Election campaigns targetted by hackers
Now that the 2008 US election is over, the Newsweek reports from reporters embedded in the campaign are coming out.
The top cyber-security news is that the Obama campaign was successfully penetrated by some form of Trojan and files uploaded from the machine.
While the source of this particular attack is unknown, and will probably remain so, the potential has been demonstrated. What might well have been an opportunistic attack in 2008 will almost certainly be followed by well planned and executed plans in the 2012 campaigns.
Even though the machines in question would not have stored classified information, the potential for manipulating policy through an IT compromise of a campaign is in some ways more significant than an IT compromise at (say) the state department.
The risk is not so much that a foreign power might change the outcome of the election than that they might influence the policy platform that the campaign runs on. Once an administration is formed, the apparatus of policy formation is slow and cumbersome, it takes a great deal to blow it off course. But during a campaign, the smallest of gusts can capsize a vessel with the right timing. Even though campaign promises are not the same thing as policy, there is a definite connection.
The bottom line is that security of campaign communications matters at least as much as security of administration communications. And this is only one example of the fact that in the Internet age, national security rests on the whole information infrastructure and not just the tiny fraction that is run by the government.
