election security – Page 17

Democrats furious after intelligence officials cancel in-person election security briefings

Posted on August 31, 2020 by Sean Lyngaas

The Office of the Director of National Intelligence on Friday said it would provide election-security information to Congress through written materials rather than in-person briefings, sparking outrage among Democrats just two months before the presidential election. In letters to the House and Senate intelligence committees, among others, Director of National Intelligence John Ratcliffe said his office would provide lawmakers with “written finished intelligence products” on foreign threats to the election to prevent leaks of classified information and ensure the materials aren’t “misunderstood” or “politicized.” The move highlights the partisan fight over election security material as U.S. officials warn that Russia is once again interfering in the electoral process for the benefit of President Donald Trump. After one routine election-security briefing for lawmakers in February in which an intelligence official said Russia had a preference for Trump, the president was reportedly irate that Democrats received the information before he did. Trump […]

The post Democrats furious after intelligence officials cancel in-person election security briefings appeared first on CyberScoop.

Continue reading Democrats furious after intelligence officials cancel in-person election security briefings→

Disinformation Spurs a Thriving Industry as U.S. Election Looms

Posted on August 26, 2020 by Lindsey O'Donnell

Threat actors are becoming increasingly sophisticated in launching disinformation campaigns – and staying under the radar to avoid detection from Facebook, Twitter and other platforms. Continue reading Disinformation Spurs a Thriving Industry as U.S. Election Looms→

Everything you need to know about voting by mail

Posted on August 25, 2020 by Sean Lyngaas

State and local governments, those running for office and the American electorate are facing an unprecedented election process this year in which mail-in ballots will play a large part in how voters pick their elected officials during a once-in-a-century pandemic. In doing so, they have to navigate a U.S. Postal Service that has warned of tardy ballot deliveries, cut through the din of misinformation coming from President Donald Trump, and overcome a process that can be confusing on a number of different levels. While mail-in voting and cybersecurity don’t seem to go hand-in-hand, security officials are heavily involved in making sure the entire operation can be trusted once it’s complete. Here’s what you need to know about mail-in balloting and how it will play a greater role in this presidential election: How long has voting by mail been going on, and how is it used today? Mail-in voting is not […]

The post Everything you need to know about voting by mail appeared first on CyberScoop.

Continue reading Everything you need to know about voting by mail→

Cyber Command deploys abroad to fend off foreign hacking ahead of the 2020 election

Posted on August 25, 2020 by Shannon Vavra

The Department of Defense has sent personnel abroad to hunt for malicious software that adversaries may be using against U.S. voting infrastructure or networks prior to Election Day. Gen. Paul Nakasone announced Tuesday in a Foreign Affairs editorial that Cyber Command personnel would be deployed as part of a plan to allow defensive cyber-operators from the Pentagon to identify malware targeting other countries’ networks and systems. Similar attacks could later be used for attempted intrusions aimed at disrupting American technologies. The announcement coincides with ongoing efforts between Cyber Command, the military’s offensive hacking outfit, and the National Security Agency to monitor threats to the 2020 U.S. presidential election from Russia, China, Iran, North Korea. It was not immediately clear where the military personnel were deployed. Cyber Command has run multiple so-called Hunt Forward missions in Montenegro, which, Russian military hackers have aimed to disrupt their political process, as they did with a hack-and-leak operation against the Democratic National Committee […]

The post Cyber Command deploys abroad to fend off foreign hacking ahead of the 2020 election appeared first on CyberScoop.

Continue reading Cyber Command deploys abroad to fend off foreign hacking ahead of the 2020 election→

Feds warn election officials of potentially malicious ‘typosquatting’ websites

Posted on August 22, 2020 by Sean Lyngaas

The Department of Homeland Security last week told election officials to be wary of suspicious websites that impersonate federal and state election domains and could be used for phishing or influence operations. The Aug. 11 bulletin distributed by DHS’s Office of Intelligence and Analysis, which CyberScoop reviewed, listed roughly 50 suspicious domains that were purporting to offer information related to voting and elections. “These suspicious typo-squatting domains may be used for advertising, credential harvesting and other malicious purposes, such as phishing and influence operations,” the advisory says. “Users should pay close attention to the spelling of web addresses or websites that look trustworthy but may be close imitations of legitimate U.S. election websites.” Typosquatting is an issue that litters the internet and affects every sector because it is cheap and easy for anyone to set up a website that mimics the spelling of a legitimate one. A 2018 study found […]

The post Feds warn election officials of potentially malicious ‘typosquatting’ websites appeared first on CyberScoop.

Continue reading Feds warn election officials of potentially malicious ‘typosquatting’ websites→

List of 2020 election meddlers includes Cuba, Saudi Arabia and North Korea, US intelligence official says

Posted on August 20, 2020 by Shannon Vavra

Cuba, Saudi Arabia, and North Korea are working to influence U.S. elections by running information operations, according to the top counterintelligence official in the Trump administration. All three seek to sow discord as Election Day looms, according to Bill Evanina, the Director of the National Counterintelligence and Security Center at the Office of the Director of National Intelligence. He did not specify the nature and duration of the operations. “I believe we’re going to have a lot of things that occur in the next 70 days that are going to impact and influence those issues, from nation-state threat actors, whether it be Iran, China, and obviously Russia. We have other countries getting in the nexus because they think it works,” Evanina said during a U.S. Chamber of Commerce virtual event Wednesday. “They want to be able to provide their optics for discord in the United States … countries like Cuba, and […]

The post List of 2020 election meddlers includes Cuba, Saudi Arabia and North Korea, US intelligence official says appeared first on CyberScoop.

Continue reading List of 2020 election meddlers includes Cuba, Saudi Arabia and North Korea, US intelligence official says→

Final Senate Intel report details remarkable contact between Trump campaign, Russian spies

Posted on August 18, 2020 by Shannon Vavra

President Donald Trump’s 2016 campaign manager was closely tied to a person the United States considers a Russian intelligence officer, and may have been involved in the Russian hack-and-leak operation targeting Hillary Clinton’s campaign in 2016, the Senate Intelligence Committee said in a bipartisan report released Tuesday. Paul Manafort, Trump’s campaign manager, hired Konstantin Kilimnik, a Russian national and Ukrainian political operative, years ago to manage his consulting office in Ukraine, and had been working with Manafort since the mid-2000s, according to the Department of Justice. But while Special Counsel Robert Mueller previously said Kilimnik had “ties” to Russian intelligence, the bipartisan report identifies him as a Russian intelligence officer, and alleges that he has a possible connection to the Russian military’s hacking-and-dump scheme targeting Clinton and the Democratic National Committee in 2016. “Kilimnik is a Russian intelligence officer,” states the committee’s fifth report, the final installment of the committee’s investigation into Russian election interference in 2016. “Kilimnik may have been […]

The post Final Senate Intel report details remarkable contact between Trump campaign, Russian spies appeared first on CyberScoop.

Continue reading Final Senate Intel report details remarkable contact between Trump campaign, Russian spies→

How a new federal policy for telling election officials about cyber-intrusions got put to use

Posted on August 17, 2020 by Sean Lyngaas

In early 2020, federal officials changed how they communicated with states about cyber-intrusions affecting election infrastructure. The Department of Homeland Security’s cybersecurity agency and the FBI would now inform senior state officials, and not just IT personnel, of election-related hacking incidents in a given state. Some state officials, who had criticized the federal government for being too slow and not specific enough in sharing data on Russian hacking in 2016, welcomed the new policy as another guardrail against foreign interference in 2020. And in March, at the height of the primary season, the policy was put into action. An unidentified hacker spoofed the email account of a voting-equipment vendor and sent a phishing email to a local election official in Missouri, according to multiple people familiar with the incident who spoke on the condition of anonymity. The official took the bait — a document purporting to be an “election funding report” but which really redirected the official to […]

The post How a new federal policy for telling election officials about cyber-intrusions got put to use appeared first on CyberScoop.

Continue reading How a new federal policy for telling election officials about cyber-intrusions got put to use→

Election interference efforts have shifted, NSA and Cyber Command election threats leads say

Posted on August 7, 2020 by Shannon Vavra

With Election Day less than 100 days away, the National Security Agency and U.S. Cyber Command are carefully monitoring threats to the 2020 U.S. presidential election from Russia, China, Iran, and groups of criminal actors, two officials said Friday. And while Russian government operatives have probed state IT systems and run hack-and-leak operations to influence U.S. elections in the past, the playbook is not necessarily the same this year, the NSA election threats lead, David Imbordino, and Brig. Gen. William Hartman, the Cyber Command election threats lead, said. While Russia depended on the Internet Research Agency (IRA) to run influence operations in 2016, they have been outsourcing operations to other actors, Imbordino and Hartman said, confirming that the IRA recently set up an offshoot of its troll farm in Ghana and Nigeria. “In terms of 2020 [in the IRA] we’ve seen a shift towards more use of proxies…intermediaries…laundering information through […]

The post Election interference efforts have shifted, NSA and Cyber Command election threats leads say appeared first on CyberScoop.

Continue reading Election interference efforts have shifted, NSA and Cyber Command election threats leads say→

Ohio becomes first state to release vulnerability policy for election-related websites

Posted on August 7, 2020 by Sean Lyngaas

Ohio’s secretary of state has established guidelines for security experts to find and help fix software flaws in the state’s election-related websites, the first such move by a state as the 2020 election approaches. The vulnerability disclosure policy (VDP) covers registration websites for Ohio residents and overseas and military voters, among other sites, and provides legal liability protections for researchers. The program will bolster the efforts of Ohio Secretary of State Frank LaRose’s security team at a time when threats to election infrastructure “have never been greater,” the policy states. Under the policy, researchers are required to wait four months after reporting a vulnerability to Ohio officials before going public with it. “We believe that public disclosure of vulnerabilities is an essential part of the vulnerability disclosure process, and that one of the best ways to make software better is to enable everyone to learn from each other’s mistakes,” the […]

The post Ohio becomes first state to release vulnerability policy for election-related websites appeared first on CyberScoop.

Continue reading Ohio becomes first state to release vulnerability policy for election-related websites→