Russia: Anti-Vaxx and Pro-“Energy Choice”

There’s no denying the pattern — Russia is attacking the credibility of U.S. institutions to create chaos and stir up distrust of our leaders, engineers, and scientists. This video looks at Russian efforts to spread anti-vaccination propaganda and to push for “energy choice,” a sneaky effort to break up the utilities that actually secure our energy grid (from their cyberattacks).

U.S. Boosts Defenses Against EMP Threat

The dangers of an electromagnetic pulse, or EMP, are the stuff of nightmares — think widespread blackouts, halting of air travel, crippling of the U.S. economy and potential total social breakdown.

Officials have been warning for years that Russia, China, Iran or North Korea could unleash an EMP attack on the U.S. electric grid; or just as scary, one could be caused by a solar flare.

Recognizing the potential devastating effects an EMP would bring, the White House took action this week via an Executive Order from President Trump to protect the nation’s critical infrastructure from EMPs, boost detection capabilities and plan for recovery should one occur.

While unleashing an EMP attack would be an indisputable act of war, and bring a swift response from the U.S., it could be a highly effective first strike. Military leaders in adversarial countries know this, and EMP weapons have become part of their planning doctrines, according to a government report.

“It is the policy of the United States to prepare for the effects of EMPs through targeted approaches that coordinate whole-of-government activities and encourage private-sector engagement,” the executive order said.

Read more…

Big aluminum maker suffers major cyberattack

Hackers are at it again — seeking to disrupt industrial production and cause economic damage in the West through ransomware cyber attacks.

In the latest case, the giant Norwegian aluminum manufacturer Norsk Hydro was hit with a cyberattack that forced it to shut down some plants and operate others manually. These attacks are a far cry from the “election meddling” that has come to dominate our public perception of foreign interference. Rather, they are causing significant direct and indirect financial harm to the targets.

Aluminum prices rose to a 3-month high when news of the attack became public, while Norsk Hyrdo’s stock fell 3.4%.

It’s not yet clear who the perpetrators of the cyberattack were, or whether they succeeded in extracting a ransom payment from Norsk Hyrdo to “unlock” the hacked systems.

“Other cyber attacks have downed electricity grids and transport systems in recent years, and an attack on Italian oil services firm Saipem late last year destroyed more than 300 of the company’s computers.”

Reuters UK

Global aluminum production is dominated by just a few companies, with the 2 largest in China and Russia, and production problems can quickly escalate into disruptions of the global supply chain.

Read more from Reuters and Bloomberg.

Sen. Warner: Shift cyber tactics or lose

Last Friday, Senate Intelligence Committee Vice Chairman Mark R. Warner called for a national cyber-policy overhaul, warning that cyberattacks and disinformation campaigns are being waged successfully against the U.S. 

“The true cost of our cyber vulnerabilities and the cost of those attacks won’t come with a single event, they will be gradual and accumulating,” Sen. Warner said. “Our personal, corporate and government data is being bled from every network every day. Our faith in our institutions and our tolerance for one another is being eroded by misinformation. This is leaving us exposed as individuals, and vulnerable as a country.”

“People keep warning of a ‘digital Pearl Harbor’ or a ‘digital 9/11’ as if there will be a single, extraordinary event that will force us to action on these issues. But I have news for you: we are already living these events. They’re happening every day.”

Added Sen. Warner, “The dangers are only growing as new technologies such as deep fakes, where audio and video manipulation can literally put words into the mouth of an official or a business leader, and these efforts are now being commercialized.”

Do you agree with Sen. Warner that the use of cyber warfare and information operations against us by our adversaries is one of our most urgent national security challenges?

A Video Introduction to CAFI

What motivates us at CAFI? Why have taken up the fight against foreign interference? This video gives you a quick introduction to the cause and why it’s so important, in under two minutes. Please watch and share.

Russian Election Disinformation Playbook: Tehran Edition

We already know that the Russians and Chinese are up to no good regarding our elections, and now Iran is in on the act. That’s the word from Wired magazine, which reports that it’s been a successful change in strategy from the earlier approach taken by Iran.

Instead of focusing on domestic Iranian politics, the new network focused on U.S. and British politics. It was a more successful tactic, if you judge success by followers. The old network had about 200,000; the new one had more than 1 million. Facebook shut down 82 associated accounts from the new network in October.

The article’s findings are in line with a joint U.S. government statement from the Director of National Intelligence, the FBI, Department of Justice and Department of Homeland Security from Oct. 19 laying out exactly what’s going on regarding foreign interference in the midterms.

The statement fingers Russia, China and Iran as culprits, explaining their tactics and pointing out that as of that date, there was no “evidence of a compromise or disruption of infrastructure that would enable adversaries to prevent voting, change vote counts or disrupt our ability to tally votes in the midterm elections.” There were a few attempts to access the networks of state and local governments, which “often include online voter registration databases,” but they were all thwarted.

It’s worth your time to read it because it’s straight from the source, and there’s no better way to judge a situation for yourself than to review primary sources. That’s because everything is open to interpretation and news is no different.

While our mission at CAFI is to educate the public about foreign interference with our democracy, we have a sideline in cutting through click-bait and getting to the facts. For the second time this month, we’ve spotted a story that’s taking the long road to the actual news.

This piece entitled “Google says it’s seeing very little hacking against the US midterms — but there’s a catch” backs into the news.

Allow us to translate: Russian disinformation and propaganda operations are in full swing, but Google – like the government – hasn’t seen any evidence of actual hacking of election systems yet, according to Google’s director of threat analysis, Shane Huntley.

The article quotes Huntley’s observation about the success of our enemies, made during a speech on Oct. 22. It takes on poignance in light of the recent domestic attacks:

Speculating on why they’re seeing fewer direct hacking attempts than 2016, Huntley said: “If the goal at that time was to create a world where there was less faith in the democratic institutions, that we were a divided country, that there was hyper-partisanism, and it was like driving a wedge between the different sides of the democracy, one might say there’s not a lot of hacking that needs to happen at this current point to actually engender that—because we’re already here.”



Russian Midterm Election Hacking: U.S. Takes the Gloves Off

The U.S. government is finally bringing its full force to bear against Russia’s heretofore largely unchecked campaign to meddle in the 2018 midterm elections.

In the past week, the government has fired off three public broadsides at the Russian government, most notably with the Justice Department’s indictment against Russian woman working for a close ally of Russian President Vladimir Putin.

Prosecutors allege Elena Khusyaynova managed a $35 million budget to fund social media trolling operations as part of a years-long campaign to sow discord among Americans. Same as the 13 trolls charged by the Robert Mueller investigation, the operations Khusyaynova oversaw as chief accountant worked both sides of the political aisle as they tried to ramp up distrust of the political system.

The trolls picked hot-button issues like race relations, guns, immigration, women and tried to whip up passions on either side. It’s the same M.O. they use to create resistance against pipeline projects from North Dakota to Florida.

The charge against her, appropriately, is conspiracy to defraud the United States.

Then, the U.S. Cyber Command let it be known that it is identifying and tracking individual Russian trolls with an overseas cyber-operation billed as the first of its kind. What’s interesting is that the government made what should be a covert operation overt. There’s a reason – they want the public and the Russians to know.

The underlying reasons are different, though. For the American public, it’s a way to demonstrate that the government is acting and not sitting back. For the Russians, it’s an attempt at deterrence – warning that there are real-world risks for their online actions against the U.S. And it’s a good start.

Finally, U.S. national security adviser John Bolton fired a shot across the Kremlin’s bow from inside Moscow. During a trip to meet with Russian counterparts, he told a Moscow radio station that Russia’s interference in the 2016 election had backfired by creating distrust of Russia.

Bolton essentially called it a classic case of blowback – when covert operations go bad, they cause the opposite of the intended effect and “blow back” on the perpetrator. In his typically blunt manner, he said: “Don’t mess with U.S. elections.

The sum of all these developments is that it’s clear Russia has not abandoned its plans to interfere with our body politic, the same as it is doing around the world.

So much for the story that there was no evidence of Russian trolling in the midterm elections. We said it back then – a thief changes nothing but tactics.

Russia & Hacking the Midterms: What’s really going on?

An article from The Daily Beast purports that there are no signs yet of Russian hacking or interference  in the 2018 U.S. midterm elections – which is good news, if it’s true.

Like all news, let’s take it with a grain of salt. The thrust of the article’s argument is that Russia did such a good job messing with 2016’s polls that it doesn’t have to lift a finger now.

That’s a comforting thought but not one suffused with true understanding of how state intelligence actors operate. Russia’s work advancing its interests is never done, same as it is with the United States or any other nation-state.

Influence operations are marathons and not sprints, and their means and methods vary widely, as this handy but incomplete list of Russian spying operations around the world can attest.

So even if Russia’s operations around the 2016 election achieved their goals, it’s not like Moscow said “OK, we’re good now.” More than likely, they’re shifting to other modes of operation that aren’t as well-known since surprise and stealth are the fundamental elements of covert action.

After all, a thief whose best hauls came from breaking in through unlocked windows doesn’t stop once the people in the neighborhood start locking them. He just breaks the glass instead.

Be listening for that sound.

Read the full story here


How do hackers crack their way into critical infrastructure?

Russian hackers have been probing—and gaining access to—critical U.S. infrastructure organizations like electric utilities. But how?

Aren’t these supposed to be among the most protected assets in the entire country? Certainly the dangers of any compromise of the electric grid are scary to contemplate. So it’s worth understanding the ways in which hackers exploit both technical vulnerabilities and human behavior to gain illicit access.

A new report by cybersecurity firm Cybereason reveals some of the methods that hackers have been using to break into these holy grails of our national industrial infrastructure.

The firm established a “honeypot” site—a fake website made to resemble a large electricity provider—and then sat back and watched what happened.

They didn’t sit around for long.

“Just two days after the honeypot went live, attackers had discovered it, prepared the asset for sale on the dark Web and sold it to another criminal entity who was also interested in [industrial control system] environments,” according to the report.

Read the full story.

U.S. Experts: Greatest threat is massive cyberattack

Former CIA Directors Gen. David Petraeus and Leon Panetta both warn that the U.S. faces a huge threat from a major cyberattack, one that could knock out the electric grid and cripple financial networks.

An Axios report this weekend quotes Petraeus saying, “What worries me most is a cyber equivalent of a weapon of mass destruction falling into the hands of extremists who would, needless to say, be very difficult to deter, given their willingness to blow themselves up on the battlefield to take us with them.”

Other current and former intelligence and homeland security officials concur, including DHS Secretary Kirstjen Nielsen, Michael Chertoff, Lisa Monaco and Frances Townsend.

Russia is not the only foreign power to have demonstrated the capability and interest in waging a cyberattack on the U.S.—China, North Korea and potentially even non-state actors can wreak havoc too. But Russia all eyes are on Russia due to recent provocations aimed at energy companies and news reports that they’ve successfully penetrated critical U.S. electricity infrastructure.

A well-executed cyberattack could knock out the electrical grid and shut off power to a huge swath of the country, or compromise vital government or financial data and leave us unsure what is real. The sheer number of internet-connected devices, from cars to pacemakers, means the risks are growing by the day.

Read the full story