Monday, August 15, 2022

Election disinformation fears loom over hacker confab

Delivered every Monday by 10 a.m., Weekly Cybersecurity examines the latest news in cybersecurity policy and politics.
Aug 15, 2022 View in browser
 
POLITICO's Weekly Cybersecurity newsletter logo

By Eric Geller

With help from Maggie Miller and Mohar Chatterjee

Driving The Day

— As the midterms approach, officials and experts are concerned about a new surge of disinformation that could disrupt voting in ways that cyberattacks likely couldn't.

HAPPY MONDAY, and welcome to Morning Cybersecurity! I'm your host, Eric Geller, and I'm marveling at these gorgeous supermoon photos from around the world.

Have any tips or secrets to share with MC? Or thoughts on what we should be covering? Email your MC hosts Eric Geller ( egeller@politico.com ) and Maggie Miller ( mmiller@politico.com ). You can also follow @POLITICOPro and @MorningCybersec on Twitter. Full team contact info is below. Let's dive in.

 

The Women Rule series brings together rising stars, accomplished professionals, and women at the pinnacle of their careers to inform, empower and connect women across diverse sectors and career levels. Attendance to our quarterly in-person POLITICO Women Rule meetings, is by invitation-only. Join our interest list and learn more here.

 
 
Today's Agenda

Federal Computer Week dives into the work of CISA's Supply Chain Risk Management Task Force. 1 p.m.

Election Security

WATCH THIS INFORMATION SPACE — Government officials and researchers alike sounded the alarm at the DEF CON conference in Las Vegas about an uptick in disinformation and misinformation ahead of the midterm elections, particularly against certain groups of voters.

— A focus on minorities: During a talk on Friday, former National Security Council staffer Nicole Tisdale asked the cyber community to "warn, defend and empower" minority communities to fight three sources of election disinformation — forged documents, manipulated media and proxy websites — ahead of the November elections. Many of the online disinformation channels that Tisdale highlighted were used to discourage Black and Latino voters from participating in the 2020 election.

But Tisdale also offered a warning to her audience. "Don't become truth-tellers in minority communities," she said. "Your job is not to analyze the disinformation and make minority communities 'get it.'" She pointed to the #YourSlipIsShowing campaign as a positive example of calling out a coordinated Twitter-troll effort to generate outrage against Black feminists.

— From the field: Information operations online have already begun with three months to go until November. Jennifer Mathieu, chief technology officer at Graphika, told attendees at DEF CON's Misinformation Village on Friday that her group was tracking several "wedge issues" being used to influence voters. These include abortion and LGBTQ+ issues, concerns around the economy, COVID-19 narratives and the Jan. 6 hearings.

The disinformation being observed by Graphika goes beyond the elections, and according to Mathieu, includes efforts by Russian actors to influence Spanish-speaking audiences, along with efforts by both Russia and China to use social media influencers to spread false narratives.

— View from the top: The increasing battle in the information space is not going unnoticed by the federal government.

CISA Director Jen Easterly told reporters Friday ahead of DEF CON that while she is concerned about cyber threats to the upcoming midterms elections — such as the Russian interference operations seen in 2016 — she is far more concerned about disinformation, misinformation and threats to election officials. She also pledged that CISA would continue using its Rumor Control website, which allowed the agency to counter false election narratives, as needed.

"I need to make sure that my resources and my focus are where we can make the most difference at the end of the day," Easterly said.

Vulnerabilities

PUTTING THE "P" IN "APT" — A relentless team of Russia-linked hackers has recently been peppering targets in Ukraine with information-stealing malware, Broadcom's Symantec division said in a report out this morning that sheds light on the latest phase of the Kremlin's digital assault on its neighbor.

The attacks involved the deployment of Microsoft PowerShell-based "stealers" that can take screenshots, record microphone audio, execute code and log keystrokes. The hackers also used legitimate remote desktop software to take command of victim computers.

— Pointing the finger: Symantec researchers tied the activity to the Ukraine-focused hacker team it calls "Shuckworm," saying the group's "long-time focus on the country appears to be continuing unabated." Shuckworm isn't Russia's most advanced unit, according to Symantec, but "it compensates for this in its focus and persistence in relentlessly targeting Ukrainian organizations."

CYBER WARFARE

GIVE UKRAINE ITS DUE — The Biden administration did not expect Ukraine to stand much of a chance against Russian cyberattacks, National Cyber Director Chris Inglis acknowledged during a talk at DEF CON on Friday.

"We didn't give enough credit to the Ukrainians for being able to defend cyberspace," Inglis said "I and a whole bunch of others would have said…that the Ukrainians would have a really tough time defending themselves in cyberspace against the Russians because the Russians have lots of capabilities."

— Seasoned veterans: While Russia has been linked to several attacks against Ukrainian infrastructure since the invasion of Ukraine, the expected onslaught of successful cyber intrusions has largely not occurred. Victor Zhora, deputy chairman of Ukraine's State Service of Special Communications and Information Protection, told reporters on the sidelines of the Black Hat conference that this was down in part to precious experiences with Russian cyberattacks, such as the 2017 NotPetya malware attack that took down networks of critical Ukrainian groups.

"Ukrainian defenders were ready for this, we were aware of risks, we prepared, we were expecting the war, and we took the last four or five years since the NotPetya attack to inform the cybersecurity system in the country," Zhora said.

Critical Infrastructure

CYBER RULES TAKING FLIGHT — TSA is beginning to get feedback from aviation sector organizations subject to new cybersecurity requirements rolled out late last year and is envisioning future cyber rules for other aspects of air travel.

The TSA rules for the aviation and rail sectors require most airports and airport operators to report any major cyber incidents to CISA within 24 hours, designate a cyber coordinator and conduct vulnerability assessments. Tim Weston, TSA's cybersecurity policy coordinator, told Maggie on the sidelines of DEF CON on Friday that while he couldn't go into details, data from the aviation sector so far pointed to ransomware attacks as a major threat.

Ransomware constitutes "a lot of what we've seen so far," Weston said, "and some of the basic cyber hygiene measures should help cover a large portion of that."

— The future of air travel: The aviation sector as a whole may soon be impacted by cybersecurity requirements. Weston predicted during a talk at the Aerospace Village at DEF CON that other aspects of air travel, like airport operations, might be subject to cyber requirements, along with aspects of space travel as space tourism evolves.

People on the Move

Glenn Miller will leave the State Department, where he's been serving as acting chief information officer, at the end of the year. … Intel 471's Greg Otto is joining Trail of Bits as editorial director.

Tweet of the Day

Marcus Hutchins' DEF CON journey: being arrested by the FBI in 2017, getting a "Love this guy!" selfie tweet from CISA Director Jen Easterly five years later.

Quick Bytes

"Michigan plot to breach voting machines points to a national pattern." (Washington Post)

TechCrunch tests out Apple's forthcoming Lockdown Mode.

Cyber experts think former CISA Director Chris Krebs' pitch for removing the agency from DHS is impractical and unwise. (CyberScoop)

On vulnerabilities in the Emergency Alert System : "Someone could start a civil war with this thing." (Krebs On Security)

The CBO published cost estimates for the Securing Global Telecommunications Act, H.R. 8503, and the Veterans Online Information and Cybersecurity Empowerment Act, H.R. 8215.

Research presented at DEF CON spotlighted vulnerabilities in Zoom's auto-update feature and a flaw in the VA's electronic health records system. (Wired)

The Electronic Frontier Foundation hosted a poker game at DEF CON, and CISA Director Jen Easterly was the MC.

Chat soon. 

Stay in touch with the whole team: Eric Geller (egeller@politico.com); Konstantin Kakaes (kkakaes@politico.com); Maggie Miller ( mmiller@politico.com); and Heidi Vogt (hvogt@politico.com).

 

INTRODUCING POWER SWITCH: The energy landscape is profoundly transforming. Power Switch is a daily newsletter that unlocks the most important stories driving the energy sector and the political forces shaping critical decisions about your energy future, from production to storage, distribution to consumption. Don't miss out on Power Switch, your guide to the politics of energy transformation in America and around the world. SUBSCRIBE TODAY.

 
 
 

Follow us on Twitter

Heidi Vogt @HeidiVogt

Eric Geller @ericgeller

Maggie Miller @magmill95

Konstantin Kakaes @kkakaes

 

Follow us

Follow us on Facebook Follow us on Twitter Follow us on Instagram Listen on Apple Podcast
 

To change your alert settings, please log in at https://www.politico.com/_login?base=https%3A%2F%2Fwww.politico.com/settings

This email was sent to edwardlorilla1986.paxforex@blogger.com by: POLITICO, LLC 1000 Wilson Blvd. Arlington, VA, 22209, USA

Please click here and follow the steps to unsubscribe.

No comments:

Post a Comment

What will Trump’s immigration policy really look like?

Presented by AARP: Tomorrow’s conversation, tonight. Know where the news is going next. ...