US Presidential Election Hacks Revealed

Uploaded on 2017-06-20 in FREE TO VIEW, GOVERNMENT-National, INTELLIGENCE--USA, NEWS-Cybersecurity News

A leaked top-secret National Security Agency document indicates that Russian hacking efforts around the US presidential election were much broader and more pervasive than originally known, and certainly state-sponsored.

The intelligence document was published by online news outlet The Intercept, just hours before the Justice Department announced charges against a 25-year-old government contractor named Reality Winner for leaking the information.

The document, which was heavily redacted during the process of the Intercept verifying its authenticity with the DoJ, indicates that Russian Military Intelligence executed several spear-phishing attempts against at least 100 state and local voting officials in the week prior to Election Day. It also mounted a cyber-attack on at least one US voting software supplier.

Officials speaking on background to the Intercept noted that there is no evidence that actual election outcomes were affected by the meddling.

However, the document concludes that the situation "raises the possibility that Russian hacking may have breached at least some elements of the voting system, with disconcertingly uncertain results."

The report said that the Russian plan was to gain access to systems at an e-voting vendor, in order to gather information needed to convincingly pose as a representative from that company.

From there, the hackers would send spoof emails purporting to be from the vendor, in an attempt to trick voting officials into opening infected Microsoft Word documents. Those documents in turn would execute malware that would have given the hackers control over the local voting division’s network.

The Report reads:

“Russian General Staff Main Intelligence Directorate actors … executed cyber espionage operations against a named US company in August 2016, evidently to obtain information on elections-related software and hardware solutions. … The actors likely used data obtained from that operation to … launch a voter registration-themed spear-phishing campaign targeting US local government organisations.”

The news comes shortly after Russian President Vladimir Putin suggested that “patriotically minded” private Russian hackers may have been behind the election-season hacking. However, the CIA and other organizations have said that it’s clear that the Kremlin was directly involved, a claim the NSA document backs up.

“The insider threat landscape usually breaks down into three pieces: Malicious insiders, negligent insiders and compromised insiders,” said Morgan Gerhart, vice president at Imperva, via email. “To mitigate the risk, corporations should ask themselves where their sensitive data lies, and invest in solutions that directly monitor who accesses it and how.”

Winner, meanwhile, was arrested in her home recently. The NSA contractor admitted to printing out the document and mailing it to the Intercept. She was easy to track down, being just one of six individuals who had printed the document. She faces a single charge of "gathering, transmitting or losing defense information."

“According to reports, the leaker was identified because of strong audit trails of who accessed what,” said Gerhart. “They can invest in solutions that help them pinpoint critical anomalies that indicate misuse of enterprise data stored in databases, file servers and cloud apps and that also help them to quickly quarantine risky users in order to proactively prevent and contain data breaches. This approach works across careless, compromised and malicious insiders.”

InfoSecurity:

You Might Also Read:

Vladimir Putin & Donald Trump: Relationship Counselling:

Both US Presidential Campaigns Hacked:

 

« US Blames North Korea For Hacking
WannaCry Prompts Microsoft Updates … And A Warning »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Oxygen Forensics

Oxygen Forensics

Oxygen Forensics offer the most advanced forensic data examination tools for mobile devices and cloud services.

Digital Forensics Inc (DFI)

Digital Forensics Inc (DFI)

Digital Forensics Inc. is a nationally recognized High Technology Forensic Investigations and Information System Security firm

Cybersecurity Association of Maryland (CAMI)

Cybersecurity Association of Maryland (CAMI)

CAMI’s mission is to create a global cybersecurity marketplace in Maryland and generate thousands of high-pay jobs through the cybersecurity industry.

Industrial Networking Solutions (INS)

Industrial Networking Solutions (INS)

INS Services specializes in designing, deploying and providing on-going support for critical OT (Operational Technology) and IIoT (Industrial Internet of Things) networks.

Medigate

Medigate

Medigate is a dedicated medical device security platform protecting all of the connected medical devices on health care provider networks.

VerSprite

VerSprite

VerSprite is a specialist information security consulting firm. We provide organizations with detection across all their attack surfaces and deliver critical insight into all possible attack methods.

Yelbridges

Yelbridges

Yelbridges is your reliable partner in all fields of IT-Security, from developing of Security Policies and Guidelines to the design and implementation of secure processes.

Startup Wise Guys

Startup Wise Guys

Startup Wise Guys is a mentorship-driven accelerator program for early stage B2B SaaS, Fintech, Cybersecurity & Defense AI startups.

ZecOps

ZecOps

ZecOps is a cybersecurity automation company offering solutions for servers, endpoints, mobile devices, and custom devices.

Cyberport

Cyberport

Cyberport is focused on facilitating the growth of major technology trends such as FinTech and cybersecurity as well as the emerging technologies of AI, big data and blockchain.

CyberHunter Solutions

CyberHunter Solutions

CyberHunter is a leading website security company that provides penetration testing, Network Vulnerability Assessments, cyber security consulting services to prevent cyber attacks.

Paradyn

Paradyn

Paradyn-managed security services can provide a holistic view of your business environment, no matter how simple or complex it is.

Deft

Deft

Deft (formerly ServerCentral Turing Group) is a trusted provider of colocation, cloud, and disaster recovery services.

Digistor

Digistor

Digistor is a leading manufacturer of industrial-grade flash storage products, secure storage products, and Removable Secure Data Storage.

Advania UK

Advania UK

Advania are one of Microsoft’s leading partners in the UK, specialising in Azure, Security, Dynamics 365 and Microsoft 365.

RedArx Cyber Group

RedArx Cyber Group

At RedArx Cyber Group, our vision is to empower businesses with cutting-edge, proactive security solutions that safeguard their digital landscapes.