Emmanuel Macron's campaign hacked on eve of French election
The French presidential candidate Emmanuel Macron has been targeted by a
“massive and coordinated” hacking attack just hours before voters go to the
polls, according to his campaign team.
Macron, who opinion polls suggest should win Sunday’s vote
by 60% to his rival Marine Le Pen’s 40%, was unable to respond to the alleged
attack because of a ban on electioneering in the run up to the opening of
polling stations.
Tens of thousands of internal emails and other documents,
some said to be false, were released online overnight on Friday as the midnight
deadline to halt campaigning passed.
… On Saturday
morning, France’s presidential electoral authority, the CNCCEP, asked
the media to avoid publishing information from the leaked documents and
reminded them of their responsibilities given the seriousness of the election.
“The publishing of false information falls under the law,
particularly criminal law,” it wrote.
Neither candidate could comment on the hacking because of
the ban on communications and polls before the polling stations open at 8am on
Sunday.
… Around nine
gigabytes of data was posted by a user called EMLEAKS to the document-sharing
site Pastebin that allows anonymous posting. It was not immediately clear who was
responsible.
… The En Marche!
statement said the data consisted of “diverse documents, such as emails,
accounting documents and contracts” hacked several weeks ago from the personal
and professional accounts of some of the movement’s staffers.
(Related).
Illinois Public Radio reports:
The State Board of Elections says
hackers gained access to the information of 80-thousand Illinois voters —
including their social security numbers and driver’s licenses.
Elections officials say hackers
had access to Illinois’ system for nearly three weeks before they were
detected. They did get access to personal information, but officials say that’s
about it. [So, no big deal? Bob]
Senator Michael Hastings from
Tinley Park says the source of the breach matches an address the FBI has linked
to Russian state security. He says
future elections could be in danger.
Read more on WSIU.
[From the
article:
“I don’t know why they selected Illinois. Perhaps they tried other states and weren’t
able to get in, they just happened to find the hole in our dike, so to speak.” [Perhaps
they looked at every state and your site was the easiest to breach? Bob]
(Related).
Germany challenges Russia over alleged cyberattacks,
The head of Germany's domestic intelligence agency accused
Russian rivals of gathering large amounts of political data in cyber attacks
and said it was up to the Kremlin to decide whether it wanted to put it to use
ahead of Germany's September elections.
Moscow denies it has in any
way been involved in cyber attacks on the German political establishment.
Jobs for my Computer Security students?
Growth in Cyber Fraud Attacks Outpacing Growth of
Transactions: Report
The United States is the
world's primary target for cyber fraud attacks. Europe has emerged as the major source of
attacks, now accounting for 50% more attacks than the US. The growth in attacks is outpacing the growth
of transactions; and in a 90-day period, 130 million fraud attacks were
detected.
These details come from the ThreatMetrix Cybercrime Report
Q1 2017 (PDF).
One possible Computer Security future.
Security automation is maturing, but many firms not ready for
adoption
The security automation industry is still in its infancy,
with most vendors just a year or two old, but there are already some promising
technologies that enterprises can put to use -- if they have already laid the required ground work.
… According to a
survey the research firm conducted last fall, 91 percent of companies said that
the time and effort required for manual processes limits their incident response effectiveness, and the same number are actively
trying to increase their staffs.
… "Two years ago,
nobody knew about this technology," said Oltsik. "Last year, I saw it a lot more. Now we're seeing budget line items for it, and
we also see a lot of venture capitalist investment in this space as well."
… "It's
definitely not a buy it and plug it in scenario," he said. "There's definitely ground work that
needs to be done. If you plug bad data into an automated system, all you're going to do is
make bad decisions faster."
In addition, many
companies don't actually know what their processes are, and may not
yet have well-defined playbooks, he said.
Interesting.
Perhaps people do care about ethics?
Office of Government Ethics now handling voluminous info
requests from public
by Sabrina
I. Pacifici on May 5, 2017
Quartz – “Trump’s administration has been widely criticized
for its lack of transparency, and demands for information from the public,
press, and Congress have gone through the roof. The OGE has already received five times the
amount of Freedom of Information (FOIA) requests that they usually get in a
full fiscal year—with five months left to go…
Trump has claimed that his refusal to comply with ethics norms like
releasing his tax returns are issues that only journalists “care about.” However, an NPR analysis of inquiries to the
OGE found that phone calls from the public, not FOIAs from media agencies,
increased the most—calls were up more than 5,000% this fiscal year compared to
the average since 2009. On top of that,
there have been almost six times the usual number of requests for information
from members of Congress, NPR reported.”
Now I believe AI is ubiquitous.
How to get Google’s artificial intelligence on the Raspberry
Pi
… Google has
teamed up with the Raspberry Pi foundation to create a new hardware add-on for
Raspberry Pi called the ‘Voice Kit’.
Voice Kit is a fully open source reference project that
includes Voice Hardware Accessory on Top (HAT) which contains electronics
components for audio capture and playback, connectors for the dual mic daughter
board and speaker, GPIO pins to connect low-voltage components like
micro-servos and sensors, and an optional barrel connector for dedicated power
supply.
… Those who are
more ambitious can also run Android Things on the Voice Kit, turning it into a
fully functional prototype to build their own commercial IoT products.
… If you want the
kit, Google is giving it away with the latest issues of MagPi magazine. If you don’t want to subscribe to the
magazine, you can sign-up for the waiting list to just get the hardware unit
from Google.
Perhaps my Computer Security students could offer a few
suggestions? It looks like we should
expect something similar in all future elections.
Emmanuel Macron's campaign hacked on eve of French election
The French presidential candidate Emmanuel Macron has been targeted by a
“massive and coordinated” hacking attack just hours before voters go to the
polls, according to his campaign team.
Macron, who opinion polls suggest should win Sunday’s vote
by 60% to his rival Marine Le Pen’s 40%, was unable to respond to the alleged
attack because of a ban on electioneering in the run up to the opening of
polling stations.
Tens of thousands of internal emails and other documents,
some said to be false, were released online overnight on Friday as the midnight
deadline to halt campaigning passed.
… On Saturday
morning, France’s presidential electoral authority, the CNCCEP, asked
the media to avoid publishing information from the leaked documents and
reminded them of their responsibilities given the seriousness of the election.
“The publishing of false information falls under the law,
particularly criminal law,” it wrote.
Neither candidate could comment on the hacking because of
the ban on communications and polls before the polling stations open at 8am on
Sunday.
… Around nine
gigabytes of data was posted by a user called EMLEAKS to the document-sharing
site Pastebin that allows anonymous posting. It was not immediately clear who was
responsible.
… The En Marche!
statement said the data consisted of “diverse documents, such as emails,
accounting documents and contracts” hacked several weeks ago from the personal
and professional accounts of some of the movement’s staffers.
(Related).
Illinois Public Radio reports:
The State Board of Elections says
hackers gained access to the information of 80-thousand Illinois voters —
including their social security numbers and driver’s licenses.
Elections officials say hackers
had access to Illinois’ system for nearly three weeks before they were
detected. They did get access to personal information, but officials say that’s
about it. [So, no big deal? Bob]
Senator Michael Hastings from
Tinley Park says the source of the breach matches an address the FBI has linked
to Russian state security. He says
future elections could be in danger.
Read more on WSIU.
[From the
article:
“I don’t know why they selected Illinois. Perhaps they tried other states and weren’t
able to get in, they just happened to find the hole in our dike, so to speak.” [Perhaps
they looked at every state and your site was the easiest to breach? Bob]
(Related).
Germany challenges Russia over alleged cyberattacks,
The head of Germany's domestic intelligence agency accused
Russian rivals of gathering large amounts of political data in cyber attacks
and said it was up to the Kremlin to decide whether it wanted to put it to use
ahead of Germany's September elections.
Moscow denies it has in any
way been involved in cyber attacks on the German political establishment.
Jobs for my Computer Security students?
Growth in Cyber Fraud Attacks Outpacing Growth of
Transactions: Report
The United States is the
world's primary target for cyber fraud attacks. Europe has emerged as the major source of
attacks, now accounting for 50% more attacks than the US. The growth in attacks is outpacing the growth
of transactions; and in a 90-day period, 130 million fraud attacks were
detected.
These details come from the ThreatMetrix Cybercrime Report
Q1 2017 (PDF).
One possible Computer Security future.
Security automation is maturing, but many firms not ready for
adoption
The security automation industry is still in its infancy,
with most vendors just a year or two old, but there are already some promising
technologies that enterprises can put to use -- if they have already laid the required ground work.
… According to a
survey the research firm conducted last fall, 91 percent of companies said that
the time and effort required for manual processes limits their incident response effectiveness, and the same number are actively
trying to increase their staffs.
… "Two years ago,
nobody knew about this technology," said Oltsik. "Last year, I saw it a lot more. Now we're seeing budget line items for it, and
we also see a lot of venture capitalist investment in this space as well."
… "It's
definitely not a buy it and plug it in scenario," he said. "There's definitely ground work that
needs to be done. If you plug bad data into an automated system, all you're going to do is
make bad decisions faster."
In addition, many
companies don't actually know what their processes are, and may not
yet have well-defined playbooks, he said.
Interesting.
Perhaps people do care about ethics?
Office of Government Ethics now handling voluminous info
requests from public
by Sabrina
I. Pacifici on May 5, 2017
Quartz – “Trump’s administration has been widely criticized
for its lack of transparency, and demands for information from the public,
press, and Congress have gone through the roof. The OGE has already received five times the
amount of Freedom of Information (FOIA) requests that they usually get in a
full fiscal year—with five months left to go…
Trump has claimed that his refusal to comply with ethics norms like
releasing his tax returns are issues that only journalists “care about.” However, an NPR analysis of inquiries to the
OGE found that phone calls from the public, not FOIAs from media agencies,
increased the most—calls were up more than 5,000% this fiscal year compared to
the average since 2009. On top of that,
there have been almost six times the usual number of requests for information
from members of Congress, NPR reported.”
Now I believe AI is ubiquitous.
How to get Google’s artificial intelligence on the Raspberry
Pi
… Google has
teamed up with the Raspberry Pi foundation to create a new hardware add-on for
Raspberry Pi called the ‘Voice Kit’.
Voice Kit is a fully open source reference project that
includes Voice Hardware Accessory on Top (HAT) which contains electronics
components for audio capture and playback, connectors for the dual mic daughter
board and speaker, GPIO pins to connect low-voltage components like
micro-servos and sensors, and an optional barrel connector for dedicated power
supply.
… Those who are
more ambitious can also run Android Things on the Voice Kit, turning it into a
fully functional prototype to build their own commercial IoT products.
… If you want the
kit, Google is giving it away with the latest issues of MagPi magazine. If you don’t want to subscribe to the
magazine, you can sign-up for the waiting list to just get the hardware unit
from Google.