House GOP campaign arm targeted by ‘unknown entity’ in 2018
Thousands of emails were stolen from aides to the National Republican Congressional Committee during the 2018 midterm campaign, a major breach exposing vulnerabilities that have kept cybersecurity experts on edge since the 2016 presidential race. The email accounts were compromised during a series of intrusions that had been spread over several months and discovered in April, a person familiar with the matter told The Associated Press. At least four different party aides had their emails surveilled by hackers, said the person, who was not authorized to discuss the details publicly and spoke on condition of anonymity. The committee said an “unknown entity” was behind the hack but provided few other details. A cybersecurity firm and the FBI have been investigating the matter, the committee said. The FBI declined to comment. Politically motivated cyberespionage is commonplace across the world, but Americans have become particularly alert to the possibility of digital interference since Russia’s meddling in the 2016 election. The theft of Democrats’ emails is still fresh in the minds of many political operatives and lawmakers, who have stepped up defensive measures but still struggle to protect themselves. Foreign spies routinely try to hack into politicians’ emails to gain insight, ferret out weaknesses and win a diplomatic edge. But hackers often launch sweeping spear-phishing campaigns to gain access to a variety accounts — with no political motivation. With no immediate suspects and few technical details, it’s unclear what the significance of this latest incursion is. In August, the Democratic National Committee thought it had thwarted an attempt to break into its massive voter database — but the effort turned out to be unauthorized test that mimicked what an attack would look like. CrowdStrike, a California-based cybersecurity company, said Tuesday the NRCC asked the company in April to “perform an investigation related to unauthorized access” to the committee’s emails. Before that, the company had been helping the committee protect its internal corporate network, which wasn’t compromised. “The cybersecurity of the committee’s data is paramount, and upon learning of the intrusion, the NRCC immediately launched an internal investigation and notified the FBI, which is now investigating the matter,” the committee said in a statement. The hack was first reported by Politico. Earlier this year, NRCC Chairman Steve Stivers said the committee — which raises money to support Republican candidates for the House — hired multiple cybersecurity staffers to work with its candidates and promised to do more. “We’re starting to advise campaigns, but we’re not ready to roll the whole thing out. We’re working on it,” Stivers said in March. “We’re working on the technology-based stuff to try and make sure that we know what’s out there — which is hard, too — and then we try to defend against it the best we can.” During the 2016 presidential campaign, Russian state-aligned hackers organized the leak of more than 150,000 emails stolen from more than a dozen Democrats. The FBI later said that the Russians had targeted more than 300 people affiliated with the Hillary Clinton campaign and other Democratic institutions over the course of the presidential contest. Special counsel Robert Mueller is now investigating the whether people close to Donald Trump’s presidential campaign had advance knowledge of WikiLeaks’ plans. U.S. officials have expressed concern about foreign interference in U.S. elections. This weekend, Defense Secretary Jim Mattis accused Russia of trying to “muck around” in the November midterm elections. Mattis did not offer specifics and would not elaborate. In October, the Justice Department unsealed criminal charges detailing a yearslong effort by a Russian troll farm to “sow division and discord in the U.S. political system” by creating thousands of false social media profiles and email accounts that appeared to be from people inside the United States. The complaint provided a clear picture that there is still a hidden but powerful Russian social media effort aimed at spreading distrust for American political candidates and causing divisions on social issues such as immigration and gun control. The campaign season saw several examples of digital mischief, although none with the impact of the 2016 hacks. In August, Microsoft alerted the public to attempts by government-backed Russian hackers to target U.S. conservatives’ email by creating fake websites that appeared to belong to a pair of think tanks, the Hudson Institute and International Republican Institute. It also confirmed an attempt similarly attributed to Russian hackers to infiltrate the Senate computer network of Sen. Claire McCaskill, the Missouri Democrat who lost a re-election bid in November. Google later confirmed in September that the personal Gmail accounts of multiple senators and staffers had recently been targeted by foreign hackers, though it did not specify the cyberspies’ nationality nor the party affiliations of the targets. Republished with permission from the Associated Press.
Parker Snider: How to prepare for Russia’s October surprise
Russia is in the business of mind control. They’re not doing it through sinister headgear, satellite interference, or dream invasion like in Inception, though. Instead, Russia seeks to control the minds of Americans through something we all have and spend arguably too much time on: social media. This isn’t news to many of us. For years we’ve heard how Russia infiltrated Facebook and Twitter in an effort to divide our nation during the 2016 election. It seems, however, that Russia’s interference in our last presidential election wasn’t a “one-and-done” deal. Russia, reports suggest, is coming back for more. In a recent press conference at the White House, intelligence officers remarked that Russia is engaged in a “24/7, 365-days-a-year” campaign to influence the 2018 elections through various means, but especially though social media. Recent headlines confirm this reality. Just this summer, Facebook announced that it has shut down over thirty fake accounts that had over 300,000 followers each. Unfortunately, however, this may only be the tip of the iceberg. According to experts, there is 25 to 30 times more fake information from automated political accounts than real interaction between people on their platform. With the 2018 midterms only weeks away, current intelligence suggests that there will likely be an “October surprise” by the Russians in which they increase their misinformation campaigns to have the largest impact. In a recent interview with NPR, Matt Bruen, a former staffer with the National Security Council within the White House, stated, “It is not a question, in my mind, of whether it’s going to happen. It is a question only of when and how large.” Why, though, is Russia so intent on participating in our electoral process? In the editor’s letter to a recent edition of The Week magazine, Mark Gimein–who was born in Russia and whose family found refuge in the states–argues that Russia is driven by “the[ir] overarching ambition of undermining the moral standing of the U.S.” “What the Kremlin’s hackers most want to break into,” he continues, “isn’t voting machine software; it’s the democratic principles of tolerance and the peaceful transition of power.” Russia’s goal is not the election of a specific person or party to power. Instead, Russia wants to sow discord and anger in our ranks through misinformation. They hope to control how we think of our political opponents, with the goal that we will ultimately become our own worst enemy. Russia is in the business of mind control, but there’s good news: we can prepare. The best way to do that is not to eliminate social media from our lives, but to adopt a healthy level of skepticism towards political posts we see on those platforms. Before sharing anything, we each ought to do some basic research and see if any other news organizations are corroborating it. If not, it’s best to wait to see if the story is picked up by reputable news sources. Those inflammatory news stories that are not mentioned anywhere else are likely fake. The Russians are betting that we continue to believe everything we see on social media that lines up with our political views. They’re also hoping that we share it to our friends, and that they share it to their friends. A little fact-checking–even a simple Google search–could severely hamper their efforts. We can win this battle, and I am confident that we will. It may be a little less convenient, but it will ensure our democracy survives in the long-run. ••• Parker Snider is Policy Relations Manager for the Alabama Policy Institute (API). API is an independent, nonpartisan, nonprofit research and educational organization dedicated to strengthening free enterprise, defending limited government, and championing strong families. If you would like to speak with the author, please e-mail communications@alabamapolicy.org or call (205) 870-9900.
WikiLeaks reveals CIA files describing hacking tools
WikiLeaks published thousands of documents Tuesday described as secret files about CIA hacking tools the government employs to break into users’ computers, mobile phones and even smart TVs from companies like Apple, Google, Microsoft and Samsung. The documents describe clandestine methods for bypassing or defeating encryption, antivirus tools and other protective security features intended to keep the private information of citizens and corporations safe from prying eyes. U.S. government employees, including President Donald Trump, use many of the same products and internet services purportedly compromised by the tools. The documents describe CIA efforts — cooperating with friendly foreign governments and the U.S. National Security Agency — to subvert the world’s most popular technology platforms, including Apple’s iPhones and iPads, Google’s Android phones and the Microsoft Windows operating system for desktop computers and laptops. The documents also include discussions about compromising some internet-connected televisions to turn them into listening posts. One document discusses hacking vehicle systems, indicating the CIA’s interest in hacking modern cars with sophisticated on-board computers. WikiLeaks has a long track record of releasing top secret government documents, and experts who sifted through the material said it appeared legitimate. The chairman of the House intelligence committee, Rep. Devin Nunes, R-Calif., said he was very concerned about the release and had asked the intelligence community for more information about it. Former CIA Director Mike Hayden told MSNBC he had undertaken only a cursory review of the documents, but that if they were what they were purported to be, it would amount to a “very extensive file of the tactics, techniques, procedures, targets and other political rules” under which the CIA hacks targets. “If it is that, it would be very, very damaging,” he said. Jonathan Liu, a spokesman for the CIA, said: “We do not comment on the authenticity or content of purported intelligence documents.” White House spokesman Sean Spicer also declined comment. Missing from WikiLeaks’ trove are the actual hacking tools themselves, some of which were developed by government hackers while others were purchased from outsiders. WikiLeaks said it planned to avoid distributing tools “until a consensus emerges” on the political nature of the CIA’s program and how such software could be analyzed, disarmed and published. Tuesday’s disclosure left anxious consumers who use the products with little recourse, since repairing the software vulnerabilities in ways that might block the tools’ effectiveness is the responsibility of leading technology companies. The revelations threatened to upend confidence in an Obama-era government program, the Vulnerability Equities Process, under which federal agencies warn technology companies about weaknesses in their software so they can be quickly fixed. It was not immediately clear how WikiLeaks obtained the information, and details in the documents could not immediately be verified. WikiLeaks said the material came from “an isolated, high-security network” inside the CIA’s Center for Cyber Intelligence but didn’t say whether the files were removed by a rogue employee or whether the theft involved hacking a federal contractor working for the CIA or perhaps breaking into a staging server where such information might have been temporarily stored. “The archive appears to have been circulated among former U.S. government hackers and contractors in an unauthorized manner, one of whom has provided WikiLeaks with portions of the archive,” WikiLeaks said in a statement. Some technology firms on Tuesday said they were evaluating the information. Microsoft Corp. said it was looking into the report, while the maker of secure messaging app Signal said the purported CIA tools affected users’ actual phones and not its software design or encryption protocols. The manufacturer of the popular Telegram mobile messaging app said in a statement that manufacturers of cellphones and their operating systems, including Apple, Google and Samsung, were responsible for improving the security of their devices. It said the effort will require “many hours of work and many security updates” and assured its customers that “If the CIA is not on your back, you shouldn’t start worrying yet.” The tools described in the documents carried bizarre names, including Time Stomper, Fight Club, Jukebox, Bartender, Wild Turkey, Margarita and “RickyBobby,” a racecar-driving character in the comedy film, “Talladega Nights.” That RickyBobby tool, the documents said, was intended to plant and harvest files on computers running “newer versions of Microsoft Windows and Windows Server.” It operated “as a lightweight implant for target computers” without raising warnings from antivirus or intrusion-detection software. It took advantage of files Microsoft built into Windows since at least 10 years ago. The files include comments by CIA hackers boasting in slang language of their prowess: “You know we got the dankest Trojans and collection tools,” one reads. The documents show broad exchanges of tools and information among the CIA, NSA and other U.S. intelligence agencies, as well as intelligence services of close allies Australia, Canada, New Zealand and the United Kingdom. WikiLeaks claimed the CIA used both its Langley, Virginia, headquarters and the U.S. consulate in Frankfurt, Germany, as bases for its covert hackers. The AP found that one purported CIA hack that imitates the Domain Name System — the internet’s phone book — traced to an internet domain hosted in Germany. In an unusual move, WikiLeaks said it was withholding some secrets inside the documents. Among them, it said it had withheld details of tens of thousands of “CIA targets and attack machines throughout Latin America, Europe and the United States.” WikiLeaks also said its data included a “substantial library” of digital espionage techniques borrowed from other countries, including Russia. If the authenticity of the documents is officially confirmed, it would represent yet another catastrophic breach for the U.S. intelligence community at the hands of WikiLeaks and its allies, which have repeatedly humbled Washington with the mass release of classified material, including from the State Department and the Pentagon. Tuesday’s documents purported to be from the CIA’s “Embedded Development Branch” discuss techniques for injecting malicious code into computers protected by the personal security products of leading international anti-virus companies. They describe ways to trick anti-virus products from companies
Putin says Russia won’t expel U.S. diplomats in hacking flap
President Vladimir Putin castigated the United States on Friday for imposing sanctions and expelling Russian diplomats amid allegations of Russian meddling in the American presidential election, but said no U.S. diplomats will be ousted in reprisal for President Barack Obama‘s moves in the wake of hacking attacks. In a burgeoning controversy surrounding complaints from the Obama administration about a cyberattack against America’s political system, the White House on Thursday unleashed a string of sanctions and coupled them with an order that 35 Russians be expelled. Putin, however, said on Friday that Moscow would not eject American diplomats in response to what he described as “provocation aimed at further undermining Russian-American relations” less than a month before Donald Trump is to take over the White House. The decision came as a surprise; tit-for-tat expulsions are common diplomatic practice and Foreign Minister Sergey Lavrov had suggested hours before Putin’s announcement that Russia would oust 31 American diplomats. “The Russian diplomats returning home will spend the New Year holidays with their relatives and dear ones,” Putin said in a statement published on the Kremlin website. “We will not create problems for U.S. diplomats. We will not expel anybody.” He added: “Moreover, I am inviting all children of U.S. diplomats accredited in Russia to the New Year and Christmas parties at the Kremlin.” Putin appeared to aim at playing a long game and at making a barbed reminder that Obama is a lame duck. “Putin’s asymmetric response to Obama’s new sanctions is an investment in the incoming Trump presidency,” Dmitry Trenin, director of the Carnegie Moscow Center, said on Twitter. “A different kind of tit-for-tat: even as Obama seeks to constrain Trump in his Russia policy, Putin counters that step with a show of magnanimity.” The diplomatic confrontation between Washington and Moscow, which had been festering even before Trump won the Nov. 8 presidential election, puts pressure on the billionaire businessman not to let Russia off the hook after he takes office on Jan. 20. Russia’s government had threatened retaliation, and it continues to deny U.S. accusations that it hacked and stole emails to try to help Trump win. Trump said the U.S. should move on, but in a sign he was no longer totally brushing off the allegations, he plans to meet with U.S. intelligence leaders next week to learn more. In his statement published on Friday, Putin said Russia will not bar the diplomats’ “families and their children from using their favorite places of recreation during the holidays.” New Year’s Eve has been the main holiday in Russia since Soviet times. Russians celebrate Christmas on Jan. 7 Obama on Thursday ordered sanctions against the GRU and FSB, the Russian intelligence agencies the U.S. said were involved in the hacking attacks. In an elaborately coordinated response by at least five federal agencies, the Obama administration also sought to expose Russia’s cyber tactics with a detailed technical report and hinted it might still launch a covert counterattack. “All Americans should be alarmed by Russia’s actions,” said Obama, who was vacationing in Hawaii. Yet the sanctions could easily be pulled back by Trump, who has insisted that Obama and Democrats are merely attempting to delegitimize his election. Russian Prime Minister Dmitry Medvedev charged earlier on Friday that Washington has become immersed in “anti-Russian death throes.” Medvedev, who focused on improving U.S.-Russia ties when he was president from 2008-2012, called the latest diplomatic breach “sad” in a Twitter post. U.S. relations with Russia have suffered during Obama’s presidency as he and Putin tussled over Ukraine, Edward Snowden and Russia’s support for Syrian President Bashar Assad. Maria Zakharova, a Russian foreign ministry spokeswoman, took to Facebook to call the Obama administration “a group of foreign policy losers, angry and ignorant.” As part of the punishment leveled against Moscow, the U.S. kicked out 35 Russian diplomats, in response to Russia’s harassment of U.S. diplomats. Russian recreational compounds in New York and Maryland that U.S. officials said were being used for intelligence were also shut down. It was the strongest retaliation the Obama administration has taken for a cyberattack, and more comprehensive than last year’s sanctions on North Korea after it hacked Sony Pictures Entertainment. The new penalties add to existing U.S. sanctions over Russia’s annexation of Crimea and support for separatists in eastern Ukraine. Senior Obama administration officials said that even with the penalties, the U.S. had reason to believe Russia would keep hacking other nations’ elections and might well try to hack American elections again in 2018 or 2020. The officials briefed reporters on a conference call on condition of anonymity. Though the FBI and Department of Homeland Security issued a joint report on “Russian malicious cyber activity” the government still has not released a broader report Obama has promised detailing Russia’s efforts to interfere with U.S. elections. The report has been eagerly anticipated by those hoping to make it politically untenable for Trump to continue questioning whether Russia was really involved. Obama’s move puts Trump in the position of having to decide whether to roll back the measures once in office. U.S. officials suggested that building the case against Russia now would make it harder for Trump to justify easing up. Putin mentioned on Friday that Russia will be taking steps in the bilateral relations depending on what Trump does once he’s sworn in. Republished with permission of the Associated Press.
Steven Kurlander: Redefining a political hack: The dangerous obsolescence of the electoral process
Stealing elections, even presidential ones, is an American political tradition dating back to the beginning of our nation. Think about those hanging chads in Florida, or Mayor Daley stuffing the ballot box in Chicago for JFK. But stuffing the ballot box is about to be taken to a new level in the race for the White House — not by Donald Trump or Hillary Clinton, but by the Russian government. Our electoral process has failed to keep up and adapt to tremendous technological changes in the last half-century that impact the exchange, storage, and security of voter information and the election process itself. Our political system is not only broken by being obsolete and inefficient, but extremely vulnerable to hacking and disruption to the point where the integrity of the elections can be greatly impacted. “Cybersecurity experts have long warned that computerized voting systems are vulnerable to hacking, and what once seemed like wild prognostication is increasingly coming true,” writes Elias Groll of Foreign Policy. As the presidential election continues, the Russians are penetrating these vulnerabilities to influence who wins the Oval Office by hacking their way into the American political system, some say to swing the election for Donald Trump. The Washington Post termed the hacking campaign by Russia as “a broad covert Russian operation in the United States to sow public distrust in the upcoming presidential election and in U.S. political institutions.” The most obvious example so far this election cycle was the hacking of the Democratic National Committee and the release of emails by WikiLeaks showing a bias by DNC officials for Hillary Clinton, which impacted the Democratic convention and the Democratic Party itself. In addition, the FBI issued an alert in mid-August after the Arizona and Illinois voter databases were hacked by what is again to be believed Russian operatives. Disinformation, whether planted by a foreign government or a political adversary, is nothing new to politics, particularly when it can be identified as such by our security apparatus. All those WikiLeaks about the DNC did was embarrass Democratic officials for a day and get Congresswoman Debbie Wasserman Schultz fired as chairwoman, which was going to happen anyway. But if the Russians can hack into a Democratic or Republican Party database — or, even worse, the registration lists of various states — how can’t you believe that Putin could not compromise the tabulation of votes on Election Day to swing the election to Trump? In this presidential race, most Americans have already decided who they are not voting for. So they won’t be fooled by the Russians, or anyone else, looking to sway their votes one way or the other or discourage their participation in the electoral process. They are already very displeased with their politicians, and with the choice of Donald Trump or Hillary Clinton too. Now we must question whether their votes will really count, or be counted accurately. There’s really no assurance these vulnerabilities are being adequately addressed and that Americans can be confident the final tabulations of the 2016 election will be accurate and correct. Hacking is not simply a matter of simple voter fraud in the traditional sense that should be considered just another aspect of an American election. It’s about a Russian political hack, not American voters, deciding who is our next American president. ___ Steven Kurlander blogs at Kurly’s Kommentary. He is a communications strategist and an attorney in Monticello, New York, writes for Florida Politics and is a former columnist for the South Florida Sun-Sentinel. He can be emailed at kurly@stevenkurlander.com.
