Tag Archives: Elections

DHS Says Russians Penetrated US Voter Systems in 2016

While the head of cybersecurity at DHS said the details of which states were compromised is classified, she admitted that 21 states were targeted during the 2016 elections and that some of them were penetrated.

Former DHS Secretary Jeh Johnson said 2016 was a wakeup call and now it is up to the government(s) to do something about it.

Even though the President isn’t quite sure of it, DHS says that the Russian government was behind the attacks,

The good news is that there is no EVIDENCE that the voter rolls in those states that the Russians were successful at hacking were changed.

Many people think the 2016 election attacks were merely a test.  That test will likely continue in 2018 with plans to take more aggressive action for the 2020 presidential elections.

Even though Secretary Johnson designated the states’ voting systems critical infrastructure before he left office over a year ago, he says that the states have done little to nothing to actually harden the systems.

The head of DHS cybersecurity disagreed with Secretary Johnson.  She said that the states have taken it seriously.

I am not quite sure that her statement in any way, shape or form conflicts with Secretary Johnson’s statement that the states haven’t actually done anything about it.  You could certainly take the threat seriously and not do anything about it.

The National Association of Secretaries of State say that they are only aware of one state that was hacked.  Depending on your level of cynicism, you could say that means that they are ignorant, either intentionally or unintentionally or are being willfully blind.  Alternatively, you could say that DHS doesn’t know what they are doing.  Since DHS doesn’t seem inclined to provide us with any data, the reader is left to draw his or her own conclusion with regard to what really happened.

In the states’ defense that they don’t know, many of the states complained that DHS wouldn’t share details of the attacks with them, supporting their assertion that they don’t know about the attacks.  DHS says they don’t have clearances to access the classified data.

And, with a level of speed that would make a snail proud, DHS says that now, two years later, they are processing the clearances.  Since it often takes a year to get a clearance, depending on the level of clearance, it is certainly possible that the 2018 midterm elections will be long over before the states see the data and for sure, the window to fix anything will definitely be long over.

Other states are saying they are waiting for DHS to help them (I assume that help from DHS is free;  if they were really concerned they would pay someone to help them).  DHS says there is no waiting list for help and DHS “will get to everyone”.  When they will get to everyone they didn’t say.

How, exactly, the public is supposed to figure out the truth here is completely non-obvious to me.

Some states objected to the feds designating their voting systems as critical infrastructure, preferring, instead, to put their egos ahead of their citizens.  Secretary Johnson pulled even fewer punches saying that the Secretaries that were objecting were being naive and irresponsible to the people they are supposed to serve.  He is not likely to be getting a Christmas card from any of the Secretaries of State next year.

Rex Tillerson, the current U.S. Secretary of State says that the Russians are already meddling in the 2 018 election, a statement that likely puts him at odds with the Oval Office.

Given all of the above, it seems likely that the Russians will continue to successfully meddle in the U.S. election process this year and that the states will have made only minor progress to protect themselves.

Information for this post came from NBC News.

Facebooktwitterredditlinkedinmailby feather

Senators, Staffers Next on Russia’s Cyber Hit List

According to the cyber security firm Trend Micro, the members of the U.S. Senate and their staff could be the next target of the Russian hacking group Fancy Bear – the same group linked to the DNC hack an election meddling across the Middle East  and Europe.

Trend says that digital breadcrumbs found so far in spear phishing campaigns link back to the Russian hacking group,

And, in a way, it makes perfect sense.  If the Russian’s objective is to meddle in elections across the globe, then the U.S. mid-term elections later this year would be a perfect target.  Spear phishing emails are pretty low tech but they lead to compromised userids and passwords (and was pretty lethal during last year’s elections).  Also consider that politicians and bureaucrats are addicted to email.  That makes them  a perfect target.

Some of the emails pretend to be Microsoft Exchange messages warning of expired passwords.  Low tech but pretty effective, unfortunately.

The researchers said that these spear phishing attacks looked a lot like the attacks rolling up to last year’s French elections.

If it ain’t broke, don’t fix it.  If it worked against the DNC,  if it worked against the French.  It is well known art.  It may well work against the Senate.

Senator Sasse (R-Neb) said that he thinks Putin is very happy that Washington is obsessed with partisan politics and is ignoring 2018 and 2020.  He is likely right.  To really fix things will require a lot of work and at least some money – something Washington doesn’t seem to be concerned about.  And it is a very distributed problem.  There are 50 states, 3600+ counties, the feds, government organizations, social media – a lot of targets of opportunities.

Which is not terribly surprising given that, before last year’s election there were only 5 people between both houses that had a computer science degree (I don’t know how the election changed things, but it likely didn’t change much).

Given all of the events coming up in the next year, including the Olympics and elections world wide and the apparent lack of interest in doing anything about it, we should assume that Russia will continue to be successful in their efforts influence politics – conspiracies or not.

Information for this post came from FCW.

Facebooktwitterredditlinkedinmailby feather

Russian Hacker Admits to Hacking DNC Last Year

A Russian hacker has confessed in court to hacking the DNC during last year’s election.  The Russian web site that is reporting this has not been friendly to Putin, so there are lots of dimensions to this conversation.

The web site says that Konstantin Kozlovsky stated that he was doing this on the direction of Russian state intelligence organizations.

Kozlovsky was arrested earlier this year for hacking Russian banks to the tune of $50 million.  He is currently being detained and the admission came from a pre-trial hearing regarding his detention.

He said that he reported to a major-general in the FSB, one of Russia’s spy organizations.  The intention was to manipulate the U.S. election process according to Kozlovsky.

He is now in prison for treason for reporting this information to U.S. intelligence agencies.  Is this part of the source for the U.S. intelligence community’s determination that Russia hacked our election last year?  Don’t know.

Suffice it to say that this will make some interesting fodder for all of the Russia investigations going on in Washington.

It is not clear to me what Koslovsky has to gain by either admitting he did that or by confessing to something he didn’t do.

*IF* Putin had admitted that he orchestrated the attack and was looking for a fall guy, then maybe lying about it, under coercion, might make sense, but in this case, it makes Putin a liar and our President, well, duped by Putin.  Based on that, none of this makes any sense.

Neither Putin nor Trump have said anything about this testimony, so at this point all there is to is stand to the side and watch the fight.

Information for this post came from Fortune.

Facebooktwitterredditlinkedinmailby feather