Members of congress are demanding answers over claims that Russia attempted to influence the U.S. presidential election with several high-profile hacks. U.S. intelligence agencies are confident that the Kremlin was involved, but incoming president Donald Trump remains skeptical.
As they prepare to investigate, here’s some questions lawmakers should be asking to help them understand and respond to these hacks.
What evidence do we have proving Russia’s involvement?
Attribution in any hack can be incredibly difficult, as Trump noted in a tweet, but cybersecurity experts say they have technical evidence showing that Democratic groups and figures were at the very least hacked with spear phishing emails and hard-to-detect malware from two suspected Russian hacking teams.
What we don't know, and what congress might hear in a classified briefing, is what additional evidence the FBI, CIA and the National Security Agency might have that makes a stronger case.
What stopped the FBI from personally alerting the DNC?
The the FBI first informed the Democratic National Committee that it was the target of hackers, it did so in a phone call, the New York Times reported.
A tech support staffer at the DNC failed to heed the warning, believing that phone calls from the FBI warning of the hack were possibly fake. It wasn’t until March – six months later and when the hackers had a foothold in the system – that the DNC concluded that the phone calls from the FBI were real.
So why didn't the FBI, which had an office nearby, send an agent in person?
Should the U.S. government be doing more in hack prevention?
When the DNC finally moved, it hired private security firm CrowdStrike to investigate the hack. But could the U.S. government have been more proactive in helping the DNC investigate or protect its systems?
And who's in charge anyway? Only in July, did President Obama codify that the FBI would take the lead in investigating major cyberattacks. But will that be enough to stop the next hack?
If Russia is found involved, how should the U.S. respond?
U.S. lawmakers have called the election-related hacks a threat to American democracy, and possibly an act of war. But the Obama administration hasn't come up with significant response to them -- at least one that's publicly known -- besides giving a warning to Russia.
Without the threat of retaliation, hackers could feel free to interfere in future U.S. elections, experts warn. So it’ll be up to U.S lawmakers, and a skeptical Trump, to consider whether the country needs to make a more forceful response.
Can IT firms, including Google, do more to stop email phishing?
The hackers got into email accounts with legitimate-looking messaged from Google designed to trick users into handing over their login credentials.
If Google can scan email to sell us stuff, can it do more to spot phishing attempts?
Sign up for Computerworld eNewsletters.