Techlife News - - Front Page -

Thou­sands of emails were stolen from aides to the Na­tional Repub­li­can Con­gres­sional Com­mit­tee dur­ing the 2018 midterm cam­paign, a ma­jor breach ex­pos­ing vul­ner­a­bil­i­ties that have kept cy­ber­se­cu­rity ex­perts on edge since the 2016 pres­i­den­tial race.

The email ac­counts were com­pro­mised dur­ing a se­ries of in­tru­sions that had been spread over sev­eral months and dis­cov­ered in April, a per­son fa­mil­iar with the mat­ter told The As­so­ci­ated Press. At least four party aides had their emails surveilled by hack­ers, said the per­son, who was not au­tho­rized to dis­cuss the de­tails pub­licly and spoke on the con­di­tion of anonymity.

The com­mit­tee said an “un­known en­tity” was be­hind the hack but pro­vided few other de­tails. A cy­ber­se­cu­rity firm and the FBI have been in­ves­ti­gat­ing the mat­ter, the com­mit­tee said. The FBI de­clined to com­ment.

Po­lit­i­cally mo­ti­vated cy­beres­pi­onage is com­mon­place across the world, but Amer­i­cans

have be­come par­tic­u­larly alert to the pos­si­bil­ity of dig­i­tal in­ter­fer­ence since Rus­sia’s med­dling in the 2016 elec­tion. The theft of Democrats’ emails is still fresh in the minds of many po­lit­i­cal op­er­a­tives and law­mak­ers, who have stepped up de­fen­sive mea­sures but still strug­gle to pro­tect them­selves.

For­eign spies rou­tinely try to hack into politi­cians’ emails to gain in­sight, fer­ret out weak­nesses and win a diplo­matic edge. But hack­ers of­ten launch sweep­ing spear-phish­ing cam­paigns to gain ac­cess to a va­ri­ety ac­counts — with no po­lit­i­cal mo­ti­va­tion. With no im­me­di­ate sus­pects and few tech­ni­cal de­tails, it’s un­clear what the sig­nif­i­cance of this lat­est in­cur­sion is.

In Au­gust, the Demo­cratic Na­tional Com­mit­tee thought it had thwarted an at­tempt to break into its mas­sive voter data­base — but the ef­fort turned out to be unau­tho­rized test that mim­icked what an at­tack would look like.

Crowd­Strike, a Cal­i­for­nia-based cy­ber­se­cu­rity com­pany, said Tues­day the NRCC asked the com­pany in April to “per­form an in­ves­ti­ga­tion re­lated to unau­tho­rized ac­cess” to the com­mit­tee’s emails. Be­fore that, the com­pany had been help­ing the com­mit­tee pro­tect its in­ter­nal cor­po­rate net­work, which wasn’t com­pro­mised.

“The cy­ber­se­cu­rity of the com­mit­tee’s data is para­mount, and upon learn­ing of the in­tru­sion, the NRCC im­me­di­ately launched an in­ter­nal in­ves­ti­ga­tion and no­ti­fied the FBI, which is now in­ves­ti­gat­ing the mat­ter,” the com­mit­tee said in a state­ment. The hack was first re­ported by Politico.

Ear­lier this year, NRCC Chair­man Steve Stivers said the com­mit­tee — which raises money to sup­port Repub­li­can can­di­dates for the House — hired mul­ti­ple cy­ber­se­cu­rity staffers to work with its can­di­dates and promised to do more.

“We’re start­ing to ad­vise cam­paigns, but we’re not ready to roll the whole thing out. We’re work­ing on it,” Stivers said in March. “We’re work­ing on the tech­nol­ogy-based stuff to try and make sure that we know what’s out there — which is hard, too — and then we try to de­fend against it the best we can.”

Dur­ing the 2016 pres­i­den­tial cam­paign, Rus­sian state-aligned hack­ers or­ga­nized the leak of more than 150,000 emails stolen from more than a dozen Democrats. The FBI later said that the Rus­sians had tar­geted more than 300 peo­ple af­fil­i­ated with the Hil­lary Clin­ton cam­paign and other Demo­cratic in­sti­tu­tions over the course of the pres­i­den­tial con­test.

Spe­cial coun­sel Robert Mueller is now in­ves­ti­gat­ing the whether peo­ple close to Don­ald Trump’s pres­i­den­tial cam­paign had ad­vance knowl­edge of Wik­iLeaks’ plans.

U.S. of­fi­cials have ex­pressed con­cern about for­eign in­ter­fer­ence in U.S. elec­tions. This week­end, De­fense Sec­re­tary Jim Mat­tis ac­cused Rus­sia of try­ing to “muck around” in the Novem­ber midterm elec­tions. Mat­tis did not of­fer specifics and would not elab­o­rate.

In Oc­to­ber, the Jus­tice Depart­ment un­sealed crim­i­nal charges de­tail­ing a years­long ef­fort by a Rus­sian troll farm to “sow divi­sion and dis­cord in the U.S. po­lit­i­cal sys­tem” by cre­at­ing thou­sands of false so­cial me­dia pro­files and email ac­counts that ap­peared to be from peo­ple in­side the

United States. The com­plaint pro­vided a clear pic­ture that there is still a hid­den but pow­er­ful Rus­sian so­cial me­dia ef­fort aimed at spreading dis­trust for Amer­i­can po­lit­i­cal can­di­dates and caus­ing di­vi­sions on so­cial is­sues such as im­mi­gra­tion and gun control.

The cam­paign sea­son saw sev­eral ex­am­ples of dig­i­tal mis­chief, al­though none with the im­pact of the 2016 hacks.

In Au­gust, Mi­crosoft alerted the pub­lic to at­tempts by gov­ern­ment-backed Rus­sian hack­ers to tar­get U.S. con­ser­va­tives’ email by cre­at­ing fake web­sites that ap­peared to be­long to a pair of think tanks, the Hud­son In­sti­tute and In­ter­na­tional Repub­li­can In­sti­tute. It also con­firmed an at­tempt sim­i­larly at­trib­uted to Rus­sian hack­ers to in­fil­trate the Se­nate com­puter net­work of Sen. Claire McCaskill, the Mis­souri Demo­crat who lost a re-elec­tion bid in Novem­ber.

Google later con­firmed in Septem­ber that the per­sonal Gmail ac­counts of mul­ti­ple sen­a­tors and staffers had re­cently been tar­geted by for­eign hack­ers, though it did not spec­ify the cy­ber­spies’ na­tion­al­ity nor the party af­fil­i­a­tions of the tar­gets.

Newspapers in English

Newspapers from USA

© PressReader. All rights reserved.