US Treasury sanctions 5 Iranian organizations for alleged election influence operations

The Treasury Department on Thursday announced sanctions against five Iranian organizations for allegedly trying to influence the U.S. election through disinformation campaigns and other attempts to sow discord. Those sanctioned for the activity included the Islamic Revolutionary Guard Corps, one of its alleged front companies, the IRGC’s Quds Force and media companies allegedly linked to the Quds Force. It’s part of a broader federal effort to push back on foreign influence operations less than two weeks from Election Day. The Iranian media outlets are accused of using English-language articles that amplify “false narratives” to sow divisions among U.S. audiences. “As recently as summer 2020, Bayan Gostar was prepared to execute a series of influence operations directed at the U.S. populace ahead of the presidential election,” Treasury said in a statement, referring to one of the alleged front companies. The Iranian Mission to the United Nations did not immediately respond to […]

The post US Treasury sanctions 5 Iranian organizations for alleged election influence operations appeared first on CyberScoop.

Continue reading US Treasury sanctions 5 Iranian organizations for alleged election influence operations

Russia-linked group that breached US state and local IT draws official accusation from feds

It’s no secret that the hacking group often referred to as Energetic Bear or TEMP.Isotope — linked by multiple security firms to Russia — is the prime suspect in a handful of breaches of state and local networks in recent weeks. But now U.S. federal officials are formally blaming the hackers for the activity. It’s part of a broader U.S effort to more swiftly accuse foreign adversaries of wrongdoing ahead of Election Day while reassuring voters that the election is being protected. In this case, federal officials said the Russian group had used a combination of old and new software vulnerabilities to breach some IT infrastructure used by state and local officials, but that there was no evidence that the “integrity of elections data has been compromised.” “The Russian state-sponsored APT actor has targeted dozens of SLTT [state, local, territorial and tribal] and aviation networks, attempted intrusions at several SLTT organizations, successfully compromised network infrastructure, and as of […]

The post Russia-linked group that breached US state and local IT draws official accusation from feds appeared first on CyberScoop.

Continue reading Russia-linked group that breached US state and local IT draws official accusation from feds

Cybercrime capitalizing on the convergence of COVID-19 and 2020 election

The cybersecurity challenges of the global pandemic are now colliding with the 2020 U.S. presidential election resulting in a surge of cybercrime, VMware research reveals. Attacks growing increasingly sophisticated and destructive As eCrime groups grow… Continue reading Cybercrime capitalizing on the convergence of COVID-19 and 2020 election

US blames Iran for threatening emails sent to Florida voters

Iran is been behind a series of intimidating emails sent to registered Democratic voters in Florida in recent days, the U.S. government has assessed. The emails, which appeared to be sent by the Proud Boys, a designated hate group supportive of President Trump, threatened voters to “Vote for Trump or else!” as Motherboard first reported. “You will vote for Trump on Election Day or we will come after you,” said some of the emails received by registered Democrats. The series of messages were “spoofed” as part of an influence campaign aimed at interfering in the U.S. election, American officials said. Voters in Alaska and Pennsylvania have also received emails like those received in Florida, according to The Washington Post. “We have already seen Iran sending spoofed emails designed to intimidate voters, incite social unrest,” Director of National Intelligence John Ratcliffe said during a press conference Wednesday. “You may have seen some reporting on this in the […]

The post US blames Iran for threatening emails sent to Florida voters appeared first on CyberScoop.

Continue reading US blames Iran for threatening emails sent to Florida voters

Cybercriminals Step Up Their Game Ahead of U.S. Elections

Ahead of the November U.S. elections, cybercriminals are stepping up their offensive in both attacks against security infrastructure and disinformation campaigns – but this time, social media giants, the government and citizens are more prepared. Continue reading Cybercriminals Step Up Their Game Ahead of U.S. Elections

How US security officials are watching for threats ahead of Election Day

FBI Director Christopher Wray once called the 2018 midterm elections a “dress rehearsal for the big show” of protecting the 2020 presidential election from foreign interference. The big show is finally here, and American officials say they are pulling out all the stops to keep it secure. U.S. intelligence, law enforcement and national security agencies have for weeks been in an “enhanced operational posture” to share any election-related threats with state and local officials, said Chris Krebs, director of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency. The week before Election Day, which is Nov. 3, those security efforts will kick into overdrive. Officials from the Department of Defense, FBI, the Election Assistance Commission, political campaigns and the private sector are scheduled to gather at CISA’s operations center outside of Washington, D.C. The U.S. Postal Service, which is playing an expanded role in this year’s election with the increase in […]

The post How US security officials are watching for threats ahead of Election Day appeared first on CyberScoop.

Continue reading How US security officials are watching for threats ahead of Election Day

Industry alert pins state, local government hacking on suspected Russian group

Suspected Russian hackers were behind multiple recent intrusions of U.S. state and local computer networks, according to an industry analysis obtained by CyberScoop. The group responsible is known as TEMP.Isotope, according to a private advisory distributed by Mandiant, the incident response arm of security company FireEye. The alert notes that the same group has also been described as Energetic Bear, which multiple security firms have linked to Russia. The FBI and the U.S. Cybersecurity and Infrastructure Security Agency on Oct. 9 publicized a hacking campaign in which attackers breached some “elections support systems,” or IT infrastructure that state and local officials use for a range of functions. Those systems are not involved in tallying votes, and the advisory from U.S. officials noted that there was no evidence that the “integrity of elections data has been compromised.” The federal advisory did not blame a particular hacking group for the activity, saying only that the campaign was the work of “advanced persistent […]

The post Industry alert pins state, local government hacking on suspected Russian group appeared first on CyberScoop.

Continue reading Industry alert pins state, local government hacking on suspected Russian group

Most US states show signs of a vulnerable election-related infrastructure

75% of all 56 U.S. states and territories leading up to the presidential election, showed signs of a vulnerable IT infrastructure, a SecurityScorecard report reveals. Since most state websites offer access to voter and election information, these findi… Continue reading Most US states show signs of a vulnerable election-related infrastructure

Biden Campaign Staffers Targeted in Cyberattack Leveraging Anti-Virus Lure, Dropbox Ploy

Google’s Threat Analysis Group sheds more light on targeted credential phishing and malware attacks on the staff of Joe Biden’s presidential campaign. Continue reading Biden Campaign Staffers Targeted in Cyberattack Leveraging Anti-Virus Lure, Dropbox Ploy

Google offers details on Chinese hacking group that targeted Biden campaign

Google on Friday offered new details on tactics used by alleged Chinese government-linked hackers who previously targeted Democratic presidential nominee Joe Biden’s campaign, while warning that multiple state-linked hacking groups continue to show an interest in the U.S. election. The Chinese state-linked group, known as APT31, has been using malicious code hosted on the open-source platform GitHub to upload and download files on networks in targeted attacks, Google said in a blog post. The use of legitimate services, including Dropbox, have made the attacks more difficult to detect. The tech giant did not specify which organizations or industries were targeted in the activity, or even if it affected political campaigns. Google did say it shares its election-related findings with the FBI and political campaigns to help protect them from the threat. “Overall, we’ve seen increased attention on the threats posed by [advanced persistent threats] in the context of the U.S. election,” […]

The post Google offers details on Chinese hacking group that targeted Biden campaign appeared first on CyberScoop.

Continue reading Google offers details on Chinese hacking group that targeted Biden campaign