Federal authorities have been
investigating reports that hackers targeted the mobile phones of a handful of
Democratic Party staffers, according to a Reuters article published last week.
The news follows a series of breaches in recent months that
revealed emails and other personal information of party staffers and other
Democratic officials.
The FBI has launched an investigation into the attacks, which
party officials believe are linked to Russia. Several members of Congress have
raised suspicions in recent weeks that Russia might be attempting to interfere
with the U.S. elections.
In addition to cyberattacks on Democratic Party operatives, recent
breaches of state election systems are suspected of having Russian connections.
Possible targets were asked to turn over their phones so an
"image" could be made of the devices, the latest reports indicated.
Data retrieved from Democratic Party staff emails may have been used to access
the mobile phones.
CrowdStrike, a Cybersecurity firm that investigated prior
cyberattacks involving the DNC and other targets, declined to comment for this
story.
The alleged mobile phone hacks reportedly involve malicious
software infecting the devices. The data probe could involve photos, contacts,
text messages, phone logs and other items.
DNC officials did not respond to our request to comment for this
story. FBI officials declined to comment.
High
Alert
A variety of means can be used to infect software, said
Christopher Budd, global threat communications manager at Trend Micro.
"For mobile, the one unique vector is getting people to
install what they believe are legitimate apps from spoofed or otherwise
misrepresented app stores," he told TechNewsWorld. "However, there's
no indication that a malicious app was involved in this case. It's a little
harder to get malicious software on a mobile device, but it can be done."
News of the investigation adds to the heightened state of alert
about the integrity of various U.S. election systems. Sen. Dianne Feinstein,
vice chairman of the Senate Intelligence Committee, and Rep. Adam Schiff,
ranking member of the House Intelligence Committee, recently released a
statement on alleged Russian hacking activity against various systems.
"Based on briefings we have received, we have concluded that
the Russian intelligence agencies are making a serious and concerted effort to
influence the U.S. election," they said. "At the least, this effort
is intended to sow doubt about the security of our election and may well be
intended to influence the outcomes of the election -- we can see no other
rationale for the behavior of the Russians."
The orders for such activity could only come only from "very
senior levels of the Russian government," Feinstein and Schiff maintained,
and they called on Russian President Vladimir Putin to order an immediate halt
to the activity.
Shoring
Up Defenses
In wake of attacks on election databases in Illinois and Arizona,
18 states have accepted an offer from the Department of
Homeland Security to help them make sure their election systems
are secure, Secretary Jeh Johnson testified in a Senate committee hearing last
week.
In those cases, suspected overseas hackers compromised the
personal information of up to 200,000 voter records in Illinois and also
attacked the election infrastructure in Arizona. However, no individual records
were compromised.
The Illinois breach involved a suspected SQL injection attack,
officials confirmed. Arizona election officials have linked the attack there to
suspected Russian actors.
DHS last month issued a warning to state election officials about possible
threats to their respective systems and offered to provide additional security
measures, including cyberhygiene scans of their respective Internet-facing
systems, and risk and vulnerability scans by on-site experts.
The public should have confidence in the election system, despite
concerns about recent attacks on the DNC and infrastructures in Arizona and
Illinois, said Thomas Hicks, chairman of the U.S. Election Assistance
Commission.
"Because of the decentralized nature of the American election
administration system, there is no single, uniform national system that would
affect the outcome of election results for the November 2016 presidential
election," he testified late last month before the Subcommittee for
Information Technology for the Committee on Oversight and Government Reform.
Suspected Russian hackers, including the teams known as
"Fancy Bear" and "Cozy Bear," have been implicated in
earlier hacks on the DNC and other federal agencies.
A spearphising attack on Bellingcat, a website backed by a group
of citizen journalists involved in the probe of MH 17, carries the hallmarks of
Fancy Bear, according to ThreatConnect.
The attacks, which date back to last year, targeted individual
emails, and were similar to the attack on White House staffer Billy
Rinehart, whose stolen information recently was splashed onto DCleaks,
suspected of being a Russian-influenced operation.
"There is no way to easily tell the intentions of the hacks
targeting Bellingcat and its journalists," said Kyle Ehmke, senior threat
intelligence researcher at ThreatConnect.
No comments:
Post a Comment