TAMPA — The emails and documents released by the group WikiLeaks are likely part of an effort by Russia to expand its global influence, a cyber security expert said Tuesday at MacDill Air Force Base.
Russia "has been engaged very effectively in modern military warfare," said Mark Maybury, former chief scientist with the U.S. Air Force and now vice president with the federally sponsored, nonprofit research and development firm the MITRE Corp.
Maybury cited the example of Crimea, the region claimed by both Ukraine and Russia, where Russians were "engaged in information operations, cyber operations and deception operations."
The latest target, he told the Tampa Bay Times, may be the contentious U.S. presidential election, and the latest weapon — Hillary Clinton's emails — may have been delivered to WikiLeaks, the media organization founded by Julian Assange that works to publish censored or restricted material.
WikiLeaks has released emails and an archive of 30,322 attachments sent to and from Clinton's private email server while the Democratic presidential nominee was secretary of state. Available evidence, Maybury said, supports the view held by U.S. intelligence agencies that the hacks originated from Russia.
"They are trying to influence the election, in my humble opinion," Maybury said, acknowledging that he is extrapolating on publicly available information.
Republican nominee Donald Trump may be the answer.
Russian President Vladimir Putin might "believe that one party or the other would be preferential to his national security interest," said Maybury, keynote speaker at Tuesday's Cyber Ready 2016 Cybersecurity Conference at MacDill. "Maybe he sees Trump as a powerful economic force in the way he is a powerful economic force."
Or, he said, it could be part of an information operation to "keep people focused on things at home" in the United States and sow confusion at a time when relations between the two nations are at their lowest point in 40 years. Russia and the United States are at odds over Crimea, other parts of Ukraine and Eastern Europe and the civil war in Syria.
Putin's rationale, Maybury said, may be that if a WikiLeaks dump "undermines, dissuades and confuses, that's okay."
Maybury is a former Air Force officer, an expert in artificial intelligence and author of 10 books who worked on World Trade Center rescue and recovery efforts after the 2001 terrorist attacks.
The conference at MacDill, attended by about 100 cyber security experts and interested parties from industry, government and the military, was put on by organizations including the National Cyber Partnership, the Florida Chamber Foundation and the Tampa Bay Innovation Alliance.
Designed to help fill a gap in cyber security jobs, estimated at 50,000 in Florida alone, the conference delved into U.S. cyber vulnerabilities and offered some solutions. Among them: Keep critical data off the network, increase training, improve firewalls, scrutinize vendors and others with access to systems, and maintain virus protection.
Keep up with Tampa Bay’s top headlines
Subscribe to our free DayStarter newsletter
You’re all signed up!
Want more of our free, weekly newsletters in your inbox? Let’s get started.Explore all your options
Panelists including Phil DuMas, director of research and program development for the National Security Partnership, discussed a wide range of cyber attack cases, including one from May at a law firm specializing in international patent and copyright law.
The attack, likely by a "state actor" that DuMas would not name, shows the lengths hackers go to and the surprising vulnerabilities they find.
The law firm, which he would also not name, had taken every security precaution possible, including encrypting data, keeping a secure firewall, and making a routine of running antivirus scans. Yet the firm discovered someone had entered its system and injected ransomware — a virus that encrypts data, preventing owners from using it without paying a "ransom."
In this case, attackers locked up five months worth of data, DuMas said. But they never asked for any ransom.
"They just encrypted the data so the law firm couldn't use it in cases," said DuMas, whose organization, one of the conference sponsors, is investigating the case.
The attack grew into a high-tech whodunit as investigators from law enforcement and his company tried to find how it occurred. Eventually, they learned that the entry point was the home-built server of a janitorial company working in a nearby building.
Contact Howard Altman at email@example.com or (813) 225-3112. Follow @haltman