Facebook takes down Russian-linked disinformation targeting Ukraine

In its latest effort to root out disinformation on its platform, Facebook announced it is taking down 97 pages, groups, and accounts emanating from Russia and targeting Ukraine that attempted to conceal who was behind them. Facebook’s head of cybersecurity policy Nathaniel Gleicher clarified that Facebook was taking them down because of their manipulative behavior and not due to the content they were posting. The groups, accounts, and pages posted primarily about political topics of local concern in Ukraine, such as the conflict in Eastern Ukraine, the conflict in Syria, Russian politics, and European politics, Gleicher said in a blog post. The actors used fake accounts to disseminate information and also worked to redirect users to an external site that posted on similar topics. In one case up to 34,000 users followed a page coordinating disinformation, and in another, up to 86,000 accounts joined one of the groups. Ben Nimmo, who […]

The post Facebook takes down Russian-linked disinformation targeting Ukraine appeared first on CyberScoop.

Continue reading Facebook takes down Russian-linked disinformation targeting Ukraine

NSA’s Russian cyberthreat task force is now permanent

The task force the National Security Agency and U.S. Cyber Command created last year to thwart Russian influence and cyberattacks on the U.S. is now permanent, spokespeople from both agencies confirmed to CyberScoop. The “Russia Small Group” — whose existence NSA Director Paul Nakasone announced in July of last year, absent guidance from the White House on how to handle Russian cyberthreats — settles in as the White House, Congress and the Pentagon have taken steps to clarify how and when the military should conduct offensive operations in cyberspace. The NSA would not comment on the number of people on the task force, where it is based, or when the operation became permanent. One intelligence official told CyberScoop the group’s new permanent designation, under routine operations, likely marks a surge of incoming resources, just as in any military surge. “We intend to build on this foundation as we prepare with our interagency partners for a broader challenge in the upcoming […]

The post NSA’s Russian cyberthreat task force is now permanent appeared first on CyberScoop.

Continue reading NSA’s Russian cyberthreat task force is now permanent

U.S. Cyber Command has shifted its definition of success

U.S. Cyber Command is shifting the way it measures success from solely military outcomes to how the command enables other government agencies to defend against foreign offensive cyber threats. Brig. Gen. Timothy Haugh, who is in charge of Cyber Command’s Cyber National Mission Force, said on Tuesday at an event hosted by the Atlantic Council that success is “not necessarily [about] the department’s outcome,” but is instead about “how can we enable our international partners [and] our domestic partners in industry to be able to defend those things that are critical to our nation’s success.” Haugh said Cyber Command is doing its job right if agencies are taking their own actions: State Department issuing démarches, Department of Homeland Security releasing alerts, and Treasury Department announcing sanctions “based off of information that is derived from our operations.” In the past, Haugh said he believes that these outcomes may not have been considered as wins. […]

The post U.S. Cyber Command has shifted its definition of success appeared first on CyberScoop.

Continue reading U.S. Cyber Command has shifted its definition of success

Accenture: Russian hackers using Brexit talks to disguise phishing lures

A notorious Russian hacking group tried to exploit the latest flurry of Brexit-related news to spread malware to unsuspecting victims, according to a report from Accenture released Thursday. APT28, which Accenture refers to as SNAKEMACKEREL, used a malware-laced Microsoft Word document that appeared to be about the United Kingdom’s planned separation from the European Union to try breaching a wide variety of targets’ systems, researchers said. APT28 is widely believed to be the product of Russian intelligence services. Also known as Fancy Bear, Pawn Storm and other names, its the same group researchers have blamed for the 2016 breach on the Democratic National Committee, for leaks relating to the 2018 Winter Olympics and for the targeting of various government, political, critical infrastructure and other organizations. “Based on observed targeting by this threat group over the past few years, we assess with moderate confidence that they are likely to have targeted government, politics, think tanks and defense organizations in […]

The post Accenture: Russian hackers using Brexit talks to disguise phishing lures appeared first on Cyberscoop.

Continue reading Accenture: Russian hackers using Brexit talks to disguise phishing lures

Microsoft reveals first known Russian hacking attempt aimed at 2018 midterms

The same Russian hacking group that breached the Democratic National Committee (DNC) also tried to penetrate the campaigns of several candidates running for the midterm elections, a Microsoft executive revealed for the first time Thursday. The disclosure marks the first known case of a foreign government explicitly targeting the 2018 election. Speaking on an election security panel at the Aspen Security Forum, Tom Burt, vice president for customer security and trust at Microsoft, said there had been three separate attempts to hack 2018 midterm campaigns earlier this year. Microsoft’s security team, which counts both Republican and Democratic campaigns among its clients, detected a series of spear phishing emails sent to midterm candidates. The emails paralleled similar activity from 2016 previously attributed to Russian hacking group “APT28,” also known as “Fancy Bear.” Burt declined to name the campaigns but said: “I can tell you that they were all people who, because […]

The post Microsoft reveals first known Russian hacking attempt aimed at 2018 midterms appeared first on Cyberscoop.

Continue reading Microsoft reveals first known Russian hacking attempt aimed at 2018 midterms

Trump’s refusal to call out Russian hacking provokes swift, sharp backlash

President Donald Trump drew sharp criticism Monday from former intelligence officials and lawmakers after refusing to acknowledge or condemn Russian interference in the 2016 presidential election while standing alongside Russian President Vladimir Putin. Following a closed-door tête-à-tête in Helsinki, Finland, the two leaders held a joint 45-minute press conference. During the wide-ranging session, among other things, the sitting U.S. president publicly declined to back the unanimous findings of his own U.S. intelligence community – that Russia interfered in the 2016 presidential election, through a series of cyberattacks and carefully orchestrated information campaigns. “They said they think it’s Russia; I have asked President Putin, he just said ‘It’s not Russia,” Trump said. “I have great confidence in my intelligence people, but I will tell you that President Putin was extremely strong and powerful in his denial today.” Within an hour, former intelligence chiefs were panning Trump and his statements at the press […]

The post Trump’s refusal to call out Russian hacking provokes swift, sharp backlash appeared first on Cyberscoop.

Continue reading Trump’s refusal to call out Russian hacking provokes swift, sharp backlash

DHS won’t reverse ban on Kaspersky products, court docs show

The Department of Homeland Security refuses to reverse the ban on Kaspersky products after the Russian anti-virus company sued the agency for its September 2017 directive, according to new court documents. Last month, Kaspersky Lab filed a preliminary injunction in U.S. federal court to overturn the Binding Operational Directive (BOD) that bans the company’s anti- virus software on federal computers. In a response to the court Tuesday, DHS is requesting the court to deny the request from Kaspersky Lab, stating that even if the BOD is overturned, the congressional ban on Kaspersky products still stands. Aside from the directive, the 2018 National Defense Authorization Act prohibits federal agencies from using Kaspersky products. That ban goes into effect on Oct. 1, 2018. “Any new investment in Kaspersky software would frustrate agency efforts to bring their information systems in compliance with the NDAA,” acting Federal Chief Information Security Officer (CISO) Grant Schneider said in a accompanying […]

The post DHS won’t reverse ban on Kaspersky products, court docs show appeared first on Cyberscoop.

Continue reading DHS won’t reverse ban on Kaspersky products, court docs show

U.S. voting machines are easily hackable, DEF CON report says

A number of voting machines used in U.S. elections are easily hackable, a report from DEF CON, one of the world’s largest hacker conventions, found. The report is based on the Voting Village experiment at July’s DEF CON conference in Las Vegas. Over the course of four days, hackers were invited to explore and tinker with voting machines to expose their vulnerabilities. Hackers with physical access to the systems were able to compromise some of the machines within minutes. Over the course of the experiment, each of the two dozen machines was breached in some way, the report notes. The findings were presented by a panel of hackers and cybersecurity experts on an Atlantic Council panel on Tuesday, which included DEF CON founder Jeff Moss. “These machines were pretty easy to hack,” Moss said. “This flies in the face of the narrative that’s been spun by the manufacturers, which is […]

The post U.S. voting machines are easily hackable, DEF CON report says appeared first on Cyberscoop.

Continue reading U.S. voting machines are easily hackable, DEF CON report says

Homeland security adviser explains what Trump meant by ‘impenetrable cyber security unit’

The “impenetrable cybersecurity unit” that President Donald Trump talked about forming with Russia won’t happen, but U.S. officials will open a dialogue with their Kremlin counterparts about “rules of the road” in cyberspace, White House homeland security adviser Tom Bossert said Friday. It’s the first time a senior Trump administration cybersecurity official has addressed the issue since the president’s notorious tweet earlier this month. Putin & I discussed forming an impenetrable Cyber Security unit so that election hacking, & many other negative things, will be guarded.. — Donald J. Trump (@realDonaldTrump) July 9, 2017 The tweet, saying Trump and Russian President Vladimir Putin had “discussed forming an impenetrable Cybersecurity unit so that election hacking, & many other negative things, will be guarded,” set off a firestorm of derision and criticism from experts. Trump eventually seemed to retreat from the idea, but Bossert’s comments Friday made clear there will be an effort to open a […]

The post Homeland security adviser explains what Trump meant by ‘impenetrable cyber security unit’ appeared first on Cyberscoop.

Continue reading Homeland security adviser explains what Trump meant by ‘impenetrable cyber security unit’

U.S. election software companies aren’t that worried about phishing emails

Although a recently leaked intelligence report suggested that Russian spies attempted to hack into at least one election software vendor, many of the industry’s top companies say they aren’t threatened by spear phishing emails. Prominent election software companies say that phishing emails do not present a pressing problem, even though a classified intelligence report recently published by The Intercept indicated that Russian military intelligence had previously targeted one such company. The report says Russia’s attempt to influence the U.S. voting process may have been more expansive, and revealed attempts to place malware on the computers of local government officials. Of 16 U.S. election software companies contacted by CyberScoop, four said that they had not received any phishing emails between August 2016 and June 2017, including Free & Fair, ClearBallot, Scytl and BPro Inc. Others, like Everyone Counts, reported receiving phishing emails but stressed the sufficiency of the security systems currently in place […]

The post U.S. election software companies aren’t that worried about phishing emails appeared first on Cyberscoop.

Continue reading U.S. election software companies aren’t that worried about phishing emails