Leo Taddeo, CSO at Cryptzone and former FBI Special Agent in Charge of the Cybercrimes Division, spoke on NBC about the election hacks, the US response, and Trump’s claims to know more about the hacks. Below are some transcribed thoughts from the interview.
Q: Trump claims to know more about the hacks. If you were to make changes to 2017 agencies what would you do?
A: There is room for illuminating duplicated efforts. There are some overlapping missions. You want to eliminating redundancy, though redundancy in the intelligence community is healthy. You don’t want a singular point of view. There is room for technology improvements can be made across agency sharing/divisions.
In order to Improve the intelligence community, he (Trump) shouldn’t doubt recommendations provided to him from the intelligence community. It’s not productive as he enters office.
Q: 35 diplomats and families were sent back to Russia. How deep may this have gone if they were 35 people linked to the hacking/cyber attacks? What does it tell you?
A: Hard to say – there is no indication that all 35 were involved in the hacking effort. The expulsion of even one diplomat is a big deal, so the expulsion of 35 is enormous. It’s definitely a signal to Russian government, but the removal of these diplomats is also tied to the mistreatment to diplomats in Moscow, not just the hacking situation.
Q: Is this just the tip of the iceberg?
A: There are capable hackers in Russia. Combine criminal hacking groups with Russian intelligence capabilities and you have enormous opportunity. How much of this is directed at DNC and its influence is anyones guess, but I’m sure the intelligence community knows more than they are releasing in these documents (the FBI report released last Thursday). They are protecting sources and I think what was released to public is just tip of the iceberg. The report also says that technical indicators used by the hackers, show that they are quite sophisticated.
Q: What did report miss?
It raises a big question to me. Why were 2 separate organizations targeting the same network? How well are these hackers coordinating their operations? If inside a network already, why send another unit in? There is a lack of coordination in Russia and they are doing the same thing without talking to each other. There is still a gap.