on the same level as the mysterious attacks that are causing Havana Syndrome, which have resulted in severe and potentially permanent health consequences for our diplomats. But looking at these two different types of attacks together allows us to see a more complete picture of the totality of the threat aimed at our public officials.
While the State Department and other U.S. agencies determine the root cause of Havana Syndrome, we in the technology and cybersecurity industry will continue to focus our efforts on developing technologies able to thwart digital attacks against our public officials and ensure their critical missions are preserved.
Dave DeWalt is founder and managing director of NightDragon, an investment and advisory firm focused on growth and late-stage companies within the cybersecurity, safety, security and privacy industries. He previously served as president and CEO of Documentum, McAfee and FireEye. He also serves as managing director of Allegis Cyber, executive chairman of M&A advisory firm Momentum Cyber as well as investor and board member in some of the world’s most innovative companies.