US Presidential Election Hacks Revealed

Uploaded on 2017-06-20 in FREE TO VIEW, GOVERNMENT-National, INTELLIGENCE--USA, NEWS-Cybersecurity News

A leaked top-secret National Security Agency document indicates that Russian hacking efforts around the US presidential election were much broader and more pervasive than originally known, and certainly state-sponsored.

The intelligence document was published by online news outlet The Intercept, just hours before the Justice Department announced charges against a 25-year-old government contractor named Reality Winner for leaking the information.

The document, which was heavily redacted during the process of the Intercept verifying its authenticity with the DoJ, indicates that Russian Military Intelligence executed several spear-phishing attempts against at least 100 state and local voting officials in the week prior to Election Day. It also mounted a cyber-attack on at least one US voting software supplier.

Officials speaking on background to the Intercept noted that there is no evidence that actual election outcomes were affected by the meddling.

However, the document concludes that the situation "raises the possibility that Russian hacking may have breached at least some elements of the voting system, with disconcertingly uncertain results."

The report said that the Russian plan was to gain access to systems at an e-voting vendor, in order to gather information needed to convincingly pose as a representative from that company.

From there, the hackers would send spoof emails purporting to be from the vendor, in an attempt to trick voting officials into opening infected Microsoft Word documents. Those documents in turn would execute malware that would have given the hackers control over the local voting division’s network.

The Report reads:

“Russian General Staff Main Intelligence Directorate actors … executed cyber espionage operations against a named US company in August 2016, evidently to obtain information on elections-related software and hardware solutions. … The actors likely used data obtained from that operation to … launch a voter registration-themed spear-phishing campaign targeting US local government organisations.”

The news comes shortly after Russian President Vladimir Putin suggested that “patriotically minded” private Russian hackers may have been behind the election-season hacking. However, the CIA and other organizations have said that it’s clear that the Kremlin was directly involved, a claim the NSA document backs up.

“The insider threat landscape usually breaks down into three pieces: Malicious insiders, negligent insiders and compromised insiders,” said Morgan Gerhart, vice president at Imperva, via email. “To mitigate the risk, corporations should ask themselves where their sensitive data lies, and invest in solutions that directly monitor who accesses it and how.”

Winner, meanwhile, was arrested in her home recently. The NSA contractor admitted to printing out the document and mailing it to the Intercept. She was easy to track down, being just one of six individuals who had printed the document. She faces a single charge of "gathering, transmitting or losing defense information."

“According to reports, the leaker was identified because of strong audit trails of who accessed what,” said Gerhart. “They can invest in solutions that help them pinpoint critical anomalies that indicate misuse of enterprise data stored in databases, file servers and cloud apps and that also help them to quickly quarantine risky users in order to proactively prevent and contain data breaches. This approach works across careless, compromised and malicious insiders.”

InfoSecurity:

You Might Also Read:

Vladimir Putin & Donald Trump: Relationship Counselling:

Both US Presidential Campaigns Hacked:

 

« US Blames North Korea For Hacking
WannaCry Prompts Microsoft Updates … And A Warning »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

EuroISPA

EuroISPA

EuroISPA is a pan European association of European Internet Services Providers Associations and the world’s largest association of ISPs.

Digitronic Computersysteme

Digitronic Computersysteme

Digitronic focus on innovative software to protect your personal and sensitive corporate data.

Cyber DriveWare

Cyber DriveWare

DriveWare analyzes new traffic in the I/O layer and blocks malware and cyber attacks which organizations have no means to protect against.

Jiran Security

Jiran Security

Jiran Security provides data and application security solution over email, mobile device and endpoints.

CyberArts

CyberArts

CyberArts is founded on the belief that every single organization deserves and requires the creme de la creme when there is a need for Cyber services.

Beazley

Beazley

Beazley are a specialist insurer with three decades of experience in providing clients with the highest standards of underwriting and claims service worldwide.

Osirium

Osirium

The Osirium PxM Privileged Access Management platform addresses both security and compliance requirements by defining who gets access to what and when.

Com Laude

Com Laude

Com Laude is a domain name management company that provides strategic consulting to help companies strengthen digital brand, safeguard customers & protect brand IP.

DigiSec360

DigiSec360

DigiSec360 is a technology firm focused on the human element of cybersecurity.

Portshift

Portshift

Portshift leverages the power of Kubernetes and Service-Mesh to deliver a single source of truth for containers and cloud-native applications security.

Prism Infosec

Prism Infosec

Prism Infosec is an award-winning independent cyber security consultancy, CREST STAR, NCSC CHECK member, CAA ASSURE audit provider and PCI Qualified Security Assessor.

Lavabit

Lavabit

Lavabit's Dark Internet Mail Environment is a secure, open-source, secure end-to-end communications platform for asynchronous messaging across the internet.

Nuts Technologies

Nuts Technologies

Nuts Technologies are simplifying data privacy and encryption with our innovative and novel data containers we call nuts based on our Zero Trust Data framework.

MetaWeb Ventures

MetaWeb Ventures

MetaWeb Ventures is a global venture capital firm focused on pre-seed and seed investments in crypto start-ups.

Auxilion

Auxilion

Auxilion is an award-winning provider of consulting and IT support services, technologies and consulting for public and private organisations in the UK and Ireland.

Dapple Security

Dapple Security

Dapple Security is creating cutting edge technology utilizing responsible biometrics that protects people and privacy through a first-of-its-kind passwordless platform.