Dhaka, Sep 2 (AP/UNB) - Nearly a year after Russian government hackers meddled in the 2016 U.S. election, researchers at cybersecurity firm Trend Micro zeroed in on a new sign of trouble: a group of suspect websites.
The sites mimicked a portal used by U.S. senators and their staffs, with easy-to-miss discrepancies. Emails to Senate users urged them to reset their passwords — an apparent attempt to steal them.
Once again, hackers on the outside of the American political system were probing for a way in.
"Their attack methods continue to take advantage of human nature and when you get into an election cycle the targets are very public ," said Mark Nunnikhoven, vice president of cloud research at Trend Micro.
Now the U.S. has entered a new election cycle. And the attempt to infiltrate the Senate network, linked to hackers aligned with Russia and brought to public attention in July, is a reminder of the risks, and the difficulty of assessing them.
Newly reported attempts at infiltration and social media manipulation — which Moscow officially denies — point to Russia's continued interest in meddling in U.S. politics. There is no clear evidence, experts said, of efforts by the Kremlin specifically designed to disrupt elections in November. But it wouldn't take much to cause turmoil.
"It's not a question of whether somebody is going to try to breach the system, to manipulate the system, to influence the system," said Robby Mook, who managed Hillary Clinton's presidential campaign and co-directs a Harvard University project to protect democracy from cyberattacks, in an interview earlier this year. "The question is: Are we prepared for it?"
Online targeting of the U.S. political system has come on three fronts — efforts to get inside political campaigns and institutions and expose damaging information; probes of electoral systems, potentially to alter voter data and results; and fake ads and accounts on social media used to spread disinformation and fan divisions among Americans.
In recent weeks, Microsoft reported that it had disabled six Russian-launched websites masquerading as U.S. think tanks and Senate sites. Facebook and the security firm FireEye revealed influence campaigns , originating in Iran and Russia, that led the social network to remove 652 impostor accounts, some targeted at Americans. The office of Republican Sen. Pat Toomey of Pennsylvania said hackers tied to a "nation-state" had sent phishing emails to old campaign email accounts.
U.S. officials said they have not detected any attempts to corrupt election systems or leak information rivaling Kremlin hacking before President Donald Trump's surprise 2016 victory.
Still, "we fully realize that we are just one click away of the keyboard from a similar situation repeating itself," Dan Coats, the director of national intelligence, said in July.
Michael McFaul, the architect of the Obama administration's Russia policy, has said he believes Russian President Vladimir Putin perceives little benefit in a major disruption effort this year, preferring to keep his powder dry for the 2020 presidential contest.
But even if the upcoming elections escape disruption, that hardly means the U.S. is in the clear .
Trump's decision in May to eliminate the post of White House cybersecurity coordinator confirmed his lack of interest in countering Russian meddling, critics say. Congress has not delivered any legislation to combat election interference or disinformation. Last week, a review of the bipartisan "Secure Elections Act" was canceled after Republican leaders registered objections, congressional staffers said.
The risks extend beyond the midterms.
"The biggest question is going to be how are you going to make sure that people actually trust the results, because democracy relies on credibility," said Ben Nimmo, a researcher at the Atlantic Council. "It's not over after November."
Experts said it is too late to safeguard U.S. voting systems and campaigns this election cycle. But with two months to go, there is time enough to take stock of the Russian-sponsored interference that has come to light so far — and to assess the risks of what we don't know.
In mid-2016, hackers found a way into the voter registration database at the Illinois State Board of Elections and spent three weeks poking around. After the breach was discovered, officials said the infiltrators had downloaded the records of up to 90,000 voters.
It's not clear that anything nefarious was done with those records. But when special counsel Robert Mueller charged a dozen Russian intelligence agents with hacking this July, the indictment clarified the potential for damage. The hackers had, in fact, stolen information on 500,000 voters, including dates of birth and partial Social Security numbers.
"The internet allows foreign adversaries to attack Americans in new and unexpected ways," Deputy Attorney General Rod Rosenstein said, in announcing the indictments.
The Illinois hack is the most notable case of foreign tampering with U.S. election systems to come to light. There has been no evidence of efforts to change voter information or tamper with voting machines, though experts caution hackers might have planted unseen malware in far-flung election systems that could be triggered later.
Potential problems are not limited to Illinois.
A week before the 2016 general election, Russian intelligence agents sent spear-phishing emails to 122 local elections officials who were customers of VR Systems, a Tallahassee, Florida-based election software vendor.
In addition to Illinois, at least 20 other state systems were probed by the same Russian military unit that targeted VR's customers, federal officials said.
"My unofficial opinion is that we're kind of fooling ourselves if we don't think that they tried to at least make a pass at all 50 states," said Christopher Krebs, the undersecretary for critical infrastructure at DHS.
In June 2017, the federal Election Assistance Commission informed dozens of local voting officials that hackers had attempted to penetrate the systems of a voting system manufacturer, presumed by many to be VR.
"Attempts have been made to obtain voting equipment, security information and in general to probe for vulnerabilities," the EAC wrote officials. Despite those concerns, federal officials have moved slowly to share intelligence with officials who supervise elections. As of mid-August, 92 state officials had been given clearances.
Much of the machinery used to collect and tabulate votes is antiquated, built by a handful of unregulated and secretive vendors, with outdated software that makes them highly vulnerable to attacks, researchers said.
"If someone was able to compromise even a handful of voting machines I think that would be sufficient to cause people to not trust the system," said Sherri Ramsay, a former National Security Agency senior executive.
This spring, a website used by Knox County, Tennessee, officials to display election-night results was knocked offline by an unidentified perpetrator. While the attack was little noticed, it would not be hard to replicate, experts said. Combined with a social media campaign alleging vote tampering, such mischief could cast a shadow over an election, they said.
Election officials have been sandboxing such scenarios for weeks as they prepare for November's balloting.
There's already a Russian playbook for thwarting an election: In Ukraine in 2014, the presidential contest was disrupted by a virus that scrambled election-management software, followed by a media disinformation campaign claiming a pro-Moscow candidate had won.
Democratic Sen. Claire McCaskill of Missouri is plenty busy this fall as she seeks re-election in a state that voted overwhelmingly for Trump. So when an attempt by Russian hackers to infiltrate her campaign came to light in July, she acknowledged it only briefly.
"While this attack was not successful, it is outrageous that they think they can get away with this," McCaskill said. "I will not be intimidated. I've said it before and I will say it again, Putin is a thug and a bully."
The failed hack, which included an attempt to steal the password of at least one McCaskill staffer through a fake Senate login website identified by Microsoft, is the most notable instance of attempted campaign meddling by Russia made public this year.
Microsoft executives said recently that the company had detected attempts by Russia's GRU military intelligence agency to hack two senators. One was presumably McCaskill, but the others have not been identified.
The group behind that attempt, Fancy Bear, is the same one indicted July 13 and identified by Microsoft as the creator of fake websites targeting the Hudson Institute and the International Republican Institute, frequent critics of the Kremlin. Since the summer of 2017, Fancy Bear has aggressively targeted political groups, universities, law enforcement agencies and anti-corruption nonprofits in the U.S. and elsewhere, according to TrendMicro.
"Russian hackers appear to be broadening their target set, but I think tying it to the midterm elections is pure speculation at this point," said Michael Connell , an analyst at the federally funded Center for Naval Analyses in Arlington, Virginia.
There have been other recent reports of U.S. congressional campaign websites targeted by hackers, but that doesn't mean Russian agents are to blame. Experts said most are likely run-of-the-mill criminal cyberattacks seeking financial gain rather than political change.
But Eric Rosenbach, who served as assistant secretary of defense for global security during President Barack Obama's administration and is now at Harvard, said the limited examples of Russian intrusion that have come to light may be only a tip to more significant, still hidden schemes.
"There probably have already been compromises of important campaigns in places where it could sway the outcome or undermine trust in the election," Rosenbach said. "We might not see that until the very last moment."
The risk is magnified by poor efforts to protect many campaign sites, said Josh Franklin, until last month the lead National Institutes of Standards and Technology researcher on voting systems security.
Nearly a third of the 527 House of Representatives campaigns examined by Franklin and fellow researchers had such poor cybersecurity they were graded worse than failing.
"We couldn't go any further with our scan," he said. "We were told that we would be in danger of being sued by the candidate campaigns."
By the time a group called "ReSisters" began organizing a rally against white nationalism for Aug. 10, it had spent more than a year sharing left-wing posts about feminism, immigration and other hot-button topics.
"Confront + Resist Fascism," the group urged on a Facebook event page for its "No Unite the Right 2" protest in Washington, D.C. Like-minded Facebook users posted information about transportation, materials and location so those interested could attend.
In late July, Facebook short-circuited the effort, shutting down the pages and accounts of ReSisters and 31 others. Despite appearing to speak for Americans, the company said, the accounts were planted by unidentified outsiders to fuel divisions among U.S. voters. Researchers at the Atlantic Council who examined the accounts said they acted in ways echoing Russian troll operations before the 2016 election, pointing to English on the pages speckled with grammatical mistakes typical of native Russian speakers.
"We face determined, well-funded adversaries who will never give up and are constantly changing tactics," Facebook said. The outing of the sites is a reminder as November approaches that Russians and other foreign actors continue to use social media to try to influence U.S. politics.
Since the 2016 election, officials and researchers have learned much more about such infiltration. The May release by House Democrats of more than 3,500 ads placed on Facebook by Russian agents from 2015 to 2017 revealed a deliberate campaign to inflame racial divisions in the U.S. Facebook and other tech companies say they are working hard to combat such behavior. But it is not nearly enough, experts said.
The companies must be forced to act faster against Russian and other disinformation campaigns and be made more accountable , said Dipayan Ghosh, a fellow at Harvard's Kennedy School of Government who has worked at both the White House and Facebook on tech policy including social media manipulation.
Ghosh said quantifying Russian disinformation on social media is difficult because they "are operating behind a commercial veil" of for-profit networks that are not subject to public scrutiny.
"The industry is currently accountable to nobody," Ghosh said.
After Facebook was criticized for allowing a data-mining firm to collect information about millions of its users, CEO Mark Zuckerberg said he was open to regulation. But the "Honest Ads Act," which would require online political ads to be identified as they are in traditional media, has stalled in Congress.
The bill's sponsors include the late John McCain and Sen. Mark Warner, the Virginia Democrat who has pressed Facebook for change since the 2016 elections. Executives from Facebook, Twitter and Google are expected to testify before Warner and other members of the Senate Intelligence Committee this week.
Experts said they are uncertain of the effectiveness of Russian disinformation, complicating assessment of the threat it might now pose.
In 2016, Russian actors likely did the greatest damage by hacking and leaking emails from Hillary Clinton's campaign and Democrats' national organization, which were widely reported by the news media. But comparatively few American voters saw individual pieces of misinformation on social media, making it unlikely that it swayed votes , said Brendan Nyhan, a University of Michigan political scientist who has analyzed the scope and impact of the Russian operations.
"There's still too much simplistic thinking about all-powerful propaganda that doesn't correspond to what we know from social science about how hard it is to change people's minds. I'm more concerned about the threat of intensifying polarization and calling the legitimacy of elections into question than I am about massive swings in vote choice," he said.
Still, it is clear that Russian intelligence views its efforts as successful and their example has already stirred others, like Iran, to try similar strategies. Such efforts are bent on coloring U.S. politics even if they are not tied to a specific election, said Lee Foster, FireEye's manager of information operations analysis.
"Where do you draw the line between efforts to influence the election or an election or efforts to influence U.S. domestic politics in general?" Foster said. "We can't just think in the context of the next election. It's not like this goes away after the midterms."
New York, July 28 (AP/UNB) — Cracking down on hate, abuse and online trolls is also hurting Twitter's standing with investors.
The company's stock plunged Friday after it reported a decline in its monthly users and warned that the number could fall further in the coming months. The 20.5 percent plunge comes one day after Facebook lost 19 percent of its value in a single day.
Twitter says it's putting the long-term stability of its platform above user growth. That leaves investors seemingly unable to value what the biggest companies in the sector, which rely on their potential user reach, are worth.
Twitter had 335 million monthly users in the quarter, below the 339 million Wall Street was expecting, and down slightly from 336 million in the first quarter. That overshadowed a strong monthly user growth of 3 percent compared with the previous year.
The company said its monthly user number could continue to fall in the "mid-single-digit millions" in the third quarter.
While Friday was Twitter's second-worst loss since it went public in November 2013, the stock has still doubled in value over the last 12 months.
Long criticized for allowing bad behavior to run rampant on its platform, Twitter has begun to crack down, banning accounts that violate its terms and making others less visible.
Twitter is now attempting to rein in the worst offenders after years as one of the Wild West corners of the internet.
At the same time, it must convince people it's the go-to platform in social media, even though it is dwarfed right now by Facebook.
Facebook has more than 2.23 billion users while its apps WhatsApp, Instagram and Messenger each have over 1 billion.
Twitter on Friday reiterated its efforts to "to invest in improving the health of the public conversation" on its platform, making the "long-term health" of its service a priority over short-term metrics such as user numbers.
As part of these efforts, Twitter said that as of May, its systems identified and challenged more than 9 million accounts per week that are potentially spam or automated, up from 6.4 million in December 2017. The company has previously disclosed these numbers.
A Washington Post report put the total number of suspended accounts in May and June at 70 million. The Associated Press also found that Twitter suspended 56 million such accounts in the last quarter of 2017. While Twitter maintains that most of these accounts were dormant and thus not counted in the monthly user figure, the company also warned that its cleanup efforts could affect its counted user base without giving specific numbers.
"We want people to feel safe freely expressing themselves and have launched new tools to address problem behaviors that distort and distract from the public conversation," CEO Jack Dorsey said in a prepared statement.
Twitter's market value dropped by more than $6 billion Friday, to around $26 billion. Investors still value Facebook at $503 billion. Facebook lost $119 billion in value on Thursday.
Twitter's second-quarter net income hit $100.1 million, after a loss last year during the same period. It's the company's third profit in a row, the third it has ever posted.
Per-share, the San Francisco company's net income was 13 cents, or 17 cents adjusted, in line with expectations, according to a poll by Zacks Investment Research.
Revenue of $710.5 million, up 24 percent and edging out expectations of $696 million.
New York, Jul 25 (AP/UNB) — Facebook is blocked in China but it's still setting up a subsidiary in the world's most populous country.
The company says it wants to set up an "innovation hub" in Zhejiang to support Chinese developers, innovators and startups. It has done the same elsewhere, including France, Brazil, South Korea and India. But it is not blocked in those countries.
Facebook said on Tuesday that the subsidiary will focus on training and workshops for developers and entrepreneurs.
According to The Washington Post, a filing published on China's National Enterprise Credit Information Publicity System listed the company as Facebook Technology (Hangzhou) Co. The filing, which is no longer accessible, noted that the company is owned by Facebook Hong Kong Ltd. It has registered capital of $30 million.
Iowa City, Iowa, Jul 25 (AP/UNB)- One app promotes itself as a way to discuss sensitive negotiations and human resources problems without leaving a digital record.
Another boasts that disappearing messages “keep your message history tidy.” And a popular email service recently launched a “confidential mode” allowing the content of messages to disappear after a set time.
The proliferation of digital tools that make text and email messages vanish may be welcome to Americans seeking to guard their privacy. But open government advocates fear they are being misused by public officials to conduct business in secret and evade transparency laws.
Whether communications on those platforms should be part of the public record is a growing but unsettled debate in states across the country. Updates to transparency laws lag behind rapid technological advances, and the public and private personas of state officials overlap on private smartphones and social media accounts.
“Those kind of technologies literally undermine, through the technology itself, state open government laws and policies,” said Daniel Bevarly, executive director of the National Freedom of Information Coalition. “And they come on top of the misuse of other technologies, like people using their own private email and cellphones to conduct business.”
Some government officials have argued that public employees should be free to communicate on private, non-governmental cellphones and social media platforms without triggering open records requirements.
Lawmakers in Kentucky and Arizona this year unsuccessfully proposed exempting all communications on personal phones from state open records laws, alarming open government advocates. A Virginia lawmaker introduced a bill to exempt all personal social media records of state lawmakers from disclosure.
New Kansas Gov. Jeff Colyer went the opposite direction in February with an executive order that requires his staff to use official email accounts for all government business. He also banned private accounts for any communications related to “the functions, activities, programs, or operations” of the office.
In neighboring Missouri, Democratic lawmakers introduced a bill that would make clear that personal social media pages and messages sent through digital platforms such as Confide and Signal are public records as long as they relate to official business. The legislation arose because of a controversy involving use of the Confide app by former Gov. Eric Greitens, who resigned in June amid a series of scandals.
“We need to clarify the expectations, because we should not be allowed to conduct state business using invisible ink,” said state Rep. Ingrid Burnett, who said she’s disappointed the bill didn’t advance.
The proposals were captured by a new Associated Press application called SunshineHub, a digital tool that tracks bills related to government transparency in all 50 states. They point to the mushrooming challenge of defining and maintaining government records in the smartphone era.
The issue exploded into public view last year amid reports that several employees in the office of Greitens, then Missouri’s governor, had accounts on Confide. The app makes messages disappear immediately after they are read and doesn’t allow them to be saved, forwarded, printed or captured by screenshot.
The news prompted an inquiry from the state attorney general, an ongoing lawsuit alleging the practice violated the state’s sunshine law and the bill that would declare all such communications relating to government business to be public records.
Greitens and aides have said they used Confide only to discuss logistics such as scheduling matters that were insignificant, “transitory” and therefore not required to be maintained as public records. An inquiry by Attorney General Josh Hawley found no evidence the practice as described was illegal, but investigators didn’t recover the disappeared messages.
Greitens’ explanation for using the app has drawn skepticism from critics, who question why mundane messages would be sent on a platform that promotes “honest, unfiltered confidential conversations” on sensitive topics.
“That’s absurd. Nobody switches out to a secret burner app to do that,” said Missouri attorney Mark Pedroli, who is suing Greitens on behalf of an open government group and using the case to investigate whether the former governor used the app to communicate with donors and political aides.
“One of the motivating factors of this lawsuit is to find out — what could be the worst-case scenario of a governor or elected official using a secretive app like this?”
He said government agencies should move to ban or severely restrict the use of such applications before they become commonplace. He already has obtained during the litigation a training slide that repeatedly instructed members of Greitens’ staff to never send text messages on government cellphones, an apparent suggestion to do such business only on personal phones.
In Kentucky, language added to an unrelated bill in March would have exempted all electronic communications related to public business — including calls, text messages and emails — from the state open records law. Those messages would be exempt from disclosure as long as the phone or computer was paid for with private money and used non-governmental accounts.
Open government advocates protested the legislation, which would have been the first of its kind in the nation. Lawmakers modified it so it would exempt only “communications of a purely personal nature unrelated to any governmental function.” Media and open government advocates called the language unnecessary, saying personal communications already aren’t subject to disclosure.
A similar bill introduced in Arizona to shield all communications created, stored or received on electronic devices paid for with private money died without a hearing.
The measures in Kentucky and Arizona were introduced after the states’ attorneys general issued legal opinions concluding that government agencies were not responsible for managing their employees’ personal phones, and because of that such communications are not subject to open records laws.
Similar concerns arose after Gmail introduced its confidential mode, which allows senders to control who can access, forward, print or copy sensitive data and to set a time for messages to “expire.”
National Freedom of Information Coalition board president Mal Leary recently wrote a letter to Google arguing that those features, which were recently launched as part of a redesign, could promote the illegal destruction of public records. Leary noted that Google’s suite of services is commonly used by state and local governments and urged the company to disable that feature from accounts and emails linked to public agencies.
“Technology that allows the self-destruction of official, electronic public communications is not promoting transparency, and under most state open government laws, is illegal,” Leary wrote.
Google responded that those features are similar to other tools in the marketplace, and that government administrators will be able to choose to disable them on their networks.
The company noted that even after a message in “confidential mode” expires and its content is no longer available, a history of the message remains available in the sent folder and the headers and subject line remain visible in the recipient’s inbox.