now browsing by tag


Congress #gets ‘Russia #election #hacking’ #briefing, still no #evidence

With political primaries already underway and the November midterm elections fast approaching, top national security officials briefed members of Congress on Tuesday about gaps in election security.

The Trump administration has been under pressure to take stronger steps to deter Russian attempts to meddle in U.S. campaigns. Officials say election systems remain vulnerable to cyberattacks.

Intelligence agencies say Russian operatives attempted to hack 21 electoral systems in states during the 2016 campaign, breaching one system. There’s no evidence any votes were affected.

“This is an issue that the administration takes seriously and is addressing with urgency,” Homeland Security Secretary Kirstjen M. Nielsen, FBI Director Christopher Wray and Director of National Intelligence Daniel Coats said in a joint statement.

After the briefing, Nielsen was asked about intelligence agencies’ conclusions that Moscow used social media, leaks of hacked emails and other tactics in 2016 in an attempt to help Trump beat Hillary Clinton.

“That the specific intent was to help President Trump win, I’m not aware of that, but I do generally have no reason to doubt any intelligence assessment.”

Moscow “aspired to help” Trump’s campaign, according to a public report issued by intelligence agencies in January 2017. The Senate Intelligence Committee reported this month that after a 14-month investigation, it agreed with that assessment.

The committee also issued a detailed report on Russian targeting of election infrastructure during the 2016 campaign.

Chris Megerian (c)2018 Los Angeles Times, Distributed by Tribune Content Agency, LLC.


The post Congress #gets ‘Russia #election #hacking’ #briefing, still no #evidence appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Cyber #security a #priority for #area #election #officials

With election season quickly approaching, Grand Island workers are taking steps to secure their data.

Election officials from across the state are taking advantage of training opportunities to stay up-to-date on cyber security measures.

Last fall Secretary of State John Gale hosted a big presentation. Tracy Overstreet, the Hall County Election Commissioner attended.

Overstreet had the opportunity to meet with officials from Homeland Security and the FBI to learn about ways to protect elections from hackers.

She says there are also risk-assessment analysis taking place on the state and local level right now.

“We’ve got the anti-virus software, we’ve got the firewalls up. The election information isn’t even available to any outside site. The only thing that comes out of the election office that goes out to the election site is our election results on election night,” said Hall County Election Commissioner Tracy Overstreet.

Overstreet says Hall County still uses paper ballots for their elections. She feels this provides even more security and also a paper trail to refer back to.


The post Cyber #security a #priority for #area #election #officials appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Intel #Chairman: Election #Cybersecurity Fixes ‘Might Not be in #Time to Save the #System’

Homeland Security Secretary Kirstjen Nielsen told senators that most states are being cooperative with the whole-of-government effort to protect voting systems from cyberintrusions, though there are two unnamed states “who aren’t working with us as much as we would like right now.”

Members of the Senate Intelligence Committee grilled Nielsen last week about what is being done to secure the vote in light of Russia’s campaign influence operation in the 2016, and for an inside perspective on that campaign season former DHS Secretary Jeh Johnson joined Nielsen at the witness table.

Chairman Richard Burr (R-N.C.) praised DHS for making “great strides towards better understanding elections, better understanding the states, and providing assistance that makes a difference to the security of our elections.”

“But there’s more to do. There’s a long wait time for DHS premier services. States are still not getting all the information they feel they need to secure their systems,” Burr said. “The department’s ability to collect all the information needed to fully understand the problem is an open question, and attributing cyber attacks quickly and authoritatively is a continuing challenge.”

The chairman stressed that “this issue is urgent — if we start to fix these problems tomorrow, we still might not be in time to save the system for 2016 and 2020.”

Vice-Chairman Mark Warner (D-Va.) noted that in 2016 Russian actors “were able to penetrate Illinois’ voter registration database and access 90,000 voter registration records — they also attempted to target the election systems of at least 20 other states.”

“The intelligence community’s assessment last January concluded that Russia secured and maintained access to multiple elements of U.S. state and local election boards,” he said. “And the truth is clear that 2016 will not be the last of their attempts.”

Nielsen described the DHS arm of the election security mission as providing “assistance and support to those officials in the form of advice, intelligence, technical support, incident response planning, with the ultimate goal of building a more resilient, redundant, and secure election enterprise.”

“Our services are voluntary and not all election officials accept our offer of support. We continue to offer it; we continue to demonstrate its value. But in many cases state and local officials have their own resources and simply don’t require the assistance that we’re offering,” she said.

So far, the secretary told senators, “more than half” of states have signed up for DHS’ cyber hygiene scanning service, an automated remote scan “that gives state and local officials a report identifying vulnerabilities and offering recommendations to mitigate them.”

Another tool DHS is using is information sharing directly with election officials “through trusted third parties such as the Multi-State Information Sharing and Analysis Center, or MS-ISAC, and we look forward to the creation of the Election ISAC.”

Nielsen emphasized the need to “rapidly share information about potential compromises with the broader community so that everyone can defend their systems.”

“This collective defense approach makes all election systems more secure,” she said. “We’re also working with state election officials to share classified information on specific threats, including sponsoring up to three officials per state with security clearances and providing one-day read-ins as needed when needed, as we did in mid-February for the secretaries of state and election directors. We are also working with the intelligence community to rapidly declassify information to share with our stakeholders.”

Unlike DHS’ posture in 2016, Nielsen said the department now knows which person to contact in every state to share threat information.

“DHS is leading federal efforts to support and enhance the security of election systems across the country. Yet we do face a technology deficit that exists not just in election infrastructure but across state and local government systems,” she said. “It will require a significant investment over time and will require a whole-of-government solution to ensure continued confidence in our elections.”

Johnson talked about the Obama administration’s reticence to make a wrong move on Russia’s campaign interference and give the appearance that the White House was stepping into the election.

“The reality is that, given our electoral college and our current politics, national elections are decided in this country in a few precincts in a few key swing states. The outcome, therefore, may dance on the head of a pin. The writers of the TV show House of Cards have figured that out. So can others,” Johnson told lawmakers, adding he’s “pleased by reports that state election officials to various degrees are now taking serious steps to fortify cybersecurity of their election infrastructure and that the Department of Homeland Security is currently taking serious steps to work with them in that effort.”

Nielsen said DHS is trying to get security clearances for those three election contact persons in each state, but only “about 20” of those 150 officials have received the full clearance. “We’re granting interim secret clearances as quickly as we can,” she said, adding later that they’re “widely using day read-ins now, so we’re not going to let security clearances hold us up.”

The secretary said “a lot of work” has been accomplished at DHS over the past year on “related processes,” including working with the intelligence community to declassify information as “some of the information does not originate within DHS, so we need to work with our partners to be able to share it.”

“The second one is on victim notification. We have a role there, but so does FBI and so does MS-ISAC, which in this case the Multi-State Information Sharing and Analysis Center was in some cases the first organization to identify some of the targeting,” Nielsen said. “So we have to work with whomever originates the information. We all have different roles. So we’ve worked to pull it all together so that we can quickly notify victims of what has occurred.”

Pressed on the current level of cyber threat from malicious actors heading into midterm elections, Nielsen replied that “the threat remains high.”

“We think vigilance is important, and we think there is a lot that we all need to do at all levels of government before we have the midterm elections,” she said. “I will say our decentralized nature both makes it difficult to have a nationwide effect, but also makes it perhaps of greater threat at a local level. And, of course, if it’s a swing state or swing area that can, in turn, have a national effect.”

“So what we’re looking at is everything from registration and validation of voters — so those are the databases, through to the casting and the tabulation of votes, through to the transmission — the election night reporting, and then, of course, the — the certification and the auditing on the back end. All of those are potential vulnerabilities. All of those require different tools and different attention by state and locals,” Nielsen continued, adding that the federal government continues to work with state and local jurisdictions “to also help them look at physical security.”

“They need to make sure that the locations where the voting machines are kept, as well as the tabulation areas, they need access control and very traditional security like we would in other critical infrastructure areas,” she said.

Johnson told senators that “with the benefit of two years’ hindsight it does seem plain… that the Russian effort has not been contained; it has not been deterred.”

“In my experience, superpowers respond to sufficient deterrence and will not engage in behavior that is cost prohibitive. Plainly, that has not occurred and more needs to be done,” the former DHS chief said. “With the benefit of hindsight, the sanctions we issued in late December [2016] have not worked as an effective deterrent and it’s now on the current administration to add to those and follow through on those.”


The post Intel #Chairman: Election #Cybersecurity Fixes ‘Might Not be in #Time to Save the #System’ appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Kremlin Tried To #Hack At Least 4,700 #Email Accounts Before The #Election

Source: National Cyber Security – Produced By Gregory Evans

Kremlin Tried To #Hack At Least 4,700 #Email Accounts Before The #Election

An extensive, Russian-backed hacking operation targeted the email accounts of thousands of perceived Kremlin adversaries in 2015 and 2016, an Associated Press investigation has learned.

The effort, broadly referred to as “Iron Twilight” by security researchers, sought to compromise 4,700 Gmail accounts worldwide, belonging to everyone from high-profile U.S. politicians ― including Hillary Clinton, John Podesta and Colin Powell, who were all hacked ― to academics, journalists, political activists and military personnel.

Who they targeted

According to information provided by Secureworks, the cybersecurity firm whose data underpins much of the AP report, there’s a clear link between the targeted email accounts and Russia’s targets in the real world.

A spokesperson for the prime minister of Ukraine, for instance ― where Russian forces are currently engaged in a military conflict ― was targeted nine times, Secureworks said.

Other targeted individuals identified by the AP include former Secretary of State John Kerry, former NATO Supreme Commander U.S. Air Force Gen. Philip Breedlove, and Serhiy Leshchenko, a Ukranian politician who helped reveal alleged financial crimes of Paul Manafort, who was indicted Monday.

Experts on Ukrainian and Russian subject matters, as well as aerospace researchers and engineers were also among those targeted.

Military spouses and family members also constituted a surprisingly large portion of those targeted, which Secureworks speculates may be an attempt to learn about broader military issues in the U.S., or to gain information about the target’s spouse.

Of the military and government personnel who were targeted, the vast majority are either in the U.S. or a member of NATO:

Given the specific range of targets, experts said the hacks almost undoubtedly originated from within the Kremlin.

“It’s simply hard to see how any other country would be particularly interested in their activities,” Michael Kofman, a Russian military affairs expert at the Woodrow Wilson International Center who had his email targeted, told the AP.

“If you’re not Russia,” he said, “hacking these people is a colossal waste of time.”

Secureworks told HuffPost other, non-Gmail email providers were also targeted in the effort, though they don’t have data on the particulars of the campaign. While the firm only has data spanning March 2015 through May 2016, there’s no reason to believe Russia has ceased its hacking operations.

“This type of operation supports an ongoing intelligence objective,” Rafe Pilling, a senior security researcher with Secureworks’ Counter Threat Unit team said. “The activity is still underway via similar methods and likely will continue while the hackers behind this activity continue to be successful.”

“The targeting we saw (of 4,700 Gmail accounts) was just a fragment of a larger campaign from Iron Twilight.”

How they did it

Data provided by Secureworks shows Russian-linked groups operating under the names APT28, Sofacy, Sednit, Fancy Bear, and Pawn Storm sent emails to targets that mimicked authentic login pages from Google Accounts.

Instead of being directed to the real Google Accounts page, however, the emails directed recipients to a highly-convincing fake page, which then recorded the user’s login and password information:

Russian hackers disguised the website address of the fake page via Bitly, a link-shortening and web analytics service, which is ultimately what tipped Secureworks off to the hacking campaign.

By working backward from a compromised login page, Secureworks was able to decipher the publicly-accessible Bitly account associated with it. That account served as a window into all of the group’s other activity, which, the AP found out, was used 95 percent of the time Monday-Friday, during Moscow’s regular business hours.

Bitly representatives told HuffPost they took quick action once they learned of the activity, noting the operation itself involved little in the way of conventional “hacking” ― all the login information was unwittingly supplied by the targets themselves.

“The links and accounts related to this situation were blocked as soon as we were informed,” Bitly CTO Rob Platzer explained in email. “This isn’t really an exploit of Bitly, but it’s an unfortunate exploit of internet users through social engineering.”

“It serves as a reminder that even the savviest, most skeptical users can be vulnerable to opening unsolicited emails. It can’t always be helped, but we advise everyone to be extra cautious about emails and links related to passwords and other sensitive information, and to employ safety measures such as unique passwords and two-factor authentication.”

What to do if you think you’ve been hacked

Unless your information has been published online, there’s a decent chance you wouldn’t know you’ve been hacked.

“If a target was compromised,” said Pilling, “it’s entirely feasible that the compromise could go undetected for an extended period of time.”

Given the wide range of those targeted and Russia’s continued hacking efforts, Secureworks recommends those who suspect they could be a target ― and use Gmail or any other web mail service ― to regularly change their passwords.

Other commonsense steps, like enabling “two-factor” or “two-step” authentication on your email account, can also go a long way, Pilling said.

He also recommended readers check to see what applications and devices they’ve authorized to access their account, information that’s often found under “settings.”

“If there are any apps or devices they don’t recognize, they should disable or delete the access right away,” he said.

And finally, don’t open attachments or click links in an email unless you’re sure the email was actually ― and intentionally ― sent to you by the sender.

The post Kremlin Tried To #Hack At Least 4,700 #Email Accounts Before The #Election appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Homeland Security clarifying state election hacking attempts

Source: National Cyber Security – Produced By Gregory Evans

The Department of Homeland Security has notified two states that Russian hackers attempted to scan networks other than their election systems in the run-up to the 2016 presidential election, contrary to details provided last week. On Wednesday, California became the second state — after Wisconsin — to receive the clarification….

The post Homeland Security clarifying state election hacking attempts appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Russian Hackers Tried to Access California Election System

Source: National Cyber Security – Produced By Gregory Evans

California Secretary of State Alex Padilla said he was informed “for the first time” by the DHS on Friday of last year’s attempt, in which Russian hackers “scanned” the website with the intent to “identify weaknesses in a computer or network – akin to a burglar looking for unlocked doors…

The post Russian Hackers Tried to Access California Election System appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Hacking and fake news cast shadows over German election

Source: National Cyber Security – Produced By Gregory Evans

The Bundestag break-in occurred in May 2015, without a window being smashed. The intruders to the German parliament were not looking for anything tangible, nor were they even in Berlin. They wanted data and they got it: an estimated 16 gigabytes worth. This was no random smash-and-grab: the hackers sorted…

The post Hacking and fake news cast shadows over German election appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Expiring spying law helped U.S. conclude Russia hacked election: NSA chief

Source: National Cyber Security – Produced By Gregory Evans

Expiring spying law helped U.S. conclude Russia hacked election: NSA chief

A top U.S. intelligence official said Thursday a controversial surveillance law that allows the broad electronic spying of foreigners played a major role in understanding Russia’s alleged interference in the 2016 presidential election. The statement from Admiral Mike Rogers, the director of the U.S. National Security Agency, may bolster efforts by intelligence agencies to fully preserve the authority, known as …

The post Expiring spying law helped U.S. conclude Russia hacked election: NSA chief appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Hillary Clinton blames WikiLeaks and Russian hackers for election loss to Donald Trump

Source: National Cyber Security – Produced By Gregory Evans

In her first major speaking appearance since losing the 2016 US election, Hillary Clinton opened up about her failed bid to the White House, reflecting that a Kremlin-led misinformation campaign, an unfortunately-timed letter from the FBI and WikiLeaks were all …

The post Hillary Clinton blames WikiLeaks and Russian hackers for election loss to Donald Trump appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Forty percent of Americans more cautious with email after election hacking

Source: National Cyber Security – Produced By Gregory Evans

Forty percent of Americans say they are more cautious about what they write in emails since last year’s cyber attacks against the Democratic Party, according to a Reuters/Ipsos poll released on Thursday. The March 11-20 opinion survey showed that a …

The post Forty percent of Americans more cautious with email after election hacking appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures