1.8 Million Exchange Students Part of Security Investigation Review

Primer: Chinese spies target US intellectual property (important due to universities relationships with government operations) Further is 2015, U.S. diplomats previously warned China to stop using covert law enforcement agents on U.S. soil. CNN reported that the agents pressure Chinese citizens to return to the country to face justice, often on corruption charges, United States officials confirmed to CNN. The agents have successfully coerced several Chinese nationals to return to China from the U.S., they said.

So, between India and China we have more than a million foreign nationals at the student level. Are they really students? This is a number too, where American students are eliminated from college acceptance due to favorable foreign student policy.

The Student and Exchange Visitor Program (SEVP) is a part of the National Security Investigations Division and acts as a bridge for government organizations that have an interest in information on nonimmigrants whose primary reason for coming to the United States is to be students.

On behalf of the Department of Homeland Security (DHS), SEVP manages schools, nonimmigrant students in the F and M visa classifications and their dependents. The Department of State (DoS) manages Exchange Visitor Programs, nonimmigrant exchange visitors in the J visa classification and their dependents. Both SEVP and DoS use the Student and Exchange Visitor Information System (SEVIS) to track and monitor schools; exchange visitor programs; and F, M and J nonimmigrants while they visit the United States and participate in the U.S. education system.

WASHINGTON — There are 1.18 million international students with F (academic) or M (vocational) status studying at 8,774 schools in the United States according to the latest “SEVIS by the Numbers.” The biannual report on international student data, which includes a new section on regional data trends, is prepared by the Student and Exchange Visitor Program (SEVP), part of U.S. Immigration and Customs Enforcement’s (ICE) Homeland Security Investigations (HSI).

The report, released Thursday by SEVP, highlights May 2017 data from the Student and Exchange Visitor Information System (SEVIS), a web-based system that includes information about international students, exchange visitors and their dependents while they are in the United States.

Based on data extracted from SEVIS May 5, the international student population increased 2 percent compared to May 2016, with 76 percent of students enrolled in higher education programs of study.

Seventy-seven percent of international students hailed from Asia. Among continents, South America had the largest percentage increase (6.5 percent) in international students studying in the United States when compared to May 2016.  

China and India continue to send the largest number of students to study in the United States, at 362,368 students and 206,698 students, respectively. And even with a 19 percent decline – the steepest percentage decline among the top 10 Asian countries – Saudi Arabia still had 55,806 students studying in the United States in May 2017, ranking fourth among Asian countries. With an 18 percent increase, Nepal saw the largest proportional growth in students coming to the United States.

Nearly 514,000 international students pursued science, technology engineering or mathematics (STEM) degrees in May 2017, marking an 8 percent increase from May 2016. Thirty-nine percent of those students pursued engineering degrees. India not only had the largest number of STEM students, but also the largest proportional STEM student population; 84 percent of Indian students in the United States studied STEM.

In May 2017, 10 U.S. universities certified to enroll only F international students accounted for 10 percent of the entire international student population. New York University (15,386 students), the University of Southern California (13,365 students) and Northeastern University (12,372 students) – all certified to enroll F students – had the highest international student enrollment numbers among U.S. schools.

Nine percent of schools can enroll both F and M international students. The top three schools in this category included: Cornell University (5,716 students), the Houston Community College System (4,768 students) and Santa Monica College (3,554 students).

The international student population in the Northeast increased 4 percent when compared to May 2016, marking the highest proportional growth of the four U.S. regions. Rhode Island was the only state in the region to experience a dip in the number of international students compared to the previous year, while New York and Massachusetts added the largest number of international students during that same period, 4,490 students and 2,770 students, respectively. New Jersey saw an increase of 10 percent in international students pursuing bachelor’s degrees.

In the South, the international student population grew 3 percent since May 2016. Florida, Georgia and Texas all saw significant increases in the number of international students studying in those states.  While Louisiana, Tennessee and Oklahoma saw decreases in the number of international students studying there..

Arkansas, Kentucky and Maryland all saw major growth in international students taking part in their higher education system. Maryland saw a 10 percent increase in the number of students earning a bachelor’s degree. However, the southern region saw the largest growth at the graduate degree level. The number of international students pursuing master’s degrees increased 25 percent in Arkansas and 35 percent in Kentucky.

The Midwest saw minimal growth of 1 percent. Illinois added 1,331 students to its international student population, marking the largest increase in the region, while Nebraska experienced the largest proportional growth of 7 percent. Missouri experienced the largest decrease in international students, both in terms of student numbers and proportional decline, 763 students and 3 percent, respectively.

In the western part of the United States, international student enrollment stayed relatively static in California, other than an 8 percent increase in the number of students earning bachelor’s degrees. Idaho saw a 14 percent drop in the total number of international students studying in the state, with a 16 percent decrease in the number of students earning a bachelor’s degree. But, Nevada’s international student population grew by 5 percent, marking the largest proportional growth in the region.

The full “SEVIS by the Numbers” report can be viewed here. Report data was extracted from SEVIS May 5. The report captures a point-in-time snapshot of data related to international students studying in the United States. Data for the previous “SEVIS by the Numbers” report was extracted from SEVIS in November 2016.

Individuals can explore more international student data from current and previous “SEVIS by the Numbers” reports by visiting the Study in the States interactive mapping tool. This information is accessible at the continent, region and country level and includes information on gender and education levels, as well as international student populations by state, broken down by geographical areas across the globe.

SEVP monitors the more than one million international students pursuing academic or vocational studies (F and M visa holders) in the United States and their dependents. It also certifies the schools and programs that enroll these students. The U.S. Department of State monitors exchange visitors (J visa holders) and their dependents, and oversees exchange visitor programs.

Both SEVP and the Department of State use SEVIS to protect national security by ensuring that students, visitors and schools comply with U.S. laws. SEVP also collects and shares SEVIS information with government partners, including U.S. Customs and Border Protection and U.S. Citizenship and Immigration Services, so only legitimate international students and exchange visitors gain entry into the United States.

HSI reviews SEVIS records for potential violations and refers cases with possible national security risks or public safety concerns to its field offices for further investigation. Additionally, SEVP’s Analysis and Operations Center reviews student and school records for administrative compliance with federal regulations related to studying in the United States.

 

Investigating the Other Collusion Case

Seems it at least began in 2015, long before Donald Trump was campaigning for the Oval Office.

Also, as an aside, John Podesta is testifying before the House Intelligence Committee next week. He too has financial ties to Moscow operations.

The Vnesheconombank is Russian owned and has been under a sanctions architecture due to the annexing of Crimea. In Russia, by law, the bank’s board chairman is the Prime Minister of Russia. Vladimir Putin increased leading when he became the bank’s chairman in 2008. Now precisely why is Russia investing at all in the United States in the first place? Well soft power and doing business with the Export Import Bank, an agency that is corrupt to the core. Further, Sergei Gorkov is head of the bank and is is/was a Russian spy.

Image result for Vnesheconombank  ABC

BusinessInsider:The U.S. Treasury has added a bunch of entities to its Russia sanctions list, including a sovereign wealth fund that used to be connected to some pretty high-profile U.S. billionaires.

The Treasury’s Office of Foreign Assistance Control on Thursday added The Russian Direct Investment Fund to the list, along with a number of entities linked to RDIF parent Vnesheconombank and energy giant Rosneft.

Vnesheconombank was first sanctioned last year, but RDIF hadn’t been explicitly targeted until the announcement on Thursday.

Private equity moguls Steve Schwarzman of Blackstone, David Bonderman of TPG, and Leon Black of Apollo Global Management all served as board members for RDIF when it was established in 2011, according to a press release at the time.

At some point, those names were removed from the RDIF website.

The Wall Street Journal first reported that the investors’ names had disappeared from the site in September 2014, but said that they still served on the board at that time. There are currently no names listed on the international advisory board on RDIF’s website.

Back in 2011, each board member issued statements about joining the board. Here are some highlights:

“We believe there are many attractive investment opportunities in Russia — the RDIF will provide the strong and experienced local partnership needed for investors to realize those opportunities.” — David Bonderman

“Russia has strong fundamentals that will continue to fuel its growth trajectory and offer attractive investment opportunities. We believe the Russia Direct Investment Fund will help further align U.S. and Russian objectives in terms of identifying paths toward partnership in the private sector.” — Leon Black

“It’s always good to have friends when you are going to a place that you are not as familiar with.”  — Stephen Schwarzman

Bonderman has spoken publicly about investing in the country in recent months, telling an audience at the Milken Global Conference this year that the Russian market remains attractive, according to a report by CNN Money.

He is quoted as saying: “Sanctions are perfectly set up not to work at all but to make a political statement.”

Spokespeople for Blackstone and TPG declined to comment. Apollo could not be reached for comment.

A spokesperson for the Russian Direct Investment Fund said: “For Vnesheconombank subsidiaries the new clarification by the US Department of the Treasury is essentially a technical repetition of sanctions imposed a year ago, which targeted a number of Russian companies including Vnesheconombank and its subsidiaries.

“Given the nature of the Fund’s activity, RDIF has never attracted financing in the USA, it invests its own funds. Since the introduction of sanctions last year RDIF has continued to invest into the Russian economy and build new international partnerships.”

So what you ask?

Image result for sergei gorkov Sergei Gorkov

Well due to sanctions, those on the Trump campaign team, transition team and now in the White House may have violated sanctions. If so, the reason would be why, to what end and how many may be involved? It should also be added that many Republicans have ties to Russians and oligarchs, not all is as it seems. We can only hope, while not knowing details, the Senate is also investigating Hillary Clinton in much the same condition. Yet as Secretary of State, Hillary and Obama had the ability to sign waivers to finesse sanctions. This was likely the case between Hillary and the Kremlin regarding Skolkovo.

Remember, don’t shoot the messenger. Furthermore, it seems some on the Senate committee are leaking too.

Senate investigators are examining the activities of a little-known $10-billion Russian investment fund whose chief executive met with a member of President Donald Trump’s transition team four days before Trump’s inauguration, a congressional source told CNN.

The source said the Senate intelligence committee is investigating the Russian fund in connection with its examination of discussions between White House adviser Jared Kushner and the head of a prominent Russian bank. The bank, Vnesheconombank, or VEB, oversees the fund, which has ties to several Trump advisers. Both the bank and the fund have been covered since 2014 by sanctions restricting U.S. business dealings.
Separately, Steve Mnuchin, now Treasury Secretary, said in a January letter that he would look into the Jan. 16 meeting between the fund’s chief executive and Anthony Scaramucci, a member of the transition team’s executive committee and a fundraiser and adviser for Trump’s presidential campaign. At the time, Mnuchin had not yet been confirmed as Treasury Secretary. The Treasury Department did not respond to a request for an update.
Two Democratic senators had asked Treasury to investigate whether Scaramucci promised to lift sanctions — a policy shift that would help the fund attract more international investment to Russia.
The questions draw attention to the Russian Direct Investment Fund, a government investment arm that has helped top U.S. private-equity firms invest in Russia and that was advised by Stephen Schwarzman, who is now chairman of Trump’s Strategic and Policy Forum, an advisory group of business leaders.
Schwarzman, chief executive officer of Blackstone Group, was named in 2011 to the fund’s International Advisory Board along with other leaders of major equity companies and sovereigh-wealth funds who reviewed the fund’s operations, plans and potential investments. Schwarzman declined to comment. A source close to him said Schwarzman has not spoken to anyone on the fund “for some time.”
The fund also worked with Goldman Sachs, whose former president Gary Cohn is Trump’s chief economic adviser and where Kirill Dmitriev, the fund’s chief executive, worked as an investment banker in the 1990s. Goldman was part of a consortium created in 2012 to invest in large Russian businesses preparing to go public, and was hired in 2013 to burnish Russia’s investment image. The company declined to comment.

‘I would reach out to people to help him”

Senate and House investigators are looking into various Russian entities to determine whether anyone connected to the Trump campaign helped Russians as they meddled in the 2016 presidential election, and whether Trump associates discussed sanctions with Russian officials.
The congressional inquiries, along with a criminal investigation by special counsel Robert S. Mueller, have shadowed the Trump administration. Trump has denied any connection to Russia’s election-meddling, calling the criminal probe “a witch hunt.”
Scaramucci, the founder of SkyBridge Capital, minimized his January meeting with Dmitriev in the resort town of Davos, Switzerland, at the celebrated annual gathering of the World Economic Forum. Scaramucci had met Dmitriev at previous Davos meetings, although at the gathering in January, Scaramucci was expecting to be named White House liaison to the business community.
Dmitriev “came over to say hello in a restaurant, and I was cordial,” Scaramucci said in a recent email to CNN. “There is nothing there.”
The day after the meeting, Scaramucci told Bloomberg TV that he had “as a private citizen” been working with Dmitriev on bringing a delegation of executives to Russia.
“What I said to him last night, in my capacity inside the administration, I would certainly reach out to some people to help him,” Scaramucci said before describing a thicket of ethical clearances he would face. “The idea was many months ago to have more outreach with Russia but also other countries, not just Russia. China, other countries.”
Scaramucci’s comments alarmed Democratic Senators Elizabeth Warren of Massachusetts and Ben Cardin of Maryland, who asked Mnuchin investigate whether Scaramucci sought to “facilitate prohibited transactions” or promised to waive or lift sanctions against Russia.
In a reply Jan. 30, before he was sworn in, Mnuchin said he would “ensure the appropriate Department components assess whether further investigation of this matter is warranted.”
A spokeswoman for the Russian fund said the two men did not discuss sanctions, and that the discussion itself did not violate sanctions that U.S. imposed in 2014 after Russia annexed part of neighboring Ukraine. The spokeswoman declined to describe the conversation, saying, “We do not comment on private meetings.”

An advocate for lifting sanctions

Since Trump’s election, Dmitriev has been one of Russia’s most vocal officials in calling for an end to U.S. sanctions and arguing that joint U.S.-Russia projects can create jobs in the United States.
The fund hired two U.S. lobbying firms in September 2014, after sanctions were imposed, paying them a combined $150,000 over two months for public relations work. The fund has not hired any lobbyists since then.
With a history of helping U.S. manufacturers and asset management companies invest in Russia, the fund is a logical starting point for Russia’s push to lift U.S. sanctions, former State Department chief economist Rodney Ludema said.
“If you’re going to get your nose under the tent, that’s a good place to start,” said Ludema, a Georgetown University economics professor. “I’m sure their objective is to get rid of all the sanctions against the financial institutions. But RDIF is one [sanctioned organizations] where a number of prominent U.S. investors have been involved.”
Scaramucci also questioned U.S. sanctions while he was in Davos and echoed Trump’s statements about improving relations with Russia.
Two weeks after the meeting between Scaramucci and Dmitriev, when President Trump spoke by phone to Russian President Vladimir Putin, the fund announced it would open an office in New York in May.
No New York office has been opened but the fund “still expects to open a representative office in the US this year,” the spokeswoman said.

 

 

Cyber Spy Weapons Software Used Against Activists and Journalists

Mexico ranks 9th in journalists deaths. Find the list here by country.

Related reading: iPhone security flaw discovered, used by cyber weapons dealer

 Geek.com

Mexican Government was spying on Journalists and Activists with Pegasus Surveillance software

Journalists and activists in Mexico accused the government of spying on them with the powerful surveillance software Pegasus developed by the NSO Group.

Journalists and activists in Mexico accused the government of spying on them with a powerful surveillance software. According to the journalists, the authorities used an Israeli spyware to hack their mobile devices. The surveillance software is the questionable Pegasus that is developed by the Israeli surveillance NSO Group and sold exclusively to the governments and law enforcement agencies.

NSO Group is owned by US private equity firm Francisco Partners Management. it made the headlines after the investigation conducted by The New York Times.

People familiar with the NSO Group confirmed that the company has an internal ethics committee that monitors the sales and potential customers verifying that the software will not be abused to violate human rights.

Officially the sale of surveillance software is limited to authorized governments to support investigation of agencies on criminal organizations and terrorist groups.

Unfortunately, its software is known to have been abused to spy on journalists and human rights activists.

“There’s no check on this,” said Bill Marczak, a senior fellow at the Citizen Lab at the University of Toronto’s Munk School of Global Affairs. “Once NSO’s systems are sold, governments can essentially use them however they want. NSO can say they’re trying to make the world a safer place, but they are also making the world a more surveilled place.”

The discovery is the result of an investigation conducted by Mexican NGOs and the CitizenLab organization.

R3D, SocialTic, Article 19 and CitizenLab published a report that details the surveillance illegally operated by the Mexican government through the spyware.

Authorities have been sending malicious links to individuals’ phones, in order to trick victims into opening the messages they were specifically crafted and in some cases, the attack involved also family members if the victims were not compromised.

“The targets received SMS messages that included links to NSO exploits paired with troubling personal and sexual taunts, messages impersonating official communications by the Embassy of the United States in Mexico, fake AMBER Alerts, warnings of kidnappings, and other threats.” states the report. “The operation also included more mundane tactics, such as messages sending fake bills for phone services and sex-lines. Some targets only received a handful of texts, while others were barraged with dozens of messages over more than one and a half years. A majority of the infection attempts, however, took place during two periods: August 2015 and April-July 2016″.

Mexican Govenment surveillance

The Pegasus spyware leverages zero-day exploits to compromise both iOS and Android devices.

The government targeted individuals that exposed evidence on government corruption and activists who revealed human rights violations by the Mexican Government.

The researchers observed at least two periods of intense targeting:

  • Period 1 (August 2015) when the Mexican President was officially exonerated for his role in the “Casa Blanca” scandal on which Carmen Aristegui, a well-known reporter, had first reported, and Carlos Loret de Mola was questioning the government’s role in extrajudicial killings. Aristegui revealed that President Enrique Pena Nieto’s wife had bought a $7 million Mexico City mansion from a government contractor.
  • Period 2 (April- July 2016) when revelations of government involvement in human rights abuses and extra-judicial killings were made public.

Mexican Government spyware

According to the New York Times report, at least three Mexican federal agencies have purchased some $80 million of spyware from NSO Group since 2011.

Companies like the NSO Group operate in the dark, in a sort of “legal gray area,” despite the Israeli government exercises strict control of the export of such kind of software, surveillance applications could be abused by threat actors and authoritarian regimes worldwide.

Let me close with Key Findings of the report

  • Over 76 messages with links to NSO Group’s exploit framework were sent to Mexican journalists, lawyers, and a minor child (NSO Group is a self-described “cyber warfare” company that sells government-exclusive spyware).
  • The targets were working on a range of issues that include investigations of corruption by the Mexican President, and the participation of Mexico’s Federal authorities in human rights abuses.
  • Some of the messages impersonated the Embassy of the United States of America to Mexico, others masqueraded as emergency AMBER Alerts about abducted children.
  • At least one target, the minor child of a target, was sent infection attempts, including a communication impersonating the United States Government, while physically located in the United States.

***

Then comes former National Security Council advisor for President Trump Michael Flynn.

Cyberweapons Group Sold Spyware Used Against Political Dissidents

He earned nearly $1.5 million last year as a consultant, adviser, board member, or speaker for more than three dozen companies and individuals, according to financial disclosure forms released earlier this year.

Two of those entities are directly linked to NSO Group, a secretive Israeli cyberweapons dealer founded by Omri Lavie and Shalev Hulio, who are rumored to have served in Unit 8200, the Israeli equivalent of the National Security Agency.

Flynn received $40,280 last year as an advisory board member for OSY Technologies, an NSO Group offshoot based in Luxembourg, a favorite tax haven for major corporations. OSY Technologies is part of a corporate structure that runs from Israel, where NSO Group is located, through Luxembourg, the Cayman Islands, the British Virgin Islands, and the U.S.

Flynn also worked as a consultant last year for Francisco Partners, a U.S.-based private equity firm that owns NSO Group, but he did not disclose how much he was paid. At least two Francisco Partners executives have sat on OSY’s board.

Flynn’s financial disclosure forms do not specify the work he did for companies linked to NSO Group, and his lawyer did not respond to requests for comment. Former colleagues at Flynn’s consulting firm declined to discuss Flynn’s work with NSO Group. Executives at Francisco Partners who also sit on the OSY Technologies board did not respond to emails. Lavie, the NSO Group co-founder, told HuffPost he is “not interested in speaking to the press” and referred questions to a spokesman, who did not respond to queries.

Many government and military officials have moved through the revolving door between government agencies and private cybersecurity companies. The major players in the cybersecurity contracting world ― SAIC, Booz Allen Hamilton, CACI Federal and KeyW Corporation ― all have former top government officials in leadership roles or on their boards, or have former top executives working in government.

But it’s less common for former U.S. intelligence officials to work with foreign cybersecurity outfits. “There is a lot of opportunity in the U.S. to do this kind of work,” said Ben Johnson, a former NSA employee and the co-founder of Obsidian Security. “It’s a little bit unexpected going overseas, especially when you combine that with the fact that they’re doing things that might end up in hands of enemies of the U.S. government. It does seem questionable.”

What is clear is that during the time Flynn was working for NSO’s Luxembourg affiliate, one of the company’s main products — a spy software sold exclusively to governments and marketed as a tool for law enforcement officials to monitor suspected criminals and terrorists — was being used to surveil political dissidents, reporters, activists, and government officials. The software, called Pegasus, allowed users to remotely break into a target’s cellular phone if the target responded to a text message.

Last year, several people targeted by the spyware contacted Citizen Lab, a cybersecurity research team based out of the University of Toronto. With the help of experts at the computer security firm Lookout, Citizen Lab researchers were able to trace the spyware hidden in the texts back to NSO Group spyware. After Citizen Lab publicized its findings, Apple introduced patches to fix the vulnerability. It is not known how many activists in other countries were targeted and failed to report it to experts.

NSO Group told Forbes in a statement last year that it complies with strict export control laws and only sells to authorized government agencies. “The company does NOT operate any of its systems; it is strictly a technology company,” NSO Group told Forbes.

But once a sale is complete, foreign governments are free to do what they like with the technology. Read more here.

2016 Internet Crime Report

IC3 Releases Annual Report Highlighting Trends in Internet Crime

Giving someone access to your computer is like giving out a key to your front door. A computer can have your bank account information, family photos, and other private documents and data—information that fraudsters would like to steal. That’s why tech support fraud has become a significant trend in online crime, according to the 2016 Internet Crime Report from the FBI’s Internet Crime Complaint Center (IC3).

In tech support fraud cases, criminals convince unsuspecting victims to provide remote access to their computer by calling and posing as tech support personnel from a legitimate company. The criminal can then simply charge your credit card for a fake anti-virus product, or, in more sinister situations, they can steal your personal information or install malware. More than 10,000 incidents of tech support fraud were reported to the IC3 in 2016, with victims losing nearly $8 million. Though anyone can be a victim, older computer users are the most vulnerable targets.

“They’ll trick you into letting them into your computer,” said IC3 Unit Chief Donna Gregory. “You open the door and allow them in. You may think you’re just watching them install a program to get rid of a virus, but they are really doing a lot of damage behind the scenes.”

In addition to tech support fraud, the other major fraud categories last year were business e-mail compromise, ransomware, and extortion.

The IC3 receives complaints on a variety of Internet scams and crimes, and it has received more than 3.7 million complaints since it was created in 2000. In 2016, the IC3 received a total of 298,728 complaints with reported losses in excess of $1.3 billion. The IC3 uses the information from public complaints to refer cases to the appropriate law enforcement agencies and identify trends. The IC3’s extensive database is also available to law enforcement. Internet users should report any Internet fraud to IC3, no matter the dollar amount. Additional data helps the FBI and law enforcement gain a more accurate picture of Internet crime.

The IC3 publishes the Internet Crime Report annually to increase public awareness of current trends in Internet crime. For this report, the IC3 has also created a separate state-by-state breakdown that allows users to select their state from a dropdown menu so they can review local trends in Internet crime. The top states for reported dollar amounts lost to Internet fraud in 2016 were California ($255 million), New York ($106 million), and Florida ($89 million).

Though Internet crime is a serious threat, there are ways to help keep yourself safe online. The IC3 recommends computer users update their anti-virus software and operating system. Additionally, the Internet is an especially important place to remember the old adage: If it sounds too good to be true, it probably is.

“Be aware of what you are clicking on and also what you’re posting on social media. Always lock down your social media accounts as much as possible,” Gregory said. “Try to use two factor authentication, and use safe passwords or things more difficult to guess. The tougher the password, the harder it is for someone to crack.”

Should Voting Systems be Classified as Critical Infrastructure?

While members of all political party voters seem to diss the notion that Russia intruded on voting systems in 2016, the proof is there. If you watched former DHS Secretary Jeh Johnson during his congressional testimony, it was not so much his responses but more about what members of congress know, to pose questions to Johnson.

Image result for u.s. voting systems

J. Alex Halderman, a professor of computer science and engineering at the University of Michigan, contended U.S. election equipment is “vulnerable to sabotage” that “could change votes.”

“We’ve found ways for hackers to sabotage machines and steal votes. These capabilities are certainly within reach for America’s enemies,” Halderman told senators.

He said he and his team spent 10 years researching cyber vulnerabilities of election equipment. The professor said:

Some say that the fact that voting machines aren’t directly connected to the internet makes them secure. But, unfortunately, this is not true. Voting machines are not as distant from the internet as they may seem. Before every election, they need to be programmed with races and candidates. That programming is created on a desktop computer, then transferred to voting machines. If Russia infiltrated these election management computers, it could have spread a vote-stealing attack to a vast number of machines. I don’t know how far Russia got or whether they managed to interfere with equipment on Election Day. More here from Daily Signal.

Okay…still a non-believer? Let’s see what the States experiences.

Image result for voter registration database

Click here for additional video and interactive map of states using paper ballot backup systems.

Elections officials outgunned in Russia’s cyberwar against America

WASHINGTON/Charlotte Observer

Local officials consistently play down suspicions about the long lines at polling places on Election Day 2016 that led some discouraged voters in heavily Democratic Durham County, N.C., to leave without casting a ballot.

Minor glitches in the way new electronic poll books were put to use had simply gummed things up, according to local elections officials there. Elections Board Chairman William Brian Jr. assured Durham residents that “an extensive investigation” showed there was nothing to worry about with the county’s new registration software.

He was wrong.

What Brian and other election officials across eight states didn’t know until the leak of a classified intelligence is that Russian operatives hacked into the Florida headquarters of VR Systems, Inc., the vendor that sold them digital products to manage voter registrations.

A week before the election, the hackers sent emails using a VR Systems address to 122 state and local election officials across the country, inviting them to open an attachment wired with malicious software that spoofed “legitimate elections-related services,” the report said. The malware was designed to retrieve enough additional information to set the stage for serious mischief, said the National Security Agency report disclosed by the Intercept, an investigative web site.

That wasn’t the only type of attack.

The new revelations about the Kremlin’s broad and sophisticated cyber offensive targeting Democrat Hillary Clinton and aimed at seating Donald Trump in the Oval Office have set off a wave of worry about the security of the nation’s voting systems. State election officials, facing questions as to whether they ignored oddities or red flags, have responded by accusing intelligence agencies of failing to alert them of the risks.

The truth is a hodge-podge of electronic machinery that enables Americans to exercise their most sacred democratic right is weakly guarded by state and local agencies. Those officials are quick to assure the voting public that their systems are secure, but they lack the resources and technical know-how to defend against cyber intrusions, or even to perform forensic examinations to ensure nothing happened.

Election officials in Illinois, another state that VR Systems lists as a customer, did not find out they were hacked by Russian operatives late last June until a week or two later. By then, the Russian operatives had downloaded about 90,000 voter registration records, leading to an investigation by the FBI and the U.S. Department of Homeland Security, said Ken Menzel, general counsel of the Illinois Board of Elections. Menzel confirmed a Bloomberg report that the Russians appeared to have made unsuccessful attempts to alter or delete some records.

In Georgia, where a nationally watched congressional runoff race is scheduled for Tuesday, Politico magazine reported that a U.S. hacker from a national laboratory seeking to expose vulnerabilities in election systems was able to easily download millions of voter records from Kennesaw State University’s Center for Election Systems, which manages them. Election watchdog groups say subsequent warnings to the state about a hole in their system went unheeded for months.

David Jefferson, a computer scientist at the Lawrence Livermore National Laboratory in California who has acted in his personal capacity in trying to safeguard election integrity, said he believes it is “absolutely possible” that the Russians affected last year’s election.

“And we have done almost nothing to seriously examine that,” he said.

“The Russians really were engaged in a pattern of attacks against the machinery of the election, and not merely a pattern of propaganda or information warfare and selective leaking,” said Alex Halderman, a University of Michigan computer science professor. “The question is, how far did they get in that pattern of attacks, and were they successful?” Election officials across the country may not even know if they’ve been attacked, computer scientists say, pointing to the scenario that played out in Durham County.

EASY PREY

State and local voting systems appear to be easy prey for sophisticated hackers.

Five states use electronic voting machines with no paper backups, precluding audits that might verify the accuracy of their vote counts. They include Georgia, scene of Tuesday’s 6th District runoff election, Delaware, Louisiana, New Jersey and South Carolina. Parts of another nine states also are paperless, including the crucial swing state of Pennsylvania.

Although Congress has discouraged use of internet voting because of the potential for hackers to tamper with ballots, some 32 states allow military and overseas voters to transmit ballots online or via insecure fax machines. Alaska, Washington state and Hawaii have been the most permissive.

“If we don’t fix our badly broken system before the next major presidential election, we’re going to be hacked into,” said Barbara Simons, author of “Broken Ballots,” a 2012 book about election security published by Stanford University. “It might not just be Russia. It might be North Korea, China, Iran or partisans.”

While the Netherlands opted to shift to paper ballots when alerted the Russians were trying to swing its election outcome to the right, U.S. election officials have stood pat.

But former FBI Director James Comey, in widely watched testimony to the Senate Intelligence Committee on June 8, said “there should be no fuzz” about Russia’s barrage of millions of social media messages spreading falsehoods about Clinton.

“The Russians interfered in our election during the 2016 cycle,” he said. “They did it with purpose. They did it with sophistication. They did it with overwhelming technical efforts … And it is very, very serious.”

America’s saving grace could be its decentralized system in which cities, counties and states have used federal grants to procure a wide variety of voting equipment, limiting the potential impact of a single attack.

But that doesn’t mean targeted attacks couldn’t tip the outcome of closely divided races, even for the presidency.

CRITICAL INFRASTRUCTURE

On Jan. 6, American intelligence agencies issued a declassified report accusing Russia of the cyber attack ultimately aimed at helping Trump, calling it the Kremlin’s “boldest” operation ever aimed at influencing the United States. In a brief notation, the report said that, while the Russians targeted state and local voting systems, they did not attempt to corrupt vote-tallying equipment.

On the same day the report was released, in one of his last acts as U.S. secretary of Homeland Security, Jeh Johnson proclaimed the nation’s election systems to be “Critical Infrastructure,” a designation that not only makes their security a higher priority, but improves the climate for federal-state cooperation. Because state and local officials exert total control over their operations, the agency only can investigate a vulnerability or possible breach if asked to do so – an obstacle the new designation didn’t change.

A senior Homeland Security official, in an interview with McClatchy, batted down as wildly exaggerated a Bloomberg report stating that Russian cyber operatives had made “hits” on voting systems in 39 states. Every web site is constantly scanned by “bad actors,” just as burglars might case homes in a neighborhood. That doesn’t equate to hacking, said the official, who spoke on condition of anonymity because of the sensitivity of the matter.

“The ability to manipulate the vote tally, that’s quite complicated,” the Homeland Security official said. “We didn’t see an ability to really accomplish that even in an individual voting machine. You have to have physical access to do that. It’s not as easy as you think.”

Some of the nation’s top experts in voting security disagree.

Lawrence Livermore’s Jefferson voiced frustration with the “defensive” refrain of denials from state and local election officials, including the National Association of Secretaries of State.

“Election officials do not talk about vulnerabilities,” Jefferson said, “because that would give the advantage to the attacker. And they don’t want to undermine public confidence in elections.”

Halderman said Homeland Security officials told him they were unaware of a single county in any state that had conducted post-election forensic examinations of their voting equipment.

The Homeland Security official who spoke with McClatchy said the main concern for agency cyber specialists is not about vote-tampering; it’s related to the ability of intruders to sow confusion and chaos. That could entail schemes to foul voter registration data by, for example, removing the names of voters from the rolls so they are turned away at polling stations.

“This scenario is what we witnessed on the ground in North Carolina on Election Day,” said Susan Greenhalgh, a spokeswoman for the election watchdog group Verified Voting.

“If attackers wanted to impact an election through an attack on a vendor like VR Systems,” she said, “they could manipulate or delete voter records impacting a voter’s ability to cast a regular ballot. Or, they could cause the E-Pollbooks (electronic databases of voters) to malfunction, hampering the check-in process and creating long lines.”

North Carolina was considered to be a swing state in the presidential race, and Durham County, with an African-American population of more than 37 percent, had voted more than 75 percent in favor of putting and keeping Barack Obama in the White House. Last year’s governor’s race was a dead heat entering Election Day.

The chaos in Durham County led to 90-minute delays. Some voters rang a Voter Protection Hotline to complain that their names had disappeared from the registration system or that they were told they already had voted.

The county hired a contractor to investigate the foul-up, but the inquiry never examined whether the system was hacked.

Twenty other North Carolina counties used the system, including Mecklenburg County, encompassing most of Charlotte. Though none reported problems on the scale of Durham County, release of the NSA report prompted the North Carolina Board of Elections to order a new investigation.

A former FBI agent is leading the inquiry. Critics say the three-member investigative team again lacks expertise in forensics.

Mindy Perkins, VR Systems’ president and chief executive officer, said in a statement that the company immediately notified all of its customers as soon as it was alerted “to an obviously fraudulent email purporting to come from VR Systems” and advised them not to click on the attachment.

“We are only aware of a handful of our customers who actually received the fraudulent email,” she said. “We have no indication that any of them clicked on the attachment or were compromised as a result.”

She said the company has “policies and procedures in effect to protect our customers and our company.”

Even so, Russia succeeded in sneaking up on U.S. agencies, voting system vendors and intelligence agencies.

Halderman, the University of Michigan expert, said he believes the best solution is for states to require paper trails for all voting equipment and post-election audits to ensure the vote counts are authentic.

“There’s no guarantee that we’ll know we’re under attack,” he said, “unless we do the quality control that we need by doing these audits to detect manipulation.”