2018 midterms – Page 2 – WindowsTechs.com

Nielsen: DHS to quicken bad actor alerts in run-up to Election Day

Posted on October 2, 2018 by Sean Lyngaas

The Department of Homeland Security will be much faster to alert state officials if their computer networks are being probed by hackers this election season than the department was in 2016, DHS Secretary Kirstjen Nielsen said Tuesday. It took roughly a year for DHS to notify officials in 21 states that their IT systems had been scanned by Russian hackers during the 2016 presidential campaign. But a combination of network sensors, incident response teams, and closer relationships with state and local officials means DHS can react much more quickly to threats during the 2018 midterms, according to Nielsen. “Now we know who to call,” she said at a conference hosted by The Washington Post, referring to state and local officials. “Now we have everybody on speed dial.” This year, the department will have a “situational awareness room” ready to monitor developments at DHS’s National Cybersecurity and Communications Integration Center, Nielsen […]

The post Nielsen: DHS to quicken bad actor alerts in run-up to Election Day appeared first on Cyberscoop.

Continue reading Nielsen: DHS to quicken bad actor alerts in run-up to Election Day→

Rep. Speier: Congress needs a hack demo to understand election vulnerabilities

Posted on October 2, 2018 by Sean Lyngaas

Lawmakers still need a hands-on demonstration of voting equipment vulnerabilities to fully grasp the urgency of election security, according to Rep. Jackie Speier, D-Calif. “I think that if we can fashion some kind of an interactive experience for members to watch… then we’ve got their attention,” Speier, a member of the intelligence committee, said in an interview. “We need that moment and we need that equipment, and we need that hack. And so once we can do that and do it in a way that the average luddite can understand, then we’ll be golden.” DEF CON, the hacking conference where researchers pick apart voting machines, provides that kind of visual demonstration. But Speier appeared to be the only lawmaker in attendance last week as the organizers of the DEF CON Voting Village presented their findings on Capitol Hill. (Some congressional staff did attend.) Election security vaulted into the spotlight on […]

The post Rep. Speier: Congress needs a hack demo to understand election vulnerabilities appeared first on Cyberscoop.

Continue reading Rep. Speier: Congress needs a hack demo to understand election vulnerabilities→

In this election security drill, Massachusetts cops battle hackers to protect the vote

Posted on September 24, 2018 by Sean Lyngaas

With just weeks until the midterm elections, police in Massachusetts gathered last Thursday to practice responding to cyberattacks from an adversary bent on disrupting the democratic process. The simulation, hosted at the Boston headquarters of network security company Cybereason, pitted a police team that included former Boston Police Commissioner Ed Davis against a red team portraying hackers looking to exacerbate political divisions. The tabletop drill was a strategic duel, with the red team trying to suppress the vote and the cops mobilizing resources in response. The aim of the exercise was to show state and municipal authorities the type of coordinated and clever cyberattacks on critical infrastructure that are possible, according to Cybereason’s Ross Rustici, who helped devise the exercise. Davis said that point hit home. “I think it was an eye-opening experience for everyone who was there,” he told CyberScoop, adding: “People left that exercise with the sober realization that […]

The post In this election security drill, Massachusetts cops battle hackers to protect the vote appeared first on Cyberscoop.

Continue reading In this election security drill, Massachusetts cops battle hackers to protect the vote→

Wyden: Tech company has told multiple senators of foreign hacking attempts

Posted on September 20, 2018 by Sean Lyngaas

A major tech company has informed “a number of senators and Senate staff members” that foreign government hackers have targeted their personal email accounts, according to Sen. Ron Wyden. In a Sept. 19 letter to Senate leadership, Wyden, D-Ore., did not name the company or identify the foreign hackers, but he did warn that the publicly reported activity of a Russian government-linked hacking group may be just “the tip of the iceberg” when it comes to advanced cyberthreats to lawmakers. The group, often referred to as Fancy Bear, breached the IT networks of the Democratic National Committee in 2016 as part of a coordinated hack-and-leak operation that the U.S. intelligence community attributed to Moscow. “The November election grows ever closer, Russia continues its attacks on our democracy, and the Senate simply does not have the luxury of further delays” in shoring up its cybersecurity, Wyden wrote to Senate Majority Leader Mitch […]

The post Wyden: Tech company has told multiple senators of foreign hacking attempts appeared first on Cyberscoop.

Continue reading Wyden: Tech company has told multiple senators of foreign hacking attempts→

Symantec offers political campaigns service to guard against website spoofing

Posted on September 18, 2018 by Sean Lyngaas

Symantec on Tuesday became the latest cybersecurity giant to offer free election security services to political campaigns and election officials ahead of the 2018 midterm vote. The California-based company’s AI-fueled service is designed to thwart malicious websites that spoof legitimate ones to steal personal information. That threat is a prime concern given the numerous political candidates that are running websites with limited budgets. “Symantec has been focused on election security for many years, but given the gravity of the current security landscape, we are compelled to raise awareness and make it easy for relevant parties to participate in ensuring the integrity of the upcoming election,” Symantec CEO Greg Clark said in a statement. The Symantec service, which is also available to state election commissions, essentially takes a screenshot of a legitimate website it’s protecting and then alerts the page’s owner to any attempt to impersonate it, explained Eric Chien, technical […]

The post Symantec offers political campaigns service to guard against website spoofing appeared first on Cyberscoop.

Continue reading Symantec offers political campaigns service to guard against website spoofing→

Google tells senator that nation-state hackers probed his old campaign email accounts

Posted on August 24, 2018 by Sean Lyngaas

Google has informed Sen. Pat Toomey, R-Pa., that nation-state hackers may have tried to breach old email accounts associated with his campaign, according to Toomey spokesman Steve Kelly. The probing involved phishing emails to accounts over a year old, and there is no evidence of a breach, according to Kelly. Based on scans of the emails, they did not appear to contain malware, he added. Toomey, who won re-election in 2016, is not up for re-election again until 2022. “This underscores the cybersecurity threats our government, campaigns, and elections are currently facing,” Kelly said in a statement Friday. “It is essential that Congress impose tough penalties on any entity that undermines our institutions.” Kelly’s statement did not say whether the hackers have been tied to a particular country. Google did not respond to a request for comment by press time. Toomey is the latest politician to draw the attention of […]

The post Google tells senator that nation-state hackers probed his old campaign email accounts appeared first on Cyberscoop.

Continue reading Google tells senator that nation-state hackers probed his old campaign email accounts→

DHS, Microsoft to brief states on latest Russian intelligence activity

Posted on August 22, 2018 by Sean Lyngaas

The Department of Homeland Security will hold a conference call for Microsoft representatives to brief state election officials on new evidence showing Russian hackers have targeted the U.S. Senate and conservative think tanks, according to senior DHS cybersecurity adviser Matthew Masterson. The goal will be to turn Microsoft’s observations into actionable security advice for state officials as the November midterms approach. The conference call, which Masterson said had not been scheduled yet, will be an opportunity for state officials to study the latest techniques from the Russian hacking group, often known as Fancy Bear, that breached Democratic Party organizations in the 2016 U.S. presidential campaign. Speaking to reporters Tuesday, Masterson said Microsoft’s takedown of internet domains allegedly set up by Fancy Bear showed “a growing interaction and relationship that we have with industry.” Asked if he anticipated that private companies would need to take similar action in the future, Masterson said the Russian […]

The post DHS, Microsoft to brief states on latest Russian intelligence activity appeared first on Cyberscoop.

Continue reading DHS, Microsoft to brief states on latest Russian intelligence activity→

Election exercise pairs states with intelligence community in unprecedented opportunity

Posted on August 20, 2018 by Sean Lyngaas

Forty-four states took part in an unprecedented election-security exercise last week that offered a crucial opportunity for electoral officials to interact with federal agencies with some of the most vaunted cyber capabilities in the government. This elaborate a security exercise simply didn’t happen in 2016: before the Russian government’s sweeping intervention in the U.S. election, it was hard to imagine the need for local and state officials to drill with the National Security Agency and U.S. Cyber Command. But with 2016 fresh in their minds, those officials have warmed to the idea. “The biggest obstacle that we had in 2016 was communication, and so I think a lot of those barriers have been torn down and states are more willing to hear from the federal government,” Election Assistance Commission Commissioner Thomas Hicks told CyberScoop. “[O]ne of the most valuable parts” of the drill, Hicks added, was that it drove home for state […]

The post Election exercise pairs states with intelligence community in unprecedented opportunity appeared first on Cyberscoop.

Continue reading Election exercise pairs states with intelligence community in unprecedented opportunity→

DHS holds election security exercise with states to prep for midterms

Posted on August 15, 2018 by Sean Lyngaas

With less than three months until the midterm elections, the Department of Homeland Security held a three-day exercise this week that allowed state and local officials to practice warding off an array of cyberthreats, from spear-phishing campaigns to distributed denial of service attacks. The drills, which featured officials from 44 states, the National Security Agency and U.S. Cyber Command, among other federal agencies, “explored potential impacts to voter confidence, voting operations, and the integrity of elections,” according to a DHS statement. The Election Assistance Commission, the federal agency charged with distributing $380 million in election-security funding to states, also took part. DHS said private vendors participated in the exercise, but did not name them. The exercise covered several scenarios, according to DHS: spear phishing against election officials; social media manipulation related to political candidates; “disruption” of voter registration IT systems; distributed denial-of-service attacks and “web defacements” affecting board of election […]

The post DHS holds election security exercise with states to prep for midterms appeared first on Cyberscoop.

Continue reading DHS holds election security exercise with states to prep for midterms→

Research shows gap in House, Senate candidates’ website security

Posted on August 14, 2018 by Sean Lyngaas

Nearly 30 percent of House of Representatives candidates have significant security issues in their websites compared to less than 5 percent of Senate candidates, according to new research. The disparity underscores the challenge that smaller, resource-strapped campaigns have in making themselves less vulnerable to hacking. About 3 in 10 House candidate websites scanned by election-security expert Joshua Franklin and his research team were not using important security protocols for routing data or had a major certificate issue. The scans, most of which took place in June, covered the websites of more than 500 House candidates and nearly 100 Senate candidates. “The House has significantly more candidates running and that provides more opportunities for security errors,” Franklin told CyberScoop. He presented his findings at the DEF CON conference in Las Vegas. The major political parties’ Senate candidates also tend to be more experienced on the campaign trail and have bigger staffs for those statewide races. […]

The post Research shows gap in House, Senate candidates’ website security appeared first on Cyberscoop.

Continue reading Research shows gap in House, Senate candidates’ website security→