Officials Say Iran, Russia Obtained Publicly Available Data to Influence Presidential Campaign
Feds also say phishers posed as Proud Boys to scare Dems into voting for GOP, Law enforcement agencies across all 50 states have encrypted device unlocking tools, McAfee has gone public again
In an unexpected press event by the FBI held at night without any questions taken from reporters, top national security officials claimed that Iran and Russia have both obtained voter registration data to influence the U.S. presidential election during its final two weeks. Director of National Intelligence John Ratcliffe and FBI Director Christopher Wray said the voter data obtained by the adversaries is public and no evidence exists that anyone hacked into voter registration systems or altered vote totals.
Iran purportedly used the data to pose as the hard-right group Proud Boys to send spoofed emails to Democratic voters scaring them into voting for Republicans, which Ratcliffe said purportedly hurt Trump, although how he did not elaborate further. Cybersecurity firm Proofpoint said that the hackers tried to cover their tracks by first routing the emails through a compromised Saudi insurance company network and then using the website of an Estonian textbook company.
The pairing of Ratcliffe with Wray is an unusual development given that Ratcliffe, who is routinely derided by security professionals as unqualified, is a Trump loyalist who barely garnered enough votes in the Senate to achieve the role of ODNI. Wray, who has the backing of Attorney General Wiliam Barr, has been publicly and privately lambasted by Donald Trump for not producing last-minute evidence that would swing the election his way. Trump reportedly plans to fire Wray after the election.
Related: POLITICO, Reuters, Vox, BusinessWorld, The Sun, Business Insider, RT USA, Vox, Mediaite, Motherboard, Stars and Stripes, ZDNet Security, The New Daily, TIME, Mercury News, SecurityWeek, The Register - Security, Cyberscoop, Bleeping Computer, Mother Jones, Infosecurity Magazine, Mother Jones, Washington Post, NBC News, New York Times, Wall Street Journal, Reddit - cybersecurity, RTE, The Sun, Devdiscourse News Desk, The Guardian
Josh Campbell @joshscampbellNEWS: Speaking at FBI headquarters, the Director of National Intelligence says Iran and Russia have taken actions to influence public opinion in the election. Some voter registration information was obtained by both nations, which could be used to communicate propaganda.
Dustin *Get Your Flu Shot* Volz @dnvolzTwo officials told me Ratcliffe made an analytical leap saying Proud Boys email spoofing was intended to harm Trump and said it was aimed at undermining public confidence. A third official said the claim was backed by specific intelligence. https://t.co/QaJ1iYfOVw
Law Enforcement Agencies in All 50 States and the District of Columbia Have Purchased Tools to Unlock Encrypted Devices
Despite repeated claims by law enforcement that they are “going dark” in terms of gathering evidence from encrypted devices, law enforcement officials across the country are regularly breaking into encrypted smartphones using unlocking tools, according to a new report by Upturn, a Washington nonprofit that investigates how the police use technology. At least 2,000 law enforcement agencies in all 50 states now have the tools to get into locked, encrypted phones and extract data, according to 110 public records requests to state and local law enforcement agencies across the country. (Jack Nicas / New York Times)
McAfee Has Gone Public Again, Raises $620 Million in IPO
Cybersecurity company McAfee, which went private in 2010 when Intel purchased the antivirus giant, is now public again, debuting on the Nasdaq as MCFE and raising $620 million. The company is backed by U.S. private equity firms TPG and Thoma Bravo and has $4.8 billion in debt, which it hopes to reduce with some of the IPO proceeds. (Chibuike Oguh / Reuters)
Other Cybersecurity News
The City of Shafter, CA, has been crippled by a ransomware attack and hasn’t been able to get its systems free. The city doesn’t believe that the attackers accessed any data. (Tim Johns / Bakersfield Now)
Credit card giant Mastercard has teamed up with identity solutions firm Idemia and Singapore-based fintech MatchMove to pilot a biometric fingerprint card called F.Code that makes it easy to authorize in-store payment transactions in Asia. Instead of being read on a central database, the biometric data is stored on the card, which is embedded with a sensor to allow customers to authorize a payment using their fingerprint. (Aimee Chanthadavong / ZDNet)
Related: Help Net Security
Podcast of the Day
Graham Cluley and Carole Theriault, joined this week by Tim Hwang on the Smahsing Security podcast talk about the Darkside playing Robinhood by donating extorted bitcoins to charity, the micro-targeted ad industry, and burger-flipping robots. Always amusing. Check it out. Photo by Austin Distel on Unsplash
We Would Like to Bring an Overlooked Story to Your Attention
Sean Lyngaas of Cyberscoop had a major scoop, at least for a while, earlier this week. Turns out, suspected Russian hackers known as TEMP.Isotope were behind multiple recent intrusions of U.S. state and local computer networks, according to cybersecurity firm FireEye. The FBI and the U.S. Cybersecurity and Infrastructure Security Agency had issued a warning that attackers were targeting U.S. election systems on October 8 but did not name the Russian hacking group.
Excellent Long-Read of the Week
Don’t miss this long profile by Anna Wiener of encryption pioneer and Signal co-founder Moxie Marlinspike in this week’s New Yorker. “Marlinspike is the C.E.O. of Signal, the end-to-end encrypted messaging service, which he launched in 2014; he is also a cryptographer, a hacker, a shipwright, and a licensed mariner,” Wiener writes.