Category Archives: Department of Homeland Security

Russia Hacked 4 Voter Registration Systems

Posted on by

Russian Hackers Targeted Nearly Half of States’ Voter Registration Systems, Successfully Infiltrated 4

Think hackers will tip the vote? Read this first….

CSMonitorThe US election system is a massively complex tangle of technology. And some of it is insecure.

It’s rife with internet-based entry points, full of outdated infrastructure, cluttered with proprietary software from a random assortment of vendors, and lacks any standardized security safeguards.

In all, it’s a recipe for disaster. But if a malicious hacker really set out to manipulate the election, how would they actually do it and what could they really accomplish?

The most obvious target seems to be internet-enabled voting, currently used in 32 states. But, these systems aren’t what you think of when you hear “internet-enabled.”

They tend to be systems for distributing ballots that voters print out on paper, sign, and then email or fax back to the state authority for counting.

But emailing and faxing ballots introduces some problems. On a technical level, faxes and the emails used in internet voting aren’t encrypted.

That means states are passing ballots around the open internet. If an attacker is able to compromise any point along the way, they might intercept completed ballots.

Related reading: Hackers have attempted more intrusions into voter databases, FBI director says

So, not only does this system do away with any notion of secrecy, it also ignores any modern understanding of cryptographic security.

I’d much rather see online voting systems with built-in encryption. And that’s not a complex undertaking. Many websites currently use HTTPS, an encrypted protocol, to avoid leaking important things such as credit card numbers and passwords. That’s a good place to start for completed ballots.

Hard targets

But launching a full-scale attack on these systems wouldn’t be easy. First, attackers would need to target online voters (a small minority) who are scattered in various jurisdictions.

Then, once the vulnerable voters are identified, attackers would need to wait for the polling place to transmit those votes. While that kind of attack could work on one person, or a single location, it would be difficult to pull off at any meaningful scale.

Alternatively, an adversary could invent an entirely new population of phantom voters, register them to vote remotely, and stuff the ballot box with fake votes. That’s possible, but highly improbable.

So, what about servers

The easiest way to target servers that collect online ballots is with a distributed denial of service, or DDoS, attack that overwhelms a website with traffic. A totally compromised server could enable attackers to alter or destroy votes in a much sneakier way, and an attack like this could potentially avoid detection until after the election.

But this sort of attack would be pretty obvious to system maintainers, and I suspect polling administrators would quickly switch back to relying on the mail. Remember, online systems aren’t intended for use on Election Day, rather they merely collect absentee ballots.

On the bright side, however, this kind of attack appears possible for only five of the internet-enabled voting states. Only Alabama, Alaska, Arizona, North Dakota, and Missouri have a so-called internet portal.

And none of those states are battleground territories. So, regardless of their security posture, attacking these portals isn’t likely to sway the election. If Florida or Pennsylvania had one of these portals, I’d be more worried.

Voting machines

No electronic voting machine is bulletproof when it comes to cybersecurity. But if an adversary needs to physically visit voting machines in order to fiddle with results, then he or she would need a whole lot of bodies in a whole lot of polling places in order to make an impact.

Don’t get me wrong, attackers could rely on wireless networking or sophisticated antennas. But even with ideal placement and transmission power, bad guys would need to be within sight of a polling place to conduct practical attacks on a Wi-Fi-enabled voting machine.

While remote attacks are possible, it’s not like someone could affect voting from another country. They’d more likely need to be parked outside the polling place. So, although Wi-Fi voting machines are a terrible idea, they don’t appear to be an existential threat to democracy at the time being.

Voter information

Rather than attacking ballot-issuing and ballot-counting systems, attackers have more attractive targets. Voter records, for example, are tempting to cybercriminals since they contain enough personally identifiable information (PII) to kick off identity theft and identity fraud attacks at a much larger scale.

Unfortunately, some of these data sets have already been compromised. Almost 200 million voter records were accidentally leaked late in 2015, and the FBI warned in August that some state voter databases have also suffered breaches.

Altering voter registration records is a big deal since such attacks can affect voter turnout. While that’s not what’s being reported today, such an attack could not only nudge election results one way or another, but also raise serious questions about the integrity of the democratic process.

Even though rare, voter fraud has become a hot political issue. Any attack on voter records could trigger complaints about a rigged election and undermine confidence in the entire system.

Perceptions matter

Alarmingly, hacking elections may not involve the actual compromising of ballots or vote counting at all.

Just imagine that someone decided to take down a couple of voter information websites. Would this technically interfere with the election process? Maybe, if some people were trying to find the address for their polling place.

The obvious effect, though, would be to create the impression that the election is under attack, raising concerns about the credibility of the voting process and casting doubt on the results.

Solutions for securing the vote

Technology may be making elections more convenient and efficient, but that same technology can introduce new risks and it needs to be accounted for.

State election boards or commission should test their systems ahead of Election Day in November. They should even try attacking their own systems to discover what’s possible, and what can help defend their systems.

If you are a voter who is concerned about election hacking, local election officials should be able to tell you how they are dealing with potential cyberthreats. And if you really want to help, volunteer at the polls on Election Day.

Interesting Group Behind the Epic Yahoo Hack

Posted on by

Seems Yahoo could by lying about who actually did the hack and this may be due to the merger between Verizon and Yahoo.

 

The Yahoo hackers weren’t state-sponsored, a security firm says

CSO: Common criminals, not state-sponsored hackers, carried out the massive 2014 data breach that exposed information about millions of Yahoo user accounts, a security firm said Wednesday.

Yahoo has blamed state actors for the attack, but it was actually elite hackers-for-hire who did it, according to InfoArmor, which claims to have some of the stolen information.

The independent security firm found the alleged data as part of its investigation into “Group E,” a team of five professional hackers believed to be from Eastern Europe.

InfoArmor’s claims dispute Yahoo’s contention that a “state-sponsored actor” was behind the data breach, in which information from 500 million user accounts was stolen. Some security experts have been skeptical of Yahoo’s claim and wonder why the company isn’t offering more details.

InfoArmor also claimed that Group E was behind high-profile breaches at LinkedIn, Dropbox and Tumblr. To sell that information, the team has used other hackers, such as Tessa88 and peace_of_mind, to offer the stolen goods on the digital black market.

“The group is really unique,” Komarov said. “They’re responsible for the largest hacks in history, in term of users affected.” More details here.

**** Advice****

You don’t care who has looked at your emails? Really? Consider:

Here’s a simple exercise I invite you to do. Open your email and take a look at everything that you keep on it, both sent and received conversations. Scan all of them, every attachment you ever sent or received, every personal and work conversation, every email draft.

The truth is, we aren’t aware that we are living a big part of our lives through our email inbox.

We keep it all there, in only one place: photos, contracts, invoices, tax forms, reset passwords for every other account, sometimes even passwords or credit card PINs.

And our emails are interconnected to all our other digital accounts, from bank accounts to social networks (LinkedIn, Twitter, Facebook, etc), cloud services (Google Drive, iCloud, Dropbox), online shops (Amazon, for, ex, where you most likely saved your credit card details as well) and so on.

By simply breaching the email, a malicious hacker can easily get access to all those. They know how to do that.  Read More here…you REALLY need to.

From Digital Guardian:

Wrapping your head around the idea of a breach that affects half a billion users is a difficult task, and it’s not one that anyone has had to contemplate until now. Yahoo’s data breach is far and away the largest on record in terms of the number of users involved. The economic effect on the company will take years to calculate, and it may never be fully known, as is often the case with these breaches. Though Yahoo, already on the ropes and in the middle of a sale to Verizon, may see some rather unpleasant effects quite soon.

From the user’s perspective, too, the massive amount of data taken in the compromise – including dates of birth, email addresses, physical addresses, and security questions and answers – could have far-reaching effects. The information is an identity thief’s starter kit, even without bank account or payment card data. Yahoo has pointed the finger at a state-sponsored attacker, as is customary in these incidents.

“Based on the ongoing investigation, Yahoo believes that information associated with at least 500 million user accounts was stolen and the investigation has found no evidence that the state-sponsored actor is currently in Yahoo’s network. Yahoo is working closely with law enforcement on this matter,” the company said in a statement on the compromise.

As gory as they are, the public details of the Yahoo compromise aren’t what’s really interesting or important here. The intriguing part in this case is how long it took Yahoo to uncover and disclose the data breach. In its public statements, the company said it discovered the compromise recently, but the data was stolen in 2014. That fact has drawn the attention of Capitol Hill and a group of senators is asking some very uncomfortable questions of Yahoo CEO Marissa Mayer.

In their letter, Sens. Ed Markey, Patrick Leahy, Elizabeth Warren, Al Franken, Richard Blumenthal and Ron Wyden asked Mayer when and how Yahoo learned of the breach, why the company took so long to uncover it, and whether any government agencies warned Yahoo of an attack by state-sponsored attackers. The lawmakers also said that the data taken from Yahoo could be used easily in other attacks.

“The stolen data included usernames, passwords, email addresses, telephone numbers, dates of birth, and security questions and answers,” the senators said. “This is highly sensitive, personal information that hackers can use not only to access Yahoo customer accounts, but also potentially to gain access to any other account or service that users access with similar login or personal information, including bank information and social media profiles.” Complete summary here.

Presidential Determination Signed to Accept 85,000 Refugees

Posted on by

No wonder the FBI is on a hiring blitz to attempt to vet what is told to be highly vetted and scrutinized refugee applicants.

****

The White House
Office of the Press Secretary
For Immediate Release
September 29, 2015

Presidential Determination — Presidential Determination on Refugee Admissions for Fiscal Year 2016

MEMORANDUM FOR THE SECRETARY OF STATE

SUBJECT:      Presidential Determination on Refugee Admissions for Fiscal Year 2016

In accordance with section 207 of the Immigration and Nationality Act (the “Act”) (8 U.S.C. 1157), and after appropriate consultations with the Congress, I hereby make the following determinations and authorize the following actions:

The admission of up to 85,000 refugees to the United States during Fiscal Year (FY) 2016 is justified by humanitarian concerns or is otherwise in the national interest; provided that this number shall be understood as including persons admitted to the United States during FY 2016 with Federal refugee resettlement assistance under the Amerasian immigrant admissions program, as provided below.

The admissions numbers shall be allocated among refugees of special humanitarian concern to the United States in accordance with the following regional allocations; provided that the number of admissions allocated to the East Asia region shall include persons admitted to the United States during FY 2016 with Federal refugee resettlement assistance under section 584 of the Foreign Operations, Export Financing, and Related Programs Appropriations Act of 1988, as contained in section 101(e) of Public Law 100-202 (Amerasian immigrants and their family members):

Africa . . . . . . . . . . . . . . . . . . . 25,000

East Asia. . . . . . . . . . . . . . . . . . 13,000

Europe and Central Asia . . . . . . . . . . . 4,000

Latin America/Caribbean. . . . . . . . . . .  3,000

Near East/South Asia. . . . . . . . . . . .  34,000

Unallocated Reserve . . . . . . . . . . . .  6,000

The 6,000 unallocated refugee numbers shall be allocated to regional ceilings, as needed.  Upon providing notification to the Judiciary Committees of the Congress, you are hereby authorized to use unallocated admissions in regions where the need for additional admissions arises.

Additionally, upon notification to the Judiciary Committees of the Congress, you are further authorized to transfer unused admissions allocated to a particular region to one or more other regions, if there is a need for greater admissions for the region or regions to which the admissions are being transferred.

Consistent with section 2(b)(2) of the Migration and Refugee Assistance Act of 1962, I hereby determine that assistance to or on behalf of persons applying for admission to the United States as part of the overseas refugee admissions program will contribute to the foreign policy interests of the United States and designate such persons for this purpose. Consistent with section 101(a)(42) of the Act (8 U.S.C. 1101 (a)(42)), and after appropriate consultation with the Congress, I also specify that, for FY 2016, the following persons may, if otherwise qualified, be considered refugees for the purpose of admission to the United States within their countries of nationality or habitual residence:

  1. Persons in Cuba
  2. Persons in Eurasia and the Baltics
  3. Persons in Iraq
  4. Persons in Honduras, Guatemala, and El Salvador
  5. In exceptional circumstances, persons identified by a United States Embassy in any location

You are authorized and directed to publish this determination in the Federal Register.

 

BARACK OBAMA

National Strategy to Win the War Against Islamist Terror

Posted on by

 

Related reading: Foreign Terrorist Organizations, Bureau of Counterterrorism

Chairman McCaul Unveils Counterterrorism Strategy “A National Strategy to Win the War Against Islamist Terror”

Contains 100+ policy ideas and principles for fighting terrorism

WASHINGTON, D.C. – On the heels of Islamist terror attacks in the homeland this past weekend, House Homeland Security Committee Chairman Michael McCaul (R-TX) today unveiled his counterterrorism strategy, entitled A National Strategy to Win the War Against Islamist Terror. Chairman McCaul’s nonpartisan strategy contains over 100 policy ideas, recommendations, and principles for fighting terrorism.

The ideas put forward in the McCaul strategy were developed in consultation with an array of national security experts on both sides of the aisle. They are not “Republican” or “Democrat” ideas, but rather common-sense solutions for better protecting Americans.

Chairman McCaul: “As radical Islamist terror continues to sweep the globe, it has become clear that we are not winning the overall fight against it. There are now more terrorist foot soldiers and safe havens than any time in modern history, and our enemies have alarming momentum. They are reaching deep into the heart of the Western world—including our own communities—to spread their hateful ideology and perpetrate violent acts. Just this weekend we saw again that our homeland remains a terrorist target, and they have attacked our allies in places like Paris, Brussels, Nice, and beyond. Yet in recent years our strategy and policies have failed to roll back the threat, let alone contain it. That is why I’ve produced a new, national counterterrorism strategy aimed at reversing the tide of terror and protecting our great nation. The eyes of the world are now upon us, and American leadership is needed to defeat this evil.  My plan is a guidepost—for Congress and the next president—to do what is needed to win this generational struggle.”

National Strategy Social Media Release_Report

 

Overview of the Strategy

The McCaul strategy contains 100+ policy ideas and principles for fighting terrorism. Some are new, while others are abandoned policies we need to revive in order to protect America and its interests overseas against the surging terror threat.

The document is built around clear objectives: defend the homeland, defeat terrorists, and deny extremists the opportunity to re-emerge. It presents nine counterterrorism priorities, or “means,” needed to achieve the “ends” described above, including:

  1. Thwart attacks and protect our communities
  2. Stop recruitment and radicalization at home
  3. Keep terrorists out of America
  4. Take the fight to the enemy
  5. Combat terrorist travel and cut off financial resources
  6. Deny jihadists access to weapons of mass destruction
  7. Block terrorists from returning to the battlefield
  8. Prevent the emergence of new networks and safe havens
  9. Win the battle of ideas

This counterterrorism strategy is different than those that came before it. President Bush released a strategy for combating terrorism in 2003, and President Obama released one in 2011. Both are now outdated.

  • This strategy is written to keep pace with an evolving enemy. It proposes ways to fight terrorist propaganda online; counter homegrown radicalization; deal with terrorists’ use of encryption; and help communities better protect against IEDs, active shooter plots, and other changing terror tactics.
  • This strategy aims to bring our homeland security policies into the digital age. It proposes to improve the screening of foreign visitors, immigrants, and refugees using new technologies and better intelligence—including social media—to keep terrorists from infiltrating our country.
  • This strategy focuses on breaking the Islamist terror movement—not just defeating one group. Our nation’s last official counterterrorism strategy focused almost exclusively on al Qaeda, leaving us blind to the rise of ISIS. This plan is designed to go after Islamist terrorists, regardless of location or branding.

The bottom line is this: we cannot accept Islamist terror attacks as “the new normal.” We must defeat the perpetrators. The McCaul strategy makes clear that we are facing a long, generational struggle, but we should wage it with the same resolve we showed in defeating other totalitarian ideologies, including communism and fascism.

The full strategy is available, here.

Pentagon on drone threat to nuclear sites, then Hillary

Posted on by

Stripes: MINOT AIR FORCE BASE, North Dakota— Throughout the agricultural fields that dominate North Dakota,150 Minuteman III nuclear intercontinental ballistic missiles are encased in silos in the ground.

Each silo contains one missile, dug into deep holes on private farmlands, three to 10 miles apart. From the air, the silos are hard to detect.

But the positions are in the open, except for an antenna and some fencing, so the sites are often approached by animals or non-threatening drones, said Col. Jason Beers, commander of the 91st Security Forces command at the base.

“There are a lot of [unmanned aerial vehicles] with commercial farming,” he said.

The base hasn’t had a security issue with drones at the silos, though there isn’t a lot they can do if they did, Beers said.

“It’s not restricted airspace,” he said.

The proliferation of drones in the United States and the potential security threat that they pose to the nuclear facilities, nuclear weapons storage areas and military installations has gained the attention of the Pentagon and Congress, a defense official told Stars and Stripes on the condition of anonymity.

“It’s certainly got more attention as it has become more common among our adversaries,” the official said. “Even [the Islamic State group] has played with UAVs.”

The Defense Advanced Research Projects Agency is developing potential defenses against an intruding drone, as are several private companies. The challenge is many of the methods that could be used to defend against a drone – whether shooting it down or disabling it with a laser or electronic or radio interference – could also harm nearby infrastructure or other aircraft.

But the Pentagon will also need the authority to contain or shoot down drones near the silos. Gaining the authorities and creating policy to defend silos against drones is a concern of Gen. Robin Rand, commander of Air Force Global Strike Command.

At the Air Force’s annual convention last week, Rand told reporters the proliferation of drones has the service working on options to best to protect the missile silos, bombers and weapons storage facilities under his care.

“I will tell you there have been recent examples of extended [UAVs] over some areas that we don’t particularly like them to be on — I’m not comfortable with that,” he said.

But the policy to deal with it has to come from multiple agencies that have jurisdiction, including the Federal Aviation Administration, the Department of Homeland Security, the Department of Defense and others, Rand said.

“It’s not just something where I can tell the guys to go out and take a shotgun and point it up and shoot down something flying over,” he said. “We as a nation need to deal with this potential emerging threat.”

Rep. Mike Rogers, R-Alabama, introduced legislation in this year’s National Defense Authorization Act to require the Department of Defense and the Department of Energy, which is responsible for securing the nation’s nuclear material and weapons and energy programs, to get started on a solution.

“Some of my colleagues and I have been tracking how these systems could pose a threat to national security. [UAV] incursions and unauthorized overflights of critical defense facilities continue to increase — and, unfortunately, the laws and regulations governing these things haven’t kept up,” Rogers said.

The bill passed the House, but is still being negotiated in the Senate.

“We have to face the fact that yes, the possibility exists” that a UAV could be used to attack a U.S. nuclear facility, Rand said. “We need to be able to deal with it.”

****

Then there is Hillary:

Clinton Privately Opposed Major U.S. Nuclear Upgrade

Dem nominee breaks with key Obama defense policy in previously unreleased recording

FreeBeacon: Hillary Clinton privately told supporters this year that she would likely scrap a major upgrade to the United States’ nuclear weapons program, according to leaked audio of her remarks.

At a private event in McLean, Va., in February, Clinton revealed that she would likely cancel plans to upgrade the nation’s cruise missile arsenal. “I certainly would be inclined to do that,” she told a questioner who asked about rolling back the Long Range Stand-Off (LRSO) missile program.

Audio of Clinton’s comments at a gathering of major campaign supporters in February were revealed by hackers who breached the email account of a campaign staffer. One email released by the hackers contained a recording of Clinton’s remarks and a subsequent question-and-answer session.

The LRSO question came from Andy Weber, a former assistant secretary of defense who oversaw the Pentagon’s nuclear weapons programs. He and William Perry, who served as secretary of defense under President Bill Clinton, called for the cancellation of the LRSO program last year.

“Will you cancel this program if President Obama doesn’t in the next 11 months and lead the world in a ban on this particularly destabilizing, dangerous type of nuclear weapon?” Weber asked at around 39:00 in the recording.

Clinton said she would be “inclined” to do so. “The last thing we need are sophisticated cruise missiles that are nuclear armed,” she said.

Her campaign did not respond when asked if her position has changed since then.

Canceling the LRSO program would be a major break from Obama administration policy, which has placed significant emphasis on the missile as a key component of its wide-ranging efforts to modernize the U.S. nuclear arsenal.

About 1,000 LRSO missiles are scheduled to replace the Air Force’s Air-Launched Cruise Missiles (ALCMs) by 2030. The ALCM program has formed a key component of U.S. nuclear deterrence policy since the early 1980s.

The Air Force released long-awaited requests for proposals from defense contractors in July. It estimated that the government will pay $17 billion for a new arsenal of LRSO missiles, though critics have pegged the cost at as much as $30 billion.

Emails released by the State Department in response to Freedom of Information Act requests show that Clinton was briefed on aspects of the LRSO debate while serving as secretary of state.

After a November 2010 meeting between high-level Pentagon officials and former Sen. Jon Kyl (R., Ariz.), then the Senate’s third-ranking Republican, the State Department’s top legislative affairs official informed Clinton and top aides Cheryl Mills and Huma Abedin that the administration was “committed to LRSO.”

Clinton has appeared unfamiliar with details of the Obama administration’s plans for nuclear weapons modernization in statements since then. Clinton avoided a straight answer when asked about those plans at a campaign event in January, but expressed skepticism.

“Do you oppose plans to spend a trillion dollars on an entire new generation of nuclear weapons systems that will enrich the military contractors and set off a new global arms race?” she was asked.

Clinton responded, “Yeah I’ve heard about that. I’m going to look into that. That doesn’t make sense to me.”

Former Air Force launch officer John Noonan disagreed with Clinton’s opposition to the LRSO program and other aspects of the Obama administration’s nuclear modernization efforts. But he is skeptical that Clinton will actually follow through on that opposition.

“There’s been tremendous advancements in Russian and Chinese cruise missiles, coupled with an atrophy in American capability,” noted Noonan, a former Jeb Bush campaign aide critical of both Clinton and Republican presidential nominee Donald Trump.

“The Obama Administration, to their credit, has acknowledged this and have budgeted for the LRSO,” he said. “A President Clinton’s Pentagon will be faced with the same tough reality.”

As for Clinton’s remarks to Weber in February, Noonan guessed that she was “just petting a donor on the head and telling him he’s pretty.”