By Maria Korolov
Dec. 2, 2016
In the wake of reports about Russian involvement in fake news and hacks against political targets leading up to the recent presidential election, scholars and security experts are calling for federal action.
As of Sunday, 158 scholars have signed an open letter calling for a congressional investigation.
"Our country needs a thorough, public Congressional investigation into the role that foreign powers played in the months leading up to November," the letter said.
Democrats in Congress have also called for an investigation, and were recently joined by Republican Sen. Lindsey Graham.
Eric Schmidt, the executive chairman of Google's parent company Alphabet, has said he's most worried about Russia when it comes to cyber attacks.
"If you look at their actions over the last few months, they've done a number of very publicized invasions, attacks, and alterations," he said in an interview on Bloomberg Television.
According to a survey of U.S. adults released this morning by Alertsec, the general public agrees that Russia poses the biggest threat. Of those who said that they were worried about hacker groups, the largest number (24 percent) said that they worry most about Russia. Anonymous was in second place with 21 percent, followed by petty thieves at 19 percent, and China at 18 percent. Wikileaks and "neighborhood nerds" tied for last place, at 10 percent each.
What makes Russian cybercriminals different is the high skill level of the individuals involved, and the breadth of the underground economy that they participate in.
"They have been evolving and honing their skills for the better part of 15 years," said Ed Cabrera, chief cybersecurity officer at Trend Micro.
The Russian underground economy is most mature, he added.
"It has truly been the rising tide that lifts the skill sets of all Russian cyber criminals," he said.
In a report about the Russian Underground that Trend Micro released last year, the security firm also identified two types of politically motivated cyberattackers. First, these are people who have a strong political belief and volunteer their time and skills on behalf of causes, groups, or governments.
Then there are the cyber mercenaries, who work for political groups or governments for money.
Knowing where the criminals are coming from does make a difference, Cabrera said.
"You can not develop a sound resilient cybersecurity strategy without having a deep understanding of the threats you face and the vulnerabilities you have," he said. "To quote Sun Tzu, 'If you know neither the enemy nor yourself, you will succumb in every battle.'”
Russian hackers also have one other advantage -- it can be easier for them to hide from law authorities in other countries.