Photographer: Chris Ratcliffe/Bloomberg

Cyberattacks Lay Bare Our Lack of Knowledge

Hey there. Jordan Robertson here. I cover cybersecurity in Washington D.C. 

This week, a new cyberattack wave is hitting companies across the globe. We're probably going to see more of these and a lot of headlines about a new era of nefarious wrongdoers demanding ransom from people and businesses.

But that shouldn't distract from what's going on with U.S. investigations into Russia's hacking of the 2016 presidential election. Many of you may have seen a piece we published earlier this month: 'Russian Cyber Hacks on U.S. Electoral System Far Wider Than Previously Known'

The Senate Intelligence Committee that's looking into Russian meddling in the election held a hearing based on the story and to push the U.S. government for answers on why the true scope of the attacks that we reported was not previously disclosed. 

In the hearing, the Department of Homeland Security confirmed investigations into 21 state election-system attacks; we reported that 39 states experienced attacks on voter registration, campaign finance and other election-related databases. DHS has declined to be more specific about how they're defining election systems, but they did tell us that the 21 number doesn't include all types of attacks or targets. 

So what does this all mean for the ongoing investigations into President Donald Trump and crucially, for the mid-term elections next year and the next presidential contest in 2020?

While we're continuing our reporting on this subject, one thing is becoming clearer: there's a big gap between what the U.S. government knows about attacks on our electoral system and what the states know. 

Many states, responding to inquiries from the media, have denied ever receiving any information about infections or attacks on their systems from DHS or other U.S. agencies. That doesn't bode well for our election systems. 

While it's reasonable for the government to keep certain attack data classified while the FBI and NSA continue to probe, if the U.S. wants to get serious about protecting its electoral infrastructure, states and counties are the front line, and they need all the information they can get. That doesn't appear to be happening now. 

Representatives of the FBI and DHS declined to offer more specifics about which states were targeted, despite repeated questioning from senators. They cited confidentiality agreements.

What I've learned covering this issue of election hacks and the topic of cybersecurity in general is it's easy to be lulled into a sense of complacency because you're not seeing overt malicious hacking activity. 

In cybersecurity, absence of evidence is not evidence of absence. It's hard to find skilled hackers who've infiltrated a network. It takes concerted effort and money. And in this case, a lot of help from the feds. 

As the federal investigations deepen into possible ties between Russia and President Trump or people around him, it's easy to lose sight of the fact that the U.S. has another round of major elections just a year and a half away. It's to everyone's benefit that states and especially counties, which actually run elections and would be most impacted by hacking, have better defenses the next time. 

Sign up to receive the Fully Charged newsletter in your inbox, and follow Bloomberg Technology on Twitter and Facebook for more.

And here's what you need to know in technology news

As the new cyberattack ripples across the globe, it's becoming clearer that ransomware  is becoming a preferred method for hackers. It's a sign that they are becoming a routine risk of doing business, as other forms of attacks get less profitable. 

Google got hit with a $2.7 billion record fine by European antitrust authorities for skewing results to the detriment of smaller shopping search rivals. Here's a look at how actually works in practice. Worse, the fine could be start of a more troubling phase, with more scrutiny down the road. 

China's tech titans are taking their expensive battle with each other into the travel space. Meituan, which has funding from Tencent, is getting ready to spend hundreds of millions of dollars over 3-5 years to unseat leader Ctrip, backed by Baidu. Also targeting the space is e-commerce juggernaut Alibaba. At stake is a piece of the country’s on-demand services economy

Toshiba is suing Western Digital for $1.1 billion, escalating a legal tussle between the companies. The U.S. memory storage manufacturer says Toshiba's push to sell its memory chip business is violating an agreement between them. Toshiba said in its lawsuit that Western Digital is interfering in the sale.  

2 billion. That's how many people use Facebook each month. That represents about a quarter of the world's population. Mark Zuckerberg says the company's priority is now shifting to bringing the world closer together.

    Quotes from this Article
    Before it's here, it's on the Bloomberg Terminal.