Cybersecurity and Infrastructure Security Agency

Subterms

    Latest story

    163 Shares149 Views

    Partial Breach of Election Machine Passwords in Colorado Poses No Risk, State Says

    by

    Partial passwords for election machines that were accidentally leaked on the Colorado secretary of state’s website pose no threat to the system’s security, the secretary’s office said in a statement on Tuesday night.The passwords, which were exposed on a hidden tab in a spreadsheet online, were first revealed in a letter by Hope Scheppelman, the vice chair of the Colorado Republican Party. The passwords became visible when a user downloaded a voting systems inventory spreadsheet and clicked “unhide.”According to an affidavit that accompanied Ms. Scheppelman’s letter, the passwords had been exposed since at least August.But while the breach of password data is likely to erode confidence and invite disinformation in Colorado, there are multiple layers of security to protect the integrity of election machines in the state.Election machines are not connected to the internet, and they are required to be kept in secure rooms that require ID badges for entry. They also have “24/7 video camera recording on all election equipment,” according to the secretary of state’s office.Even if a person were to somehow gain access to a machine, the passwords revealed would not be sufficient.“There are two unique passwords for every election equipment component, which are kept in separate places and held by different parties,” Jack Todd, a spokesman for the Colorado secretary of state, Jena Griswold, said in a statement. “Passwords can only be used with physical in-person access to a voting system.”The statement also said the exposure would not affect how ballots are counted.The department contacted the Cybersecurity and Infrastructure Security Agency in the Department of Homeland Security, whose officials told the office that they would monitor the situation.A representative for the Department of Homeland Security did not respond to a request for comment on Tuesday night.Chris Krebs, the former director of the security agency, said the breach of passwords “highlights the critical importance of the various compensating controls in place that protect our nation’s election systems.”“While this is an extremely unfortunate leak that may serve to undermine confidence in some circles and feed into conspiracy theories in others, it nonetheless has negligible if any technical impact on Colorado’s systems,” Mr. Krebs added.The breach of password data resonates in Colorado, a state where Tina Peters, an election official from Mesa County, concocted a brazen and bizarre breach of election machines after the 2020 election.She was recently sentenced to nine years in federal prison for her scheme. More

    More stories

    • 150 Shares167 Views

      in Elections

      Video of Ballots Being Destroyed Was Faked by Russia, Federal Officials Say

      by

      The video, which purported to show mailed-in ballots in Pennsylvania being ripped up, was part of Moscow’s efforts to influence the U.S. presidential election, the officials said.Federal officials said on Friday that a video showing mailed-in ballots in Pennsylvania being destroyed was a fake, created by Russia as part of Moscow’s efforts to influence the U.S. presidential election.The Office of the Director of National Intelligence has issued repeated warnings about Russia’s attempts to sow chaos and undermine faith in the integrity of the presidential vote. The video falsely showing destroyed ballots was part of that campaign, the office said in a joint statement with the F.B.I. and the Cybersecurity and Infrastructure Security Agency.In the statement, intelligence officials said they expected both in the approach to the election and in the weeks after that Russia would “create and release additional media content that seeks to undermine trust in the integrity of the election and divide Americans.”The video, which purported to show ballots in Bucks County, Pa., being ripped up, was quickly called out as fake by local Republican and Democratic election officials.“This type of behavior is meant to sow division and distrust in our election systems, and makes a mockery of the people working incredibly hard to ensure a free and fair election is carried out,” county officials said in a statement.U.S. intelligence officials have previously said that Moscow favors the election of Donald J. Trump. In recent weeks, Russians have been spreading fake videos to undermine the campaign of Vice President Kamala Harris. One such video, which made false abuse accusations against her running mate, Gov. Tim Walz of Minnesota, was identified by intelligence officials this week as being a Russian government operation.In the same briefing, intelligence officials said Russia was planning to work to increase Americans’ doubts about the November election and potentially foment violence, stoking concerns about the integrity of the vote.The fake video showing ballots being destroyed appears to be a first step in those efforts to raise voter concerns.The Cybersecurity and Infrastructure Security Agency, which helps local officials safeguard voting systems, has been holding regular briefings with officials about foreign efforts to influence the election, urging them to aggressively respond to attempts to spread disinformation about the integrity of the vote.Russia has pushed a variety of videos during the election, some trying to undercut American support for Ukraine and others making more direct attacks on Democrats. Moscow’s attempts to spread disinformation initially appeared to have been knocked off-balance when President Biden dropped out of the race and threw his support to Ms. Harris. But more recently, those efforts have focused on attacking Ms. Harris and Mr. Walz, and the pace of Russian activity began increasing in October, according to government and industry officials. More

    • 150 Shares169 Views

      in Elections

      Iran Hackers Sought to Send Stolen Trump Campaign Information to Biden Camp

      by

      The emails were part of a sweeping effort by Iran to steal and disseminate sensitive internal communications between aides working for former President Donald J. Trump.Iranian hackers seeking to influence the 2024 election sent excerpts from pilfered Trump campaign documents to people associated with President Biden’s re-election campaign this summer, but the recipients did not respond, law enforcement officials said on Wednesday.The emails, sent in late June and early July, were part of a sweeping effort by Iran to steal and disseminate sensitive internal communications between aides working for former President Donald J. Trump after it gained access to the email accounts of a longtime political adviser, Roger J. Stone.“Iranian malicious cyberactors” sent unsolicited emails that contained “an excerpt taken from stolen, nonpublic material from former President Trump’s campaign,” officials at the Office of the Director of National Intelligence, the F.B.I. and the Cybersecurity and Infrastructure Security Agency wrote in a joint statement.The intended recipients, who were not identified in the statement, did not appear to have replied. Even as federal officials have suggested that the hackers also targeted the Biden and Harris campaigns, they believe that the emails including the stolen Trump material were sent to be disseminated to his political enemies.“This is further proof the Iranians are actively interfering in the election to help Kamala Harris and Joe Biden because they know President Trump will restore his tough sanctions and stand against their reign of terror,” said Karoline Leavitt, a spokeswoman for the Trump campaign.A spokeswoman for the Harris campaign, Morgan Finkelstein, noted that a few people were “targeted on their personal emails with what looked like a spam or phishing attempt,” though she added that she was not aware that any material had been sent to campaign accounts.“We have cooperated with the appropriate law enforcement authorities since we were made aware that individuals associated with the then-Biden campaign were among the intended victims of this foreign influence operation,” she added.The Justice Department’s national security division has been investigating the Stone attack and could charge some of those responsible as early as this week, according to several officials familiar with the situation.In a speech last week, the senior Justice Department official responsible for investigating overseas election interference and the head of the department’s national security division, Matthew G. Olsen, accused Russia of seeking to undermine Mr. Biden and Vice President Kamala Harris to bolster Mr. Trump’s re-election chances.He also cited Iran’s recent hacking of the Trump campaign as evidence that some adversaries were also seeking to damage Mr. Trump’s chances of victory.In August, the Justice Department indicted a Pakistani citizen with ties to Iran for plotting assassination attempts against top political figures, including the former president. More

    • 150 Shares159 Views

      in Elections

      Iran Is to Blame for Hacking Into Trump’s Campaign, Intelligence Officials Say

      by

      American intelligence agencies also confirmed that the effort extended to the Biden-Harris campaign, though that bid was unsuccessful.American intelligence agencies said on Monday that Iran was responsible for hacking into former President Donald J. Trump’s campaign and trying to breach the Biden-Harris campaign.The finding, which was widely expected, came days after a longtime Trump adviser, Roger J. Stone, revealed that his Hotmail and Gmail accounts had been compromised. That intrusion evidently allowed Iranian hackers to impersonate him and gain access to the emails of campaign aides.The announcement was the starkest indication to date that foreign intelligence organizations have mobilized to interfere in the 2024 election at a moment of heightened partisan polarization at home and escalating tensions abroad between Iran and Israel, along with its international allies, including the United States.“Iran seeks to stoke discord and undermine confidence in our democratic institutions,” intelligence officials wrote in a joint statement from the F.B.I., the Office of the Director of National Intelligence and the Cybersecurity and Infrastructure Security Agency.The Islamic Republic has “demonstrated a longstanding interest in exploiting societal tensions through various means,” the officials added.The joint statement provided no new details about the attacks, nor did it specify how the agencies knew Iran was responsible.We are having trouble retrieving the article content.Please enable JavaScript in your browser settings.Thank you for your patience while we verify access. If you are in Reader mode please exit and log into your Times account, or subscribe for all of The Times.Thank you for your patience while we verify access.Already a subscriber? Log in.Want all of The Times? Subscribe. More

    • 163 Shares169 Views

      in Elections

      Scams Tied to the CrowdStrike Crash Have Bloomed. Here’s How to Stay Safe

      by

      People posing as airline customer service representatives may be making fraudulent attempts to access your money or private data, experts warn.In the hours after the American cybersecurity firm CrowdStrike deployed a flawed software update that crippled critical businesses and services around the world, scammers pounced.Government agencies and businesses have warned that the panic caused by the CrowdStrike crash on Friday has given criminals an opening to take advantage of customers who are looking to reschedule flights, access banking information or fix their technology.Here are some ways to guard against the fraudulent schemes.Scammers see an opportunity.CrowdStrike provides cybersecurity for some 70 percent of Fortune 100 companies, so the crash led to widespread failures that grounded planes, crippled businesses, disrupted 911 emergency systems and delayed banking transactions.Thieves online are using the confusion to carry out a variety of scams, including phishing attempts, the U.S. Cybersecurity and Infrastructure Security Agency said. The National Cyber Security Center in the United Kingdom issued a similar statement noting that an “increase in phishing referencing this outage has already been observed.”Scammers may look to get your money immediately by offering a product like a bogus plane ticket. But they could also be after personal identifying data that would allow them to access your finances in the future.What industries are being targeted?Because grounded planes caused frustrated customers to look to reschedule their flights, travel has been particularly subject to schemers, said Anton Dahbura, the executive director of the Information Security Institute at Johns Hopkins University.We are having trouble retrieving the article content.Please enable JavaScript in your browser settings.Thank you for your patience while we verify access. If you are in Reader mode please exit and log into your Times account, or subscribe for all of The Times.Thank you for your patience while we verify access.Already a subscriber? Log in.Want all of The Times? Subscribe. More

    • 100 Shares119 Views

      in Elections

      After CrowdStrike Causes Outage, Are U.S. Networks Safe?

      by

      With each cascade of digital disaster, new vulnerabilities emerge. The latest chaos wasn’t caused by an adversary, but it provided a road map of American vulnerabilities at a critical moment.In the worst-case scenarios that the Biden administration has quietly simulated over the past year or so, Russian hackers working on behalf of Vladimir V. Putin bring down hospital systems across the United States. In others, China’s military hackers trigger chaos, shutting down water systems and electric grids to distract Americans from an invasion of Taiwan.As it turned out, none of those grim situations caused Friday’s national digital meltdown. It was, by all appearances, purely human error — a few bad keystrokes that demonstrated the fragility of a vast set of interconnected networks in which one mistake can cause a cascade of unintended consequences. Since no one really understands what is connected to what, it is no surprise that such episodes keep happening, each incident just a few degrees different from the last.Among Washington’s cyberwarriors, the first reaction on Friday morning was relief that this wasn’t a nation-state attack. For two years now, the White House, the Pentagon and the nation’s cyberdefenders have been trying to come to terms with “Volt Typhoon,” a particularly elusive form of malware that China has put into American critical infrastructure. It is hard to find, even harder to evict from vital computer networks and designed to sow far greater fear and chaos than the country saw on Friday.Yet as the “blue screen of death” popped up from the operating rooms of Massachusetts General Hospital to the airline management systems that keep planes flying, America got another reminder of the halting progress of “cyber resilience.” It was a particularly bitter discovery then that a flawed update to a trusted tool in that effort — CrowdStrike’s software to find and neutralize cyberattacks — was the cause of the problem, not the savior.Only in recent years has the United States gotten serious about the problem. Government partnerships with private industry were put together to share lessons. The F.B.I. and the National Security Agency, along with the Cybersecurity and Infrastructure Security Agency at the Homeland Security Department, issue bulletins outlining vulnerabilities or blowing the whistle on hackers.President Biden even created a Cyber Safety Review Board that looks at major incidents. It is modeled on the National Transportation Safety Board, which reviews airplane and train accidents, among other disasters, and publishes “lessons learned.”We are having trouble retrieving the article content.Please enable JavaScript in your browser settings.Thank you for your patience while we verify access. If you are in Reader mode please exit and log into your Times account, or subscribe for all of The Times.Thank you for your patience while we verify access.Already a subscriber? Log in.Want all of The Times? Subscribe. More