US Presidential Election Hacks Revealed

Uploaded on 2017-06-20 in FREE TO VIEW, GOVERNMENT-National, INTELLIGENCE--USA, NEWS-Cybersecurity News

A leaked top-secret National Security Agency document indicates that Russian hacking efforts around the US presidential election were much broader and more pervasive than originally known, and certainly state-sponsored.

The intelligence document was published by online news outlet The Intercept, just hours before the Justice Department announced charges against a 25-year-old government contractor named Reality Winner for leaking the information.

The document, which was heavily redacted during the process of the Intercept verifying its authenticity with the DoJ, indicates that Russian Military Intelligence executed several spear-phishing attempts against at least 100 state and local voting officials in the week prior to Election Day. It also mounted a cyber-attack on at least one US voting software supplier.

Officials speaking on background to the Intercept noted that there is no evidence that actual election outcomes were affected by the meddling.

However, the document concludes that the situation "raises the possibility that Russian hacking may have breached at least some elements of the voting system, with disconcertingly uncertain results."

The report said that the Russian plan was to gain access to systems at an e-voting vendor, in order to gather information needed to convincingly pose as a representative from that company.

From there, the hackers would send spoof emails purporting to be from the vendor, in an attempt to trick voting officials into opening infected Microsoft Word documents. Those documents in turn would execute malware that would have given the hackers control over the local voting division’s network.

The Report reads:

“Russian General Staff Main Intelligence Directorate actors … executed cyber espionage operations against a named US company in August 2016, evidently to obtain information on elections-related software and hardware solutions. … The actors likely used data obtained from that operation to … launch a voter registration-themed spear-phishing campaign targeting US local government organisations.”

The news comes shortly after Russian President Vladimir Putin suggested that “patriotically minded” private Russian hackers may have been behind the election-season hacking. However, the CIA and other organizations have said that it’s clear that the Kremlin was directly involved, a claim the NSA document backs up.

“The insider threat landscape usually breaks down into three pieces: Malicious insiders, negligent insiders and compromised insiders,” said Morgan Gerhart, vice president at Imperva, via email. “To mitigate the risk, corporations should ask themselves where their sensitive data lies, and invest in solutions that directly monitor who accesses it and how.”

Winner, meanwhile, was arrested in her home recently. The NSA contractor admitted to printing out the document and mailing it to the Intercept. She was easy to track down, being just one of six individuals who had printed the document. She faces a single charge of "gathering, transmitting or losing defense information."

“According to reports, the leaker was identified because of strong audit trails of who accessed what,” said Gerhart. “They can invest in solutions that help them pinpoint critical anomalies that indicate misuse of enterprise data stored in databases, file servers and cloud apps and that also help them to quickly quarantine risky users in order to proactively prevent and contain data breaches. This approach works across careless, compromised and malicious insiders.”

InfoSecurity:

You Might Also Read:

Vladimir Putin & Donald Trump: Relationship Counselling:

Both US Presidential Campaigns Hacked:

 

« US Blames North Korea For Hacking
WannaCry Prompts Microsoft Updates … And A Warning »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

it-sa 365

it-sa 365

it-sa 365 is a digital platform for connecting IT security vendors and experts with those who bear responsibility for IT security in management and technology.

Security Innovation

Security Innovation

Security Innovation is a leader in software security assessments and application security training to top organizations worldwide.

MAD Security

MAD Security

MAD Security is a premier provider of information and cybersecurity solutions that combine technology, managed security services, support and training.

Fair Isaac Corporation (FICO)

Fair Isaac Corporation (FICO)

FICO provides analytics software and tools used across multiple industries to manage risk, fight fraud, optimize operations and meet strict government regulations.

PSW Group

PSW Group

PSW Group is a full-service Internet solutions provider with a special focus on Internet security.

Monegasque Digital Security Agency (AMSN) - Monaco

Monegasque Digital Security Agency (AMSN) - Monaco

AMSN is the national authority in charge of the security of information systems in Monaco.

DeviceAssure

DeviceAssure

DeviceAssure enables organizations to reliably identify counterfeit and non-standard devices with a real-time check on a device's authenticity.

Consensys

Consensys

ConsenSys is a global blockchain company. We develop enterprise applications, invest in startups, build developer tools, and offer blockchain education.

Upper Peninsula Cybersecurity Institute - Northern Michigan University

Upper Peninsula Cybersecurity Institute - Northern Michigan University

Upper Peninsula Cybersecurity Institute at Northern Michigan University offers non-degree and industry credentials relevant to emerging careers in cybersecurity.

Nubeva Technologies

Nubeva Technologies

Nubeva provide a breakthrough TLS Decrypt solution with Symmetric Key Intercept to gain the visibility needed to monitor and secure network traffic.

CYRISMA

CYRISMA

CYRISMA is a revolutionary cybersecurity platform that helps organizations manage risk without the usual headaches associated with enterprise cybersecurity tools.

Phy-Cy.X Security Group

Phy-Cy.X Security Group

Phy-Cy.X specialize in the “Physics” of Information Security through both physical and cyber domains. We are not an IT company, we ARE an Information Security company.

Wib

Wib

Wib is an API security leader. We are the only company providing a solution for the entire API development lifecycle.

Total Secure Technology

Total Secure Technology

Total Secure Technology provides trusted Managed IT Security and Managed IT Services for organizations looking to increase their cybersecurity defensive posture.

CyberMindr

CyberMindr

CyberMindr is a SaaS platform for Automated & Continuous Attack Path and Threat Exposure Discovery helps you to proactively identify & assess your attack surface to mitigate associated threats.

e92plus

e92plus

e92plus is a leading cybersecurity VAD for UK and Ireland, going beyond traditional distribution to provide exceptional products and services that drive accelerated growth for our partners.