Trump, Clinton Spar Over U.S. Cybersecurity Policy

Bloomberg Law: Privacy & Data Security brings you single-source access to the expertise of Bloomberg Law’s privacy and data security editorial team, contributing practitioners,...

By Daniel R. Stoller

Sept. 27 — Presidential nominees Hillary Clinton (D) and Donald J. Trump (R) took to the debate stage to blame China, Russia, Iran and a hacker who weighs 400 pounds for recent data breaches and cybersecurity threats.

Regardless of the outcome of the election, cybersecurity should be a hot topic in the next president's first term. This may be a boon for cybersecurity companies, as more U.S. companies may seek their services to guard against data breaches and other cyberattacks.

Since the last presidential debate in 2012, massive data breaches and international cybersecurity threats have affected millions of U.S. citizens. However, the presidential hopefuls continued to stay on message as they framed their cybersecurity platforms around national security threats.

Stewart Baker, cybersecurity partner at Steptoe & Johnson LLP in Washington, told Bloomberg BNA Sept. 27 that cyberattacks “are the newest and most pressing national security issue” and the amount of air time it received “in the debate reflects that priority.”

trumpclinton

“You don't expect presidential debates to break new ground,” but it was “entirely appropriate” for them to cover cybersecurity given the recent hacks of the Democratic National Committee, state election systems (181 PRA, 9/19/16) and Yahoo! Inc. (185 PRA, 9/23/16), he said.

During the debate, Clinton said that cybersecurity and “cyber warfare will be one of the biggest challenges facing the next president.” Trump agreed with Clinton that cybersecurity is a “huge problem” that affects U.S. citizens and that the U.S. government has to get “very, very tough on cyber and cyber warfare.”

Jeremy Samide, CEO of Ohio-based cybersecurity company Stealthcare, told Bloomberg BNA Sept. 27 that “both candidates are quickly learning that this cyber war, whether state sponsored, hacker group, hacktivists or lone wolf should be taken very seriously.”

“This is an unprecedented time in which cyberattacks on prominent politicians and their parties are having a profound affects and outside influence on the election,” he said.

Russia or 400 Pound Hacker?

Trump and Clinton went into detail as to who poses the biggest threat to U.S. information technology infrastructure and whether or not we need to point the finger at a specific nation-state.

Bruce Heiman, public policy and law practice leader at K&L Gates LLP in Washington, told Bloomberg BNA Sept. 27 that the U.S. “had a Cold War with the Soviet Union and is in a long war against terrorism” and “it was good to see both candidates recognize that we are and will be in a cyber hidden war.”

Clinton said that the U.S. faces two distinct hacking threats: “independent hacking groups that do it mostly for commercial reasons” and state-sponsored hackers. Although Clinton focused on Russia, she also raised China and Iran as suspects in state-sponsored hacking attacks.

As for Russia, Clinton said that “there's no doubt now that Russia has used cyber attacks against all kinds of organizations in our country.”

To combat against the foreign hacking threat, Clinton said that the U.S. government needs to show that it doesn't want to start a cybersecurity war, however, “we will defend the citizens of this country” using the necessary means.

Baker said that Clinton was “right to flag the DNC attacks and other related uses of cyberpower by Russia as a game changer that we should respond to forcefully.”

It is interesting to note that during her time as Secretary of State she helped shape our response to foreign state-sponsored cyberattacks, he said. Clinton's new strategy is definitely a change in her cybersecurity response stance, Baker said.

Heiman agreed that the U.S. needs to be “clear that there will be consequences” for “cyber intrusions for political interference and economic gain.”

Trump was more dismissive of who actually is to blame for recent hacks that affected the DNC and U.S. tech companies. “It could be Russia, but it could also be China” who is responsible for the cyberattacks, Trump said.

“It could also be somebody sitting on their bed that weighs 400 pounds,” he said.

The 400 pound hacker line has drawn the ire of many political pundits, however, Trump may have unknowingly agreed with an Obama administration position on who is responsible for the recent hacks.

Baker said that Trump “raised the question of attribution, which is fair, since he, ironically, is in sync with the Obama administration on this point.”

Although the Obama administration “hasn't blamed any 400 pound hackers, it has refused to formally attribute the attacks to Russia—even though most of us believe that Russia is the source of the attacks,” Baker said.

Is Security Attainable?

Although the candidates didn't go into specific about plans to stop hackers, Trump did echo that securing sensitive information is challenging.

“The security aspect of cyber is very, very tough” and it may not be achievable, Trump said.

Samide said that Trump's remark on the toughness of cybersecurity “is a sound and logical statement.” Although companies attempt to stop cyberattacks and invest in advanced technologies, “there is no silver bullet or magical black box that can stop every cyberattack.”

Trump also echoed that the Obama administration wasn't doing a good job of protecting our nation against cyber attacks. There are many things the U.S. should do better “and certainly cyber is one of them,” Trump said.

To contact the reporter on this story: Daniel R. Stoller in Washington at dstoller@bna.com

To contact the editor responsible for this story: Donald G. Aplin at daplin@bna.com

Copyright © 2016 The Bureau of National Affairs, Inc. All Rights Reserved.