Special operators describe an overlooked vulnerability highlighted in the Capitol Hill riot
- The FireEye hack and the rioters who breached Capitol Hill were two more visible signs of a growing conflict in cyberspace being waged by state actors and private individuals.
- Government and private entities, high-profile officials, and everyday people are all targets in that conflict, but there are many things that they can do to improve their security online and in real life.
As the turbulent 2020 came to an end, US officials discovered that Russian intelligence had penetrated the US's cyber armor for months without anyone noticing.
In December, FireEye, a private cybersecurity firm, revealed that Russian hackers had stolen hacking tools the company used during "Red Team" evaluations, which are used in the military and intelligence communities to test security and find potential vulnerabilities by simulating attacks.
FireEye's discovery triggered an avalanche of revelations about the Russian intrusion. The NSA, FBI, Department of Homeland Security, and US Cyber Command were all caught unawares.
The Pentagon, several intelligence agencies, nuclear laboratories, and numerous Fortune 500 companies were compromised at varying degrees. US officials are still trying to determine the extent of the damage.
To make matters worse, in early January, during the intrusion in the Capitol, sensitive systems were stolen, including a laptop belonging to House Speaker Nancy Pelosi.
These are just the most recent and pronounced examples of an undeclared conflict in the cyber domain between the US and its near-peer adversaries, primarily Russia, which runs parallel to the competition between those adversaries, conducted by state and private actors, taking place around the world.
An ounce of prevention is worth a pound of care
When it comes to tapping a government device in order to access sensitive networks and obtain classified information, there are many moving parts. The placement, accessibility, and vulnerability of a device or network play a big part.
"It really depends on how accessible the device or network is and [on] the methods used by the malign actors," Jonathan, a former officer with joint special-operations and intelligence experience, told Insider.
"For example, take the recent intrusion in the Capitol building, where we have news that the FBI feared a rioter who stole House Speaker Nancy Pelosi's laptop from her office may have intended to sell it to Russian security services," Jonathan added.
"This makes a great case for both physical and digital security, an even more critical undertaking given the proliferation of mobile devices these days. You can't have one without the other."
Everyone's concern
Digital security challenges often spill over from the military and intelligence domains into personal lives. Cyberstalking, cyberbullying, cybercrime, digital coercion, and doxxing - the unsolicited sharing of personal information - are a reality for many in an era of unprecedented connectivity.
Signature Management Unit (SMU), a risk, security, and intelligence consulting firm led by former special-operations and intelligence professionals, recently released a digital security guide that companies and private citizens alike can use to boost their cyber defenses.
Featuring six threat scenarios, ranging from cyberstalking to foreign intelligence, and 31 simple techniques, the guide arms those seeking to take their digital security to another level with the knowhow to do so. The authors' special-operations and intelligence background adds a refreshing level of authenticity.
"We recognize that obtaining a timely, holistic, and coherent understanding of how to approach individual digital security and privacy is difficult and potentially inaccessible to the layman," the authors write. "However, these matters do not just concern government spies, murky organizations, or those conducting corporate espionage."
Some of the guide's key takeaways for public and private audiences are the importance of preemptive action, physical security, situational awareness, and a layered defense plan.
Even if a person is concerned that their data or devices have been compromised, there are still steps that can minimize the damage.
"For starters, don't let your devices fall into the wrong hands - this could be leaving it unattended in a coffee shop or not letting it out of your sight when crossing a border, and everywhere in between," Jonathan added.
"[Also] ensure your devices are fully encrypted, and limit unauthorized users from being able to access them physically through the lightning USB port (phones) or by messing with your firmware/boot options," Jonathan said. "Use tools like the 'Find my iPhone' feature enabled which provides you with a remote wipe option should it be required."
When it comes to personal devices, measures like two-factor authentication, fairly complex passwords, and network security are important.
The commercial aspect of digital security is perhaps as important and concerns a larger audience since companies and private citizens are also on the "target deck."
"While malign nation states like Russia are a serious threat, we also have the insidious and less visible threat from corporate big-data companies (and many others like Lexis Nexis, Oracle) such as Google and Facebook, who traffic the sale of individual data for profit that results from targeted advertising," Jonathan told Insider. "We should all be advocates of the right to privacy and severely limiting others' ability to profit from the sale of your personal data."
Although the extent of the Russian cyberattacks is yet to be determined, malign actors working on behalf of Moscow have shown that digital security threats are real and not only concern the military and intelligence communities but private citizens as well.
Stavros Atlamazoglou is a defense journalist specializing in special operations, a Hellenic Army veteran (National Service with the 575th Marine Battalion and Army HQ), and a Johns Hopkins University graduate.