Yes, Russia Weaponised Social Media In The US Elections

Uploaded on 2016-12-07 in NEWS-Cybersecurity News, INTELLIGENCE--USA, INTELLIGENCE-Hot Spots-Russia, GOVERNMENT-National, FREE TO VIEW, TECHNOLOGY--Hackers, TECHNOLOGY-Key Areas-Social Media

Russia's government didn't just hack and leak documents from US political groups during the presidential campaign: It used social media as a weapon to influence perceptions about the election, according to cybersecurity company FireEye Inc.

Material stolen by Russia's intelligence services was feverishly promoted by online personas and numerous fake accounts through links to leaked material and misleading narratives, according to an analysis of thousands of postings, links and documents by FireEye, which tracks Russian and Chinese hackers breaking into US systems.

The operation was a new and belligerent escalation by Moscow in the cyber domain, company Chairman David DeWalt said. "The dawning of Russia as a cyber power is at a whole other level than it ever was before," DeWalt said in an interview in Washington. "We've seen what I believe is the most historical event maybe in American democracy history in terms of the Russian campaign."

The closeness of the November 8 election sparked scrutiny over the spread of fake news and has fueled demands from Green Party candidate Jill Stein, backed by some Democrats and independents, for a recount in key states lost by Democrat Hillary Clinton. President-elect Donald Trump responded on Twitter that "millions" of people voted illegally, which he said may have been what cost him the popular vote, but he offered no evidence.

A computer scientist for Stein said security flaws in voting machines and suspicions of Russian meddling justified the recount efforts. Alex Halderman, a professor at the University of Michigan, said hackers could have infected Pennsylvania's voting machines with malware designed to lay dormant for weeks, pop up on Election Day and then erase itself without a trace. Trump narrowly won Pennsylvania as well as two other states where Stein's campaign may seek recounts, Michigan and Wisconsin.

Kevin Mandia, CEO of FireEye, and DeWalt said in the interview recently that they haven't seen any evidence that US vote tabulation systems were hacked. And US officials have said they saw only "minor" cyber incidents on Election Day. "We did not see anything that I would characterise as significant," Homeland Security Secretary Jeh Johnson said at a Bloomberg Government event November 14 in Washington. "There were minor incidents here and there of the type that you would normally expect, but nothing significant."

Russian officials have repeatedly rejected accusations that the government hacks or supports groups that does so on its behalf.

That hasn't quelled concerns. The activity detected in the FireEye analysis echoed the Russian strategy of information warfare seen previously in cyber-attacks on Estonia, Georgia and Ukraine, where a simmering border conflict has claimed almost 10,000 lives over 2 1/2 years.

The strategy isn't limited to online media. The UK in October closed the British bank account for RT, a Russian state-controlled news service that was reprimanded by the UK media regulator Ofcom for biased or misleading reporting on Syria and Ukraine. Russia protested the move, saying it was being targeted for political reasons.

In late November, Democrats on the Senate Intelligence Committee sent President Barack Obama a letter asking him to declassify information about Russian activity related to the US election. "We believe there is additional information concerning the Russian government and the US election that should be declassified and released to the public," the senators wrote. "We are conveying specifics through classified channels."

A month before the election, the Office of the Director of National Intelligence and the Homeland Security Department issued a joint statement saying American intelligence agencies were confident that Russia directed hacking against US political groups.

"The recent disclosures of alleged hacked e-mails on sites like DCLeaks.com and WikiLeaks and by the Guccifer 2.0 online persona are consistent with the methods and motivations of Russian-directed efforts," according to the statement. "The Russians have used similar tactics and techniques across Europe and Eurasia, for example, to influence public opinion there. We believe, based on the scope and sensitivity of these efforts, that only Russia's senior-most officials could have authorised these activities."

In line with those findings, FireEye has mapped what it says is a Russian-backed campaign using at least six key false hacktivist personas to advance the country's interests, including Guccifer 2.0, DC Leaks, Anonymous Poland and Fancy Bears' Hack Team. The company's autopsy also includes thousands of postings on Twitter as well as fake social-media accounts used to pass the information back and forth to generate an online buzz.

The hacking extends to trying to use legitimate websites to promote stolen material. Guccifer 2.0, for example, first promoted stolen documents from the Democratic National Committee through The Smoking Gun and Gawker. There's no evidence that those websites knew that hacked material given to them was part of a broad campaign to meddle in the US election.

The campaign also includes what FireEye terms "direct advocacy," in which the personas direct tweets promoting stolen or false information at the accounts of influential people such as journalists, and "indirect advocacy" in which social-media accounts seemingly unaffiliated with the personas also engage in promotion.

Even after the US election, there are few signs that Russia's actions are abating, creating a complicated, emerging challenge for the incoming Trump administration, FireEye's DeWalt said. During the campaign, Trump was deferential to Russia and its president, Vladimir Putin, and repeatedly questioned the conclusion of the US intelligence community that Russia was meddling in American elections.

For years, Russian spies carried out stealthy hacking attacks aimed at hiding their identities, said Mandia. Their tactics began to change around the fall of 2014 and have now escalated to include leaking stolen documents and apparently caring less about operational security or getting caught, Mandia said.

"That's a change in the rules of engagement," Mandia said. "All of a sudden, they're more of a tank through the cornfield when they hack, not a whisper or a ghost."

SMH.com                  US Intelligence Has The Evidence That Proves Russian Presidential Election Interference:

Bloomberg:                Social Media and the 'Information War’- Russia is Winning:

                                Russia's Greatest Weapon May Be Its Hackers:

« Half The World's Population Is Not Yet On The Internet.
Just How Safe Is Online Banking? »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

See how to use next-generation firewalls (NGFWs) and how they boost your security posture.

Radware

Radware

Radware is a global leader of application delivery and cyber security solutions for virtual, cloud and software defined data centers.

CQS (Certified Quality Systems)

CQS (Certified Quality Systems)

CQS is an organisation specialising in ISO assessment and certification, including ISO 27001, along with other management system standards.

Lacework

Lacework

Lacework brings speed, scale, and automation to cloud security and allows security and DevOps teams to collaborate on keeping data and applications safe.

Mitek Systems

Mitek Systems

Mitek's global mobile capture and identity verification technology optimizes the digital user experience for thousands of financial services organizations.

Oznet Cyber Security

Oznet Cyber Security

Oznet Cyber Security is dedicated to offering integral solutions oriented to the support and security of information.

Vdoo

Vdoo

Vdoo provides an end-to-end product security platform for automating all software security tasks throughout the entire product lifecycle.

Carbide

Carbide

Carbide (formerly Securicy) breaks down enterprise-class security and privacy requirements and makes them accessible to, and achievable by, companies of all sizes.

RCMP National Cybercrime Coordination Unit (NC3)

RCMP National Cybercrime Coordination Unit (NC3)

As set out in the Government of Canada's National Cyber Security Strategy, the RCMP has established the National Cybercrime Coordination Unit (NC3).

RackTop Systems

RackTop Systems

RackTop Systems is the pioneer of CyberConverged data security, a new market that fuses data storage with advanced security and compliance into a single platform.

Cysiv

Cysiv

Cysiv SOC-as-a-Service combines all the elements of an advanced, proactive, threat hunting SOC, with a managed security stack for hybrid cloud, network, and endpoint security.

Kratos Defense & Security Solutions

Kratos Defense & Security Solutions

The Kratos Space, Training, and Cybersecurity division addresses key cybersecurity challenges, including cloud security, continuous monitoring, IT security, and risk management.

ITSEC Asia

ITSEC Asia

ITSEC Asia works to effectively reduce exposure to information security threats and improve the effectiveness of its clients' information security management systems.

Scrut Automation

Scrut Automation

Scrut Automation's mission is to make compliance less painful and time consuming, so that businesses can focus on running their business.

Harvey Nash

Harvey Nash

Harvey Nash is a leading global provider of talent and technology solutions.

Alpha Omega Integration

Alpha Omega Integration

Alpha Omega creates new possibilities through intelligent end-to-end mission-focused government IT solutions.

Avrem Technologies

Avrem Technologies

Avrem Technologies is a business IT and cybersecurity consulting firm. We design, implement, manage and monitor the networks, servers, computers and software that our clients rely on each day.