Ever since news broke that Russian operatives, perhaps even state sanctioned ones, allegedly hacked the Democratic National Party and leaked key emails, Russia has become the go-to whipping boy for hacking blame. A report from US officials that Russian hacking played a role in the outcome of the recent US election didn’t help.
But now it seems that Russia is our likely scapegoat in every hacking event or data breach, a problem that will make it even easier for further breaches to take place without proper preparation, prevention, or investigation. Case in point, the FBI announced that a utility provider in Vermont was hacked by Russians, only it turns out not to have been Russians and no hacking has been proven to have even taken place.
A report on the alleged hacking by The Washington Post stated: “An employee at Burlington Electric Department was checking his Yahoo email account Friday and triggered an alert indicating that his computer had connected to a suspicious IP address associated by authorities with the Russian hacking operation that infiltrated the Democratic Party. Officials told the company that traffic with this particular address is found elsewhere in the country and is not unique to Burlington Electric, suggesting the company wasn’t being targeted by the Russians. Indeed, officials say it is possible that the traffic is benign, since this particular IP address is not always connected to malicious activity.”
The basis for the claim of hacking was the the employee’s laptop was found to contain some software that known hackers have used in the past. While it’s certainly understandable how this conclusion would be drawn, what’s not so clear is why officials would make such an announcement or reveal it to the press before conducting a full investigation.
Interestingly, one of the key improvements in the recent history of data breaches has been the reduced amount of time from the event to the notification of the affected individuals. Unfortunately, this looks like a case of that pendulum swinging way too far. Being too quick to point the finger at a volatile possible connection serves no good purpose and stands to weaken relations between the countries’ governments, all while allowing other hackers to fly under the radar.