Report Finds Election Officials Vulnerable to Phishing Emails
On Sunday, one hundred days before the U.S. presidential election, cybersecurity firm Area 1 Security published a report [PDF] assessing the security of over 10,000 email accounts belonging to local election officials. The report determined that a majority of officials were susceptible to phishing attacks, that only 18 percent of officials had implemented advanced anti-phishing cybersecurity measures to protect their email accounts, and that only 28 percent had basic measures to prevent such attacks. Of particular concern was the report’s finding that six jurisdictions were using mail transfer agent (MTA) Exim to run their email infrastructure. In May, the National Security Agency and Cybersecurity and Infrastructure Security Agency released an advisory that Russian military hackers had exploited a vulnerability in Exim that amounted to “a hacker’s dream access” and urged Exim users to patch their systems or preferably stop using the MTA software altogether. The report is sure to heighten lawmakers’ and cybersecurity experts’ fears that the United States has not adequately improved its election security since 2016, leaving the country vulnerable to possible meddling by state-based cyber actors.
Trump Administration Asks FCC to Narrow Section 230 Protections for Social Media Sites
On Monday, the U.S. Department of Commerce asked the Federal Communications Commission to narrow the legal protections granted to web platforms by Section 230 of the Communications Decency Act, the provision of the law that shields website owners from legal liability for many types of content posted on their site. Specifically, the petition [PDF] sought to clarify that Section 230 does not protect a web platform when it moderates or highlights user content based on a “reasonably discernible viewpoint or message, without having been prompted to, asked to, or searched for by the user.” The move stems from a May executive order signed two days after Twitter added information to refute misinformation contained in two of President Trump’s tweets and is aimed at combating what President Trump and Republican lawmakers claim is bias against conservative viewpoints on social media platforms. Internet firms and their political allies have argued that efforts to weaken Section 230 are thinly veiled political intimidation towards platforms attempting to combat misinformation and disinformation. They also warn that narrowing protections for website owners could make it more difficult for them to moderate hate speech and extremist content online.
Chinese Hackers Infiltrate Vatican Networks Prior to High-Level Talks
U.S.-based cybersecurity firm Recorded Future released a report [PDF] on Tuesday accusing Chinese state-sponsored hackers of infiltrating the Vatican’s computer networks in an apparent espionage campaign. The threat group, which Recorded Future referred to as RedDelta, began infiltration attempts in early May. In one instance, RedDelta embedded malware in a letter purportedly sent by the Vatican secretary of state Cardinal Pietro Parolin, demonstrating a high degree of technical sophistication and widespread access to church officials’ accounts. Recorded Future also indicated that the hackers seemed to be targeting the Holy See’s Study Mission to China, the Hong Kong-based organization that serves as the Pope’s de facto representative in negotiating the church’s status in China. Beijing and the Vatican are slated to begin negotiations in September over the renewal of a 2018 provisional deal on the appointment of Chinese Catholic bishops. Hackers were likely seeking information on the Church’s negotiating strategy prior to the high-level talks. The incident is sure to anger the Vatican and could destabilize its delicate relationship with the Chinese government, which has shown long-standing antipathy towards its ten million Catholic citizens, viewing them as a threat to the Chinese Communist Party’s authority. Neither party has commented on the hacking allegations.
House Lawmakers Grill Tech Leaders During Antitrust Hearing
On Wednesday, the chief executives of Amazon, Apple, Facebook, and Google endured over five hours of intense questioning from members of both political parties on the House Subcommittee on Antitrust, Commercial, and Administrative Law of the House Judiciary Committee. While at first glance the hearings seemed to be a rare show of bipartisanship, Democrats primarily pressed the four men on instances of anticompetitive behavior displayed by their firms, while Republicans mostly focused on accusing them of displaying an anti-conservative bias on their platforms. The hearing bore similarities to the Microsoft antitrust hearings of the late 1990s, which signaled a definitive end to the laissez faire attitude that Congress had toward its domestic tech companies. The four companies that participated in Wednesday’s hearing will likely endure further political headwinds in the years ahead. Google alone is facing a pending antitrust lawsuit from the U.S. Department of Justice as well as an EU antitrust probe over the company’s acquisition of Fitbit.
Hackers Target Eastern Europe in Anti-NATO Disinformation Campaign
A report [PDF] released Wednesday by cyber threat research firm FireEye revealed a coordinated disinformation campaign aimed at undermining the North Atlantic Treaty Organization (NATO) in Eastern Europe. Since 2017, a hacking group referred to as Ghostwriter has been donning fake personas of local officials in Latvia, Lithuania, and Poland to publish fabricated documents that push anti-NATO narratives consistent with Kremlin talking points on websites and news outlets across the region. Recently, the group seized on the ongoing coronavirus epidemic to spread disinformation. One instance saw the group generating fake quotes attributed to a NATO commander saying that Canadian soldiers in Latvia were spreading COVID-19, and another incident involved spreading a fabricated letter from NATO Secretary General Jens Stoltenberg claiming that NATO planned to withdraw from Lithuania due to coronavirus. Although FireEye did not determine the provenance of Ghostwriter, the tactics used and the messages pushed are consistent with Russia’s concerted efforts to undermine NATO near its borders.