US Presidential Election Hacks Revealed

A leaked top-secret National Security Agency document indicates that Russian hacking efforts around the US presidential election were much broader and more pervasive than originally known, and certainly state-sponsored.

The intelligence document was published by online news outlet The Intercept, just hours before the Justice Department announced charges against a 25-year-old government contractor named Reality Winner for leaking the information.

The document, which was heavily redacted during the process of the Intercept verifying its authenticity with the DoJ, indicates that Russian Military Intelligence executed several spear-phishing attempts against at least 100 state and local voting officials in the week prior to Election Day. It also mounted a cyber-attack on at least one US voting software supplier.

Officials speaking on background to the Intercept noted that there is no evidence that actual election outcomes were affected by the meddling.

However, the document concludes that the situation "raises the possibility that Russian hacking may have breached at least some elements of the voting system, with disconcertingly uncertain results."

The report said that the Russian plan was to gain access to systems at an e-voting vendor, in order to gather information needed to convincingly pose as a representative from that company.

From there, the hackers would send spoof emails purporting to be from the vendor, in an attempt to trick voting officials into opening infected Microsoft Word documents. Those documents in turn would execute malware that would have given the hackers control over the local voting division’s network.

The Report reads:

“Russian General Staff Main Intelligence Directorate actors … executed cyber espionage operations against a named US company in August 2016, evidently to obtain information on elections-related software and hardware solutions. … The actors likely used data obtained from that operation to … launch a voter registration-themed spear-phishing campaign targeting US local government organisations.”

The news comes shortly after Russian President Vladimir Putin suggested that “patriotically minded” private Russian hackers may have been behind the election-season hacking. However, the CIA and other organizations have said that it’s clear that the Kremlin was directly involved, a claim the NSA document backs up.

“The insider threat landscape usually breaks down into three pieces: Malicious insiders, negligent insiders and compromised insiders,” said Morgan Gerhart, vice president at Imperva, via email. “To mitigate the risk, corporations should ask themselves where their sensitive data lies, and invest in solutions that directly monitor who accesses it and how.”

Winner, meanwhile, was arrested in her home recently. The NSA contractor admitted to printing out the document and mailing it to the Intercept. She was easy to track down, being just one of six individuals who had printed the document. She faces a single charge of "gathering, transmitting or losing defense information."

“According to reports, the leaker was identified because of strong audit trails of who accessed what,” said Gerhart. “They can invest in solutions that help them pinpoint critical anomalies that indicate misuse of enterprise data stored in databases, file servers and cloud apps and that also help them to quickly quarantine risky users in order to proactively prevent and contain data breaches. This approach works across careless, compromised and malicious insiders.”

InfoSecurity:

You Might Also Read:

Vladimir Putin & Donald Trump: Relationship Counselling:

Both US Presidential Campaigns Hacked:

 

« US Blames North Korea For Hacking
WannaCry Prompts Microsoft Updates … And A Warning »

CyberSecurity Jobsite
Check Point

Directory of Suppliers

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Information Security Group (ISG) - Royal Holloway

Information Security Group (ISG) - Royal Holloway

The Information Security Group, Royal Holloway, University of London, is an Academic Centres of Excellence in Cyber Security Research.

Brit

Brit

Brit PLC is a market-leading global specialty insurer and reinsurer, focused on underwriting complex risks including cyber, privacy and technology.

Dataguise

Dataguise

Dataguise provides a data-centric security solution to detect, protect, and monitor sensitive data in real time across all data repositories, both on premises and in the cloud.

ControlCase

ControlCase

ControlCase provide solutions that address all aspects of IT-GRCM (Governance, Risk Management and Compliance Management).

Lutech

Lutech

Lutech is an Italian ICT engineering and services company. Business solution areas include cyber security.

Post-Quantum

Post-Quantum

Post-Quantum offer a unique, patented quantum-resistant encryption algorithm that can be applied to existing products and networks.

Sequitur Labs

Sequitur Labs

Sequitur Labs is developing seminal technologies and solutions to secure and manage connected devices of today and in the future.

Purple Security

Purple Security

Purple Security arises from the association of specialists in offensive security (ethical hackers, white hats) and experts in insurance, compliance and implementation of industry standards.

MagiQ Technologies

MagiQ Technologies

MagiQ produced the world’s first commercial quantum cryptography product that delivered advanced, future-proof network security.

Aversafe

Aversafe

Aversafe provides individuals, employers and certificate issuers around the world with a first line of defense against credential fraud.

CISO Global

CISO Global

CISO Global (formerly Cerberus Sentinel) are on a mission to demystify and accelerate our clients’ journey to cyber resilience, empowering organizations to securely grow, operate, and innovate.

SecureData

SecureData

SecureData provide professional data recovery services, digital forensics, data recovery software and FIPS 140-2 Level 3 Validated hardware encrypted drives.

Prelude Research

Prelude Research

Prelude offer the first autonomous platform built to attack, defend and train critical assets through continuous red-teaming.

Torch.AI

Torch.AI

Torch.AI’s Nexus™ platform changes the paradigm of data and digital workflows, forever solving core impediments caused by the ever-increasing volume and complexity of information.

CypherEye

CypherEye

CypherEye is a next generation trust platform that advances the current state of Multi-factor Authentication (MFA) to enable highly secure, private and auditable cyber-transactions.

Anatomy IT

Anatomy IT

Anatomy IT empowers healthcare providers to deliver exceptional patient care with cutting-edge technology and cybersecurity solutions.