Monday, November 4, 2024

Election’s eve

Delivered every Monday by 10 a.m., Weekly Cybersecurity examines the latest news in cybersecurity policy and politics.
Nov 04, 2024 View in browser
 
POLITICO Weekly Cybersecurity Newsletter Header

By Joseph Gedeon

With help from John Sakellariadis and Maggie Miller

Driving the day

— A perfect storm of disinformation and cyber threats looms large over the upcoming election, as foreign attackers exploit social media to sow chaos and undermine democratic processes.

HAPPY MONDAY, and welcome to MORNING CYBERSECURITY! And I still won’t accept cookies for your site.

Have any tips or secrets to share with MC? Or thoughts on what we should be covering? Find me on X at @JGedeon1 or email me at jgedeon@politico.com. You can also follow @POLITICOPro and @MorningCybersec on X. Full team contact info is below.

Want to receive this newsletter every weekday? Subscribe to POLITICO Pro. You’ll also receive daily policy news and other intelligence you need to act on the day’s biggest stories.

Today's Agenda

Former Assistant Secretary of the Air Force for Acquisition, Technology and Logistics Will Roper is headed to the Center for Strategic and International Studies to discuss the Pentagon’s historical approach to AI and autonomous tech, major programs underway today and what the tech means for the future. 4 p.m.

Election Security

48 HOURS — ‘Twas the morning before elections, when all through the house, not a creature was stirring, not even a … wait was that a fake video of Haitian migrant voters in Georgia? Nevermind.

It’s the last day before the big day, and intelligence officials would really like everyone to stop falling for state-linked disinformation videos right about now.

— The big players: Security giant Microsoft warned in late October of a critical 48-hour window when foreign attackers typically flood social media with election chaos.

Intel officials have since been racing to stamp out Kremlin-linked disinformation, including Haitian migrants illegally voting in Georgia, the second such effort following a debunk of Trump ballots being ripped up in Pennsylvania.

The FBI jumped into the fray Saturday to warn about two fake videos falsely claiming to be from the bureau, including one that invented a story about arrests of Democratic-linked groups for ballot fraud, according to reporting from CyberScoop.

Disinformation watchers have traced other Russian-linked claims targeting swing states over the last few days that have going viral have been going viral, such as:

  • Voting machines in Kentucky not allowing people to select former President Donald Trump’s name.
  • Vice President Kamala Harris and her husband being paid $500,000 by P. Diddy to tip him off about a police raid. 
  • Democrats and U.S. intelligence agencies plan to assassinate many Donald Trump allies after the 2024 election.

— The why of it all: The timing of all these efforts are calculated, NewsGuard disinformation and AI editor McKenzie Sadeghi explains.

“By releasing a wave of false narratives just before Election Day, adversaries aim to maximize impact and capitalize on this limited window, hoping that the spread of these claims will outpace fact-checking and rebuttals from U.S. federal agencies,” Sadeghi said.

— Watch those comments: NewsGuard also tracked how those campaigns — some linked to a Storm-1516 offshoot — are not only growing exponentially but are increasingly embedding in comment sections of Western news sites to feign authenticity as American citizens in less moderated spaces.

— The money trail: A deep dive by ISD researchers showed social media platforms are happy to profit from election doubt. According to the analysis, Meta’s platforms and X all took cash for ads pushing claims about rigged elections, despite their stated policies against exactly that kind of content.

— Feeling secure everywhere else: There’s a reason officials aren’t as vocal about cyberattacks on voting infrastructure this late into the cycle as last election.

While there are concerns on ransomware attacks on a county or leaked voter registration data (some of which is already public), senior CISA and election officials told reporters in a round table on Friday that while America is facing arguably the most complex threat landscape we have yet to see for an election, it comes at a time when the elections community has never been more prepared.

“That assessment is the immediate result of all the incredible work the election infrastructure community has done, especially since 2016,” one senior CISA official said.

That statement was echoed by a senior elections official, who added that around 65 million Americans had already voted ahead of the weekend.

On the Hill

MC EXCLUSIVE: DON’T STAND IDLY BY  — Sen. Chuck Grassley (R-Iowa) is pressing multiple federal agencies for answers about a monthslong Chinese espionage operation that targeted high-profile political figures, including former President Donald Trump and members of the Harris campaign, Morning Cyber is first to report.

In a letter sent Friday to top officials at the Department of Justice and FBI and another sent to top officials at the Department of Homeland Security, CISA and Secret Service, the Senate Budget Committee’s top Republican expressed mounting frustration over what he characterized as a lackadaisical federal response to increasingly brazen cyberattacks by foreign adversaries, but steadily aimed at Salt Typhoon.

— What Grassley wants: The letters demand detailed information by Nov. 15 on when agencies first detected the attacks, a full accounting of affected individuals and organizations, current security measures protecting government officials, steps being taken to prevent future attacks and the role of the White House’s Unified Coordination Group in response.

"Without additional information from the government, it appears that our adversaries are becoming more brazen while the agencies tasked with our nation's security remain idle," Grassley wrote.

— The big picture: The letters follow the Oct. 25 announcement by CISA and FBI that they're investigating "unauthorized access to commercial telecommunications infrastructure" by Chinese state-affiliated hackers they presume to be Salt Typhoon. The group allegedly collected phone call audio and unencrypted text messages from multiple political targets during the 2024 campaign season.

The Chinese hackers also breached major telecom providers AT&T and Verizon, as well as potentially the systems used for court-authorized wiretapping requests — potentially exposing millions of Americans' data and sensitive government information.

— Why we think it matters: Chinese hacking crews like Salt Typhoon have a history of exploiting vulnerabilities in edge devices — routers, firewalls and VPNs — to breach high-profile targets. It also comes off the heels of an Iranian hack of Trump’s campaign and multiple threats against former Trump officials who requested security protection.

The telecommunications sector has been particularly vulnerable, facing multiple major breaches in recent years — including a massive AT&T breach affecting nearly 110 million people (that Grassley had also requested answers for in August).

— Admin response so far: The Biden administration has activated a rare "unified coordination group" — an emergency response process — to combat the Salt Typhoon threat. DHS confirmed its Cyber Safety Review Board will "initiate a review of this incident at the appropriate time."

VANCE’S STANCES ON FISA — Republican vice presidential nominee JD Vance (R-Ohio) suggested on the Joe Rogan podcast ahead of the weekend that the same surveillance infrastructure created by the Patriot Act to enable domestic law enforcement may have given Chinese hackers a roadmap to America's telecommunications networks that hit his phone.

— How Vance is explaining it: "The way that they hacked our phones is they used the back door telecom infrastructure that had been developed in the wake of the Patriot Act," Vance told Rogan when discussing the recent Salt Typhoon operation that targeted his and former President Trump's phones.

Let’s make one thing clear: No one is sure what happened yet when it comes to those breaches.

— The context: While Vance appeared unconcerned about his own exposure ("some offensive memes" and grocery lists, he joked), the broader security implications could reshape the Section 702 surveillance debate. His comments suggest a Republican administration might break with traditional party support for broad surveillance powers.

Congress has long debated the renewal of Section 702 of FISA — a controversial power that’s used for surveillance of foreigners abroad — and earlier this year was reauthorized on a two-year term. The program has faced growing bipartisan skepticism over privacy concerns and would be met by a Trump-Vance administration in 2026 should the Republicans win.

— Some small wins: Rogan thinks the name Salt Typhoon is a “great name.” Hats off, Microsoft.

ALL CLEAR — Speaking of Chinese hackers infiltrating U.S. telecommunications networks to hit politicians, want to know who hasn’t been targeted so far? Members of the Select House Committee on China.

“To our knowledge, no one on the Select Committee was a target of these cyberattacks,” a spokesperson for the committee told Maggie on Friday.

A spokesperson for House Foreign Affairs Committee Chair Michael McCaul (R-Texas) told Maggie that McCaul “has been briefed” by both the FBI and the Senate Sergeant at Arms “in the last couple of months on the threat landscape facing both him personally and the U.S. elections.”

That doesn’t mean members of Congress aren’t potential targets of the hacking group, known as Salt Typhoon. Members of the Senate Intelligence Committee will be receiving a classified briefing when Congress returns from recess on the hacking efforts, and leaders of the House Homeland Security and Intelligence committees are also keeping a close eye on the topic.

Tweet of the Weekend

Thank you foreign adversaries for understanding.

Source: https://x.com/vxunderground/status/1852852490233852018

X

Quick Bytes

BEEP BOOP BEEP — Researchers have demonstrated the potential for abusing OpenAI's real-time voice API to conduct financial scams using ChatGPT-4o, despite its built-in safeguards, writes BleepingComputer’s Bill Toulas.

CYBER REGS DOWN UNDER — The Australian government may impose stricter cybersecurity regulations on more than 40 critical infrastructure operators designated as "Systems of National Significance,” Anthony Galloway reports for Capital Brief.

ICYMI — Sen. Ron Wyden (D-Ore.) is urging the Commerce Department to strengthen and expand proposed rules that restrict the export of U.S. surveillance technologies to repressive foreign governments, reports CyberScoop’s Tim Starks.

“Election security is a ‘top concern’: Atlanta mayor” (NewsNation)

Chat soon.

Stay in touch with the whole team: Joseph Gedeon (jgedeon@politico.com); John Sakellariadis ( jsakellariadis@politico.com); Maggie Miller (mmiller@politico.com); and Rosie Perper (rperper@politico.com). 

 

Follow us on Twitter

Heidi Vogt @HeidiVogt

Maggie Miller @magmill95

John Sakellariadis @johnnysaks130

Joseph Gedeon @JGedeon1

 

Follow us

Follow us on Facebook Follow us on Twitter Follow us on Instagram Listen on Apple Podcast
 

To change your alert settings, please log in at https://login.politico.com/?redirect=https%3A%2F%2Fwww.politico.com/settings

This email was sent to edwardlorilla1986.paxforex@blogger.com by: POLITICO, LLC 1000 Wilson Blvd. Arlington, VA, 22209, USA

Unsubscribe | Privacy Policy | Terms of Service

No comments:

Post a Comment

Welcome to TradeSmith Daily!

Hello, Thank you for subscribing! You will receive your first copy of TradeSmith Daily soon. We look forw...