election

now browsing by tag

 
 

Kremlin Tried To #Hack At Least 4,700 #Email Accounts Before The #Election

Source: National Cyber Security – Produced By Gregory Evans

Kremlin Tried To #Hack At Least 4,700 #Email Accounts Before The #Election

An extensive, Russian-backed hacking operation targeted the email accounts of thousands of perceived Kremlin adversaries in 2015 and 2016, an Associated Press investigation has learned.

The effort, broadly referred to as “Iron Twilight” by security researchers, sought to compromise 4,700 Gmail accounts worldwide, belonging to everyone from high-profile U.S. politicians ― including Hillary Clinton, John Podesta and Colin Powell, who were all hacked ― to academics, journalists, political activists and military personnel.

Who they targeted

According to information provided by Secureworks, the cybersecurity firm whose data underpins much of the AP report, there’s a clear link between the targeted email accounts and Russia’s targets in the real world.

A spokesperson for the prime minister of Ukraine, for instance ― where Russian forces are currently engaged in a military conflict ― was targeted nine times, Secureworks said.

Other targeted individuals identified by the AP include former Secretary of State John Kerry, former NATO Supreme Commander U.S. Air Force Gen. Philip Breedlove, and Serhiy Leshchenko, a Ukranian politician who helped reveal alleged financial crimes of Paul Manafort, who was indicted Monday.

Experts on Ukrainian and Russian subject matters, as well as aerospace researchers and engineers were also among those targeted.

Military spouses and family members also constituted a surprisingly large portion of those targeted, which Secureworks speculates may be an attempt to learn about broader military issues in the U.S., or to gain information about the target’s spouse.

Of the military and government personnel who were targeted, the vast majority are either in the U.S. or a member of NATO:

Given the specific range of targets, experts said the hacks almost undoubtedly originated from within the Kremlin.

“It’s simply hard to see how any other country would be particularly interested in their activities,” Michael Kofman, a Russian military affairs expert at the Woodrow Wilson International Center who had his email targeted, told the AP.

“If you’re not Russia,” he said, “hacking these people is a colossal waste of time.”

Secureworks told HuffPost other, non-Gmail email providers were also targeted in the effort, though they don’t have data on the particulars of the campaign. While the firm only has data spanning March 2015 through May 2016, there’s no reason to believe Russia has ceased its hacking operations.

“This type of operation supports an ongoing intelligence objective,” Rafe Pilling, a senior security researcher with Secureworks’ Counter Threat Unit team said. “The activity is still underway via similar methods and likely will continue while the hackers behind this activity continue to be successful.”

“The targeting we saw (of 4,700 Gmail accounts) was just a fragment of a larger campaign from Iron Twilight.”

How they did it

Data provided by Secureworks shows Russian-linked groups operating under the names APT28, Sofacy, Sednit, Fancy Bear, and Pawn Storm sent emails to targets that mimicked authentic login pages from Google Accounts.

Instead of being directed to the real Google Accounts page, however, the emails directed recipients to a highly-convincing fake page, which then recorded the user’s login and password information:

Russian hackers disguised the website address of the fake page via Bitly, a link-shortening and web analytics service, which is ultimately what tipped Secureworks off to the hacking campaign.

By working backward from a compromised login page, Secureworks was able to decipher the publicly-accessible Bitly account associated with it. That account served as a window into all of the group’s other activity, which, the AP found out, was used 95 percent of the time Monday-Friday, during Moscow’s regular business hours.

Bitly representatives told HuffPost they took quick action once they learned of the activity, noting the operation itself involved little in the way of conventional “hacking” ― all the login information was unwittingly supplied by the targets themselves.

“The links and accounts related to this situation were blocked as soon as we were informed,” Bitly CTO Rob Platzer explained in email. “This isn’t really an exploit of Bitly, but it’s an unfortunate exploit of internet users through social engineering.”

“It serves as a reminder that even the savviest, most skeptical users can be vulnerable to opening unsolicited emails. It can’t always be helped, but we advise everyone to be extra cautious about emails and links related to passwords and other sensitive information, and to employ safety measures such as unique passwords and two-factor authentication.”

What to do if you think you’ve been hacked

Unless your information has been published online, there’s a decent chance you wouldn’t know you’ve been hacked.

“If a target was compromised,” said Pilling, “it’s entirely feasible that the compromise could go undetected for an extended period of time.”

Given the wide range of those targeted and Russia’s continued hacking efforts, Secureworks recommends those who suspect they could be a target ― and use Gmail or any other web mail service ― to regularly change their passwords.

Other commonsense steps, like enabling “two-factor” or “two-step” authentication on your email account, can also go a long way, Pilling said.

He also recommended readers check to see what applications and devices they’ve authorized to access their account, information that’s often found under “settings.”

“If there are any apps or devices they don’t recognize, they should disable or delete the access right away,” he said.

And finally, don’t open attachments or click links in an email unless you’re sure the email was actually ― and intentionally ― sent to you by the sender.

The post Kremlin Tried To #Hack At Least 4,700 #Email Accounts Before The #Election appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Homeland Security clarifying state election hacking attempts

Source: National Cyber Security – Produced By Gregory Evans

The Department of Homeland Security has notified two states that Russian hackers attempted to scan networks other than their election systems in the run-up to the 2016 presidential election, contrary to details provided last week. On Wednesday, California became the second state — after Wisconsin — to receive the clarification….

The post Homeland Security clarifying state election hacking attempts appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Russian Hackers Tried to Access California Election System

Source: National Cyber Security – Produced By Gregory Evans

California Secretary of State Alex Padilla said he was informed “for the first time” by the DHS on Friday of last year’s attempt, in which Russian hackers “scanned” the website with the intent to “identify weaknesses in a computer or network – akin to a burglar looking for unlocked doors…

The post Russian Hackers Tried to Access California Election System appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Hacking and fake news cast shadows over German election

Source: National Cyber Security – Produced By Gregory Evans

The Bundestag break-in occurred in May 2015, without a window being smashed. The intruders to the German parliament were not looking for anything tangible, nor were they even in Berlin. They wanted data and they got it: an estimated 16 gigabytes worth. This was no random smash-and-grab: the hackers sorted…

The post Hacking and fake news cast shadows over German election appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Expiring spying law helped U.S. conclude Russia hacked election: NSA chief

Source: National Cyber Security – Produced By Gregory Evans

Expiring spying law helped U.S. conclude Russia hacked election: NSA chief

A top U.S. intelligence official said Thursday a controversial surveillance law that allows the broad electronic spying of foreigners played a major role in understanding Russia’s alleged interference in the 2016 presidential election. The statement from Admiral Mike Rogers, the director of the U.S. National Security Agency, may bolster efforts by intelligence agencies to fully preserve the authority, known as …

The post Expiring spying law helped U.S. conclude Russia hacked election: NSA chief appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Hillary Clinton blames WikiLeaks and Russian hackers for election loss to Donald Trump

Source: National Cyber Security – Produced By Gregory Evans

In her first major speaking appearance since losing the 2016 US election, Hillary Clinton opened up about her failed bid to the White House, reflecting that a Kremlin-led misinformation campaign, an unfortunately-timed letter from the FBI and WikiLeaks were all …

The post Hillary Clinton blames WikiLeaks and Russian hackers for election loss to Donald Trump appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Forty percent of Americans more cautious with email after election hacking

Source: National Cyber Security – Produced By Gregory Evans

Forty percent of Americans say they are more cautious about what they write in emails since last year’s cyber attacks against the Democratic Party, according to a Reuters/Ipsos poll released on Thursday. The March 11-20 opinion survey showed that a …

The post Forty percent of Americans more cautious with email after election hacking appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Will Election Hacking Split NATO?

To Purchase This Product/Services, Go To The Store Link Above Or Go To http://www.become007.com/store/ Source: National Cyber Security – Produced By Gregory Evans NATO’s Deputy Supreme Allied Commander Europe, General Sir Adrian Bradshaw, has reportedly suggested that NATO may consider Russian interference in upcoming European … View full post on Become007.com

Here’s why people are looking for love after Trump’s election

Source: National Cyber Security – Produced By Gregory Evans

Here’s why people are looking for love after Trump’s election

Donald Trump has seen a lot of haters and faced a lot of criticism but there are some who have been encouraged and are looking for love after his win. An online dating site has revealed what most people wouldn’t …

The post Here’s why people are looking for love after Trump’s election appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Trump accuses Dems of lax security as he doubts Russian hackers influence on election

Source: National Cyber Security – Produced By Gregory Evans

Trump accuses Dems of lax security as he doubts Russian hackers influence on election

President-elect Donald Trump voiced new doubts on Wednesday, Jan. 4, that Russian hackers attempted to influence the U.S. election on his behalf, accusing Democrats of lax security and saying WikiLeaks had denied Moscow was behind the documents it made public.

The post Trump accuses Dems of lax security as he doubts Russian hackers influence on election appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures