Saturday, July 28, 2018

I don’t have any students who work for the State this quarter. I hope someone who works with election computers reads my blog. Lots of detail.
How they did it (and will likely try again): GRU hackers vs. US elections
In a press briefing just two weeks ago, Deputy Attorney General Rod Rosenstein announced that the grand jury assembled by Special Counsel Robert Mueller had returned an indictment
… The filing [PDF] spells out the Justice Department's first official, public accounting
… The allegations are backed up by data collected from service provider logs, Bitcoin transaction tracing, and additional forensics. The DOJ also relied on information collected by US (and likely foreign) intelligence and law enforcement agencies.
… After digging into this latest indictment, the evidence suggests Trump may not have made a very good call on this matter. But his blaming of the victims of the attacks for failing to have good enough security, while misguided, does strike on a certain truth: the Clinton campaign, the DNC, and DCC were poorly prepared for this sort of attack, failed to learn lessons from history, and ignored advice from some very knowledgeable third parties they enlisted for help.
… The GRU operation had conducted wide-ranging spear-phishing attacks against both Democrats and Republicans as far back as October 2015 with limited success. Members of John McCain's and Lindsey Graham's campaign staffs, as well as members of several other Republican congressional campaign staffs, had their emails stolen and later posted on the DCLeaks site. But as the presidential field narrowed, the GRU began to focus on the Democrats and Hillary Clinton's campaign.
… Unfortunately, few if any members of the Clinton campaign staff, DNC, or DCCC used two-factor authentication—despite advice from outside advisors


(Related) The government hasn’t realized how important Computer Security is. They still consider IT as unimportant to the strategic success of the organization (like janitorial services). The results are similar to the failures of ignorant politicians.
NSA Hasn’t Implemented Post-Snowden Security Fixes, Audit Finds
The nation’s cyber spy agency is suffering from substantial cyber vulnerabilities, according to a first-of-its-kind unclassified audit overview from the agency’s inspector general released Wednesday.
Those vulnerabilities include computer system security plans that are inaccurate or incomplete, removable media that aren’t properly scanned for viruses, and an inadequate process for tracking the job duties of National Security Agency cyber defenders to ensure they’re qualified for the highest-level work they do, according to the overview.
Perhaps most striking, the agency has not properly implemented “two-person access controls” on its data centers and equipment rooms.




This should be an obvious red flag.
State Govts. Warned of Malware-Laden CD Sent Via Snail Mail from China
Here’s a timely reminder that email isn’t the only vector for phishing attacks: Several U.S. state and local government agencies have reported receiving strange letters via snail mail that include malware-laden compact discs (CDs) apparently sent from China, KrebsOnSecurity has learned.
This particular ruse, while crude and simplistic, preys on the curiosity of recipients who may be enticed into popping the CD into a computer. According to a non-public alert shared with state and local government agencies by the Multi-State Information Sharing and Analysis Center (MS-ISAC), the scam arrives in a Chinese postmarked envelope and includes a “confusingly worded typed letter with occasional Chinese characters.”




More to come.
Britain's Fake News Inquiry Says Facebook And Google's Algorithms Should Be Audited By UK Regulators
British regulators should be given more control over Facebook and Google to stop the spread of “fake news” — including the power to audit their jealously-guarded algorithms — an influential parliamentary committee will recommend.
The interim report from the House of Commons Digital, Culture, Media and Sport Committee is due to be published on Sunday, but on Friday afternoon a leaked copy was published in full online by former Vote Leave campaign strategist Dominic Cummings.




Tools for summer reading.


No comments: