Sunday, October 23, 2016

Oct. 21 cyberattack: rehearsal for US Election?

Oct. 21 cyberattack: rehearsal for US Election?

1 Share
Oct. 21 cyberattack: rehearsal for US Election?

A cyberattack on Oct. 21 used millions of internet-connected devices to flood the infrastructure of one of the biggest internet routing companies in the US with malicious traffic until it crashed. The attack started on the East Coast but soon spread westward in three waves during the day.
Cyber experts suspect that this unprecedented assault, on a massive scale that points to a state hacker - whether Russia, China or North Korea – may have been staged as a rehearsal for the main show, the disruption of America’s Nov. 8 elections.
There is increasing concern that voters in the 31 states, where civilians and American troops overseas may cast their ballots by Internet, will find their websites disabled by hackers. Around one million US voters would be affected, a critical figure in a tight presidential race between the Democratic and Republican contenders that could create mayhem for American democracy.
It seems that unlike previous distributed denial-of-service (DDoS) attacks, the hackers succeeded in wielding a novel weapon, which is the “next big thing” in malware, known in tech parlance as the “Internet of Things” (IOT). Not only are computers connected to websites directly attacked, but millions of internet-connected devices smart home gadgets, like cameras, baby monitors, remote garage openers, smart refrigerators, DVDs are infected without their owners’ knowledge with software that exposes them to be used by hackers to swamp the victims with overwhelming traffic.
Since these internet-connected devices are easy to use and relatively cheap, little attention was given to information security when they are developed. For some time, cyber experts have been warning of the potential for major cyber damage from IOT.
The Internet networks in the eastern US were almost completely shut down on Friday morning (local time) when one of the biggest domain name system providers, the Dyn DNS Company, was struck down.
Dyn reported that starting at 7:10am, its DNS servers came under a DDoS attack, which floods servers with huge amounts of malicious traffic. Users reported problems that sporadically shut down several websites, including TwitterNetflix, Spotify, Airbnb, Reddit, Etsy, SoundCloud and The New York Times.
The first wave lasted about 90 minutes.
The second wave, which started two hours later, knocked out many West Coast internet sites offline.
debkafile’s cyber defense and intelligence sources report that investigators are looking into two possible causes of the Oct. 21 onslaught.
One was named by US Vice President Joe Bidenwho promised during an Oct. 14 interview with NBC, after Democratic Party emails were hacked, that Washington’s response to Russian cyberattacks “will be at a time of our choosing, and under the circumstances that will have the greatest impact.”
Rather than waiting for the blow to fall, it is possible that Russian President Vladimir Putin decided to send a clear warning to Washington not to start a cyber war with Moscow. 
Another possible culprit may be a company seeking revenge for its public denunciation by a Dyn Company leader for developing advanced means and methods for carrying out DDoS attacks.
Read the whole story

· · · ·

Donald Trump - The Siberian candidate?: Tony May

1 Share
By Tony May
The problem that many voters have with Donald Trump is not that he doesn't always tell the truth. 
It's that he is so resistant to admitting fault or error that he contradicts himself in ways that prevent you from knowing fact from fiction. 
It's infuriating – and thus far in his life, it's been an effective tool for befuddling his enemies.
Take something simple like does Trump know Vladimir Putin or does he not?  Several times in the primary election season, he regaled debate audiences with details of his purported relationship with the Russian dictator.
He said he was in Russia for a Miss Universe pageant and Putin "was very nice" and sent him (Trump) a gift. 
If you listened closely, he never actually said he and Putin were  in the same room together – just that Putin made a fuss over him.  On another occasion, he said he and Putin were together alone in a "green room" waiting to appear on the same public affairs show. 
Did they bond? In an initial telling of the story, they had a great time in each other's company.  In a later recounting, it's not at all clear that being in the same room meant they talked to each other.
Since the General Election campaign began, he has denied any relationship with Putin.
By the third and final debate, the denials of a relationship with Putin became adamant as he faced continuing pressure to denounce Putin and voice agreement with the conclusion by the U.S. government intelligence community that Russia (read that as Putin) was behind the hacking of  Democratic National Committee and Hillary Clinton e-mails.
At least one mainstream news organization (Newsweek) has reported that the Trump campaign had distributed a doctored version of Clinton campaign emails that were originally posted by a Kremlin news website and later erased from the Internet when it was pointed out by the Newsweek reporter that material in the internet post attributed to a Clinton campaign advisor was actually a direct quote from a story he wrote this summer.
Were Russian sources feeding stuff to the Trump campaign?  Would Trump agree that it looked like the Russians were meddling in domestic affairs in the United States? 
In the second debate, Trump went so far in his efforts to debunk a Russian connection that he speculated that the hack was conducted by some 400-pound American lounging in his bed.
So whether Trump does or does not have a relationship with Putin is of material concern. 
Especially because Trump at one point this summer off-handedly encouraged the Russians to hack Clinton's computers and then, by gum, they did.
Coupled with another Trump trait now generally recognized by the news media is his habit of projecting bad behavior attributed to him to others.  He doesn't have a problem with facts, it's "lying Hillary." 
He doesn't skirt the law, it's "crooked Hillary."  He doesn't abuse women;  you're mistaking him for Bill Clinton.  He doesn't incite violence on the part of his supporters, that's another plot by Hillary's team.
Following this pattern, what are we to make of Trump's new mantra, the "election is rigged." 
Who is rigging?
The Obama government? 
An unholy cabal between Democratic and Republican leaders?  The mainstream media? 
The Clintons?  
International bankers? 
If you apply the Trump approach to shifting blame away from himself, he would rig the election if he could.
Where would he turn to for help?  He's already noted that the Russians have the best hackers.
Some would say the whole train of thought is absurd – but this has been an absurd election cycle filled with outrages and excesses.   It's the responsibility of a candidate for President to be clear and direct.  Fuzzy rhetoric is the enemy of an honest election.
As the election season marches to its grim conclusion, it seems to include echoes of old movie plots like the original "Manchurian Candidate," the 1952 black and white version starring Frank Sinatra and Laurence Harvey, not the recent remake with Denzel Washington and Meryl Streep. 
In the movie based on a Richard Condon spy thriller, Laurence Harvey is a prisoner of war held behind the Iron Curtain and brainwashed. 
He comes back from the Korean War a Medal of Honor winner and is eventually running for Vice President – but has recurring concerns about flashbacks and memories.
I don't want to spoil the ending for those who might want to watch the movie some night on cable, but it doesn't turn out well for Harvey's character who was programmed by his captors to respond to a singular stimulus and commit a dastardly act.
Now what political figure do we know of today who admits to spending time in Russia but who can't seem to get his facts straight about what actually happened there?
Nah, no way Donald Trump is a Manchurian Candidate. 
After all, he was never in the armed services and there no indication he even knows how to fire an AR-15. 
Maybe he's something less exciting ...  say, a Siberian Candidate.
Read the whole story

· · · ·

Will It Rock America's Vote?

1 Share
The presidential vote won’t be rigged, but it may well be rocked–and not just by Donald Trump’s repeated threat to dispute the results if he loses.
The Republican challenger has already benefitted from foreign hacking, persuasively attributed to Russia, of the private, and often embarrassing, emails of Hillary Clinton’s staff and the Democratic National Committee. Now, say numerous cyber analysts, Russian hackers have the ability, and perhaps motivation, to infiltrate the nation’s voting booths and deliver a stunning blow to Americans’ already wobbling belief in the integrity of the electoral process.
“You only need to mess it up a little bit, and as soon as people don't have faith in it, the whole system can start to crumble,” says Ryan Duff, a former U.S. Air Force cyber tactician now working on information security in the private realm. “You don't even need to sway it one way. You just have to make people think it could happen.”
What could also undermine voters’ faith in the system: Friday’s massive attack on servers that denied customers’ access to some of the world’s biggest Web sites, including Twitter, Reddit, Netflix, Amazon, Airbnb, the New York Times and others. White House Press Secretary Josh Earnest said officials couldn’t yet provide “any information about who may be responsible for this malicious activity.”  
Elections officials worried that Friday’s attacks could suppress voter turnout, especially in swing states. Barbara Simons, the co-author of Broken Ballots: Will Your Vote Count? and a member of the board of advisers to the Election Assistance Commission, told the New York Times that the hack was “a strong argument for why we should not allow voters to send their voted ballots over the internet.”
A voter fills out his ballot at the North Park Mall in Oklahoma City, Oklahoma on March 1.REUTERS/Nick Oxford
An increasing number of Americans are already disposed to thinking the election could be rigged, according to a mid-August poll by the Gallup organization. Only 62 percent of Americans “are confident that votes will be accurately cast and counted in the coming election,” Gallup said. The figure represented a falloff of between 11 and 13 percent since Barack Obama was first elected, when Republicans began pounding the fraud theme. The GOP’s propaganda campaign—baseless, in the view of independent analysts—gave Russian hackers an opportunity to further exploit voters’ doubts with surreptitious “influence operations.”
“The risk is not so much the hacking of the voting machines themselves, (which have decent if not great checks), but rather going after the broader climate that surrounds an election,” says Peter Singer, a strategist at the New America think tank and author of Wired for War: The Robotics Revolution and Conflict in the 21st Century. The larger goal is “to sow doubt and disarray,” he tellsNewsweek. “Indeed,” he adds, even if the Kremlin hasn’t had a hand in some of the hacks, it can further its goals by using “social media outlets and RT [Russia Today, another arm of Kremlin propaganda] to spread false information and claims about it happening.” Voters might conclude, "Ah, this happened in this one county in Ohio, so the results are wrong” everywhere, he says. “This is where Trump's ‘rigged’ talk is so utterly dangerous, and where it also fits in exactly with the Putin playbook.”
To most observers, the Kremlin’s evident pilfering of Democratic files has had only one immediate beneficiary—Donald Trump (and before him, Bernie Sanders). In the likely case that Russian hackers have penetrated the Trump camp’s private communications as easily as they evidently did the Democrats’, a number of possibilities exist. Among them: either they’ve not made them available yet to Wikileaks or other outlets, or they’re holding them in reserve, in the unlikely event Trump is elected.
In mid-October, veteran “ethical hacker” Scot Terban posed “three scenarios” on how Russia could throw the elections into chaos: by manipulating voter counts, voter rolls and voting machines.
In the first scenario, “the voting machine have been tampered with electronically or code has been inserted” manually via a thumb drive to produce wildly unexpected outcomes. The result: “Trust in the election system is diminished,” Terban wrote. Candidates and the public demand recounts, delaying the outcomes for months and further decimating faith in the reliability of the machines.
In the second scenario, voters show up at the polls and find that their party registration or personal data has been surreptitiously changed. Republicans are listed as Democrats and vice-versa. Addresses are incorrect or missing. They can’t vote. “To date there are no systems that I am aware of that will email you when a change is made to your voting status,” Terban wrote, asking, “and how many people check before they go to the polls?” Messing with American voters in such a way is not unheard of, he adds. It’s “a common tactic that has been used in gerrymandering,” or quietly redrawing districts in a way that disqualifies certain voters on election day.
The third scenario for paralyzing the American vote was tested by Russia in Ukraine, Terban wrote, “by inserting malware/code into the election machines in 2014 that effectively “bricked,” or shut them down.  
“If such an attack code were placed and propagated within the American voting systems,” he continued, “the disruption would cause the election to be halted and emergency measures taken,” like issuing emergency paper ballots where possible. Facing lengthy delays and long lines, most voters would walk away, he expects. “Trust in the electronic system would be degraded or destroyed.”
Russian President Vladimir Putin delivers a speech during the annual VTB Capital "Russia Calling!" Investment Forum in Moscow, Russia, October 12. Alexei Druzhinin/Sputnik/Reuters
All these scenarios are guesses (or “thought experiments”) he admits. But the Kremlin has demonstrated a propensity for “information war,” or informatsionnaya voyna, from the earliest days of the 1917 Bolshevik Revolution, when it spread false rumors and created phony front groups to keep its adversaries off balance. The practice fell off after the collapse of the Soviet Union in 1991. But Vladimir Putin, a career KGB officer, rejuvenated the effort after an internal review found “deficiencies” in Russia’s 2008 invasion of Georgia. “We surrendered this terrain some time ago,” hewas quoted as saying, “but now we are entering the game again.” Soon after, the Kremlin embraced the concept of a new warrior class to wage “a global information war.”
“The objective is... certainly, to create centres which would envisage so-called hacker attacks on enemy territory,” Igor Panarin, a leading Russian military authority, wrote in 2008, according to the U.K.-based Conflict Studies Center at Oxford University. The object would be to identify “critically important information entities of the enemy, including how to eliminate them physically, and how to conduct electronic warfare, psychological warfare, systemic counter propaganda, and net operations to include hacker training.”
Which makes the Kremlin effort no different than Washington’s array of cyber warriors who, in concert with Israel’s, reportedly disabled Iran’s nuclear centrifuges with the now notorious Stuxnet virus in mid-2010.  (“There has been no technical attribution, even to this day,” Ryan Duff notes.) But no confirmed reports of U.S. cyber-meddling in foreign elections have arisen, despite Putin’s claims of American interference in the 2012 Russian presidential election. Long before the internet, however, both the U.S. and Soviet Union covertly interfered in foreign elections around the world to promote their Cold War objectives.
The emphasis here is on covert: the stealthy hands of the CIA and KGB were supposed to stay hidden. But according to both Obama administration officials and independent cyber-sleuths, those who allegedly hacked the DNC and Clinton’s staff left electronic droppings that were traced back to Moscow.
On Thursday, Director of National Intelligence James Clapper repeated the administration’s October 7 statement that “recent disclosures of alleged hacked e-mails on sites like <a href="" rel="nofollow"></a> and WikiLeaks and by the Guccifer 2.0 online persona are consistent with the methods and motivations of Russian-directed efforts. These thefts and disclosures are intended to interfere with the U.S. election process.”
Clapper told Defense One that the U.S. had “sufficient evidence, both forensic and otherwise, to reach the conclusion,” but refused to specify the names and addresses of Russian perpetrators in the same manner Washington had “named and shamed” Chinese hackers who broke into the Office of Personnel management’s files. Critics complain that the evidence is far from concrete, and that hackers using the NSA’s own stolen tools might have left tracks to deliberately implicate Moscow. But Clapper was firm. “I don’t think I need to say anything more about it, other than the fact the statement speaks for itself,” he said. “It was mainly addressed to the American electorate, not to any foreign nation-state.”
Meanwhile, U.S. elections, administered by state, county and local officials, have no national security standard to protect against intrusions, leaving many open to manipulation, security analysts complain.
Tyler Cohen Wood, a former Defense Intelligence Agency cyber deputy division chief, calls the lack of unified standards “a national security problem,” and proposed that the Department of Homeland Security be given the authority to establish and oversee new federal ones.
In September, Republican Representative Hank Johnson of Georgia introduced a bill that would require DHS to designate voting systems as critical infrastructure and  “limit the purchase of any new voting systems” to those that use “durable voter-verified paper ballots.” Such legislation has a slim chance of gaining traction, however, given the electorate’s anti-Washington mood and complaints about the performance of DHS—which oversees entities such as the much criticized Transportation Security Agency.
A one-system-fits-all national voting system might even make it easier for hackers to throw the whole process into chaos, Wood concedes. “It could, it most certainly could,” she tells Newsweek, but at present, “some states are much more vulnerable than others, and standardization could help prevent a compromise.”
With only days before the November 8 vote, many officials hear the Russian bear thrashing around in the Internet woods and wonder where and when it will attack again. The Obama administration, meanwhile, has vowed a “proportional” response to previous Russian hacks, raising the prospect of a first world cyber war.
To some, however, this new theater of combat is not much different from the Greeks’ deployment of a legendary wooden horse to gain entrance to Troy.  
“Nation state and industrial sabotage, political maneuvering, espionage, and counterespionage have existed as long as industry and nation-states have,” Lesley Carhart, an influential cyber war specialist, wrote in a mid-October blog post in which several experts weighed in, called “Nation State Threat Attribution.”
“It’s nothing new,” she wrote. “In some ways, it’s just gotten easier in the internet era."
Read the whole story

· · · · · · ·

WHY IT MATTERS: Russia | McClatchy DC

1 Share
THE ISSUE: Russia cannot be ignored. Since the end of the Cold War, Russia has never posed such a vexing problem to U.S. policymakers as it does now. From Eastern Europe to the Middle East and increasingly Asia and the Americas, Russia is making its voice heard and its presence felt.
After a brief period of looking inward during much of President Barack Obama's first term, Russia has returned to the international stage with zeal under Vladimir Putin. Russia is militarily involved in Syria, supports separatists in eastern Ukraine and areas of Georgia and has even been accused of trying to meddle in the U.S. presidential race. At the same time, the Obama administration has been forced to accept that working with Russia is probably the only way to achieve results on many complicated international issues. Thus, Russia was central in the Iran nuclear negotiations and is a player as well as negotiator in the Syria truce effort.
Republican Donald Trump advocates improved relations with Russia — "Wouldn't it be nice if we actually got along with Russia?" has been a standard line in his campaign speeches — and has been strikingly complimentary of Putin's strong leadership style, contrasting it favorably with that of Obama. Some of Trump's current and former top advisers have been criticized for being too close to Putin, and Democrats have accused the businessman of pandering for Russian praise. Trump, however, is not the first politician to champion better U.S. ties with Russia.
In fact, one of Hillary Clinton's first initiatives as secretary of state in 2009 was to "reset" relations with Moscow, an effort that produced decidedly mixed results.
The "reset" policy had some successes while Putin was taking a break from the Russian presidency. On Putin's return, though, the reset began to unwind and Russia started to take positions directly opposed to the U.S., notably in support of President Bashar Assad in Syria and then in Ukraine. Clinton has had direct negotiating experience with Putin and his aides and that has left her wary of cooperating with Moscow. Her campaign says she will "stand up to Vladimir Putin," "deter Russian aggression in Europe" and "increase the costs to Putin for his actions."
Relations between the former Cold War foes — the owners of the most nuclear weapons on Earth — are arguably some of the most important to leaders in both the White House and Kremlin. Animosity or cordial friendship can bring profound changes in international affairs and the next president will have to engage or confront Russia on a variety of matters, not least of which are allegations that Russia was behind the hacks of Democratic emails.
The conflicts in Syria and Eastern Ukraine will not end without Russian buy-in, and Russia will have to be involved in any new effort to bring North Korea back to denuclearization talks. In the meantime, Russia is a driving force behind the co-called BRICS group of nations — Brazil, Russia, India, China and South Africa — that sees itself as a balance to the U.S. superpower and may also present problems for the U.S.
This story is part of AP's "Why It Matters" series, examining three dozen issues at stake in the presidential election. You can find the series at <a href="" rel="nofollow"></a>
EDITOR'S NOTE - One in an AP series examining issues at stake in the presidential election and how they affect people.
Read the whole story

· · ·

Putin aide can signals thaw in Russia’s ties with next US president

“We are always ready for Realpolitik,” Sergei Ivanov, a member of Mr Putin’s security council, told the FT. In his first interview to international media since stepping down as presidential chief of staff in August, Mr Ivanov said the Russian leadership had been “insulted” by anti-Russian rhetoric during the US election, but counted on American pragmatism to prevail.
“We are prepared for that. We just have to wait until the end of the election campaign. We have to wait a couple more weeks, we just have to be patient.”
Officials in Washington and in Moscow may greet even the limited hopes voiced by Mr Ivanov with scepticism as the crises in Ukraine and Syria have proved intractable. Fears of meddling from Russiain the US presidential election, and a direct stand-off between US and Russian forces in Syria have shattered the little remaining trust between the two governments.
Mr Ivanov’s switch from chief of staff to a presidential representative for ecology and transport was seen as the biggest demotion in a series of Kremlin reshuffles and a milestone in replacing old guard members of Mr Putin’s inner circle. However, it is believed that the former defence minister and deputy prime minister continues to wield influence.
“Probably the president thinks that my past experience is useful in this work,” he said speaking in the Kremlin and referring to his role on the Security Council. Mr Ivanov has just swapped offices with his successor and former deputy Anton Vaino and now works just a few steps away from Mr Putin’s other deputy chiefs of staff.
Mr Ivanov dismissed the US government’s accusations that the Russian government was behind the Democratic National Committee emails leak, and insisted that unless Washington presented concrete proof, such accusations would be seen as empty statements and “propaganda”.
Mr Ivanov said the notion that the Kremlin would prefer to see Donald Trump in the White House was “absolutely not true”.
Although Moscow has in recent weeks ratcheted up war rhetoric and issued ever more direct warnings about nuclear war, Mr Ivanov said he hoped this was noise rather than a real threat. Although a former veteran of the KGB like the Russian president and many of his senior aides, Mr Ivanov is seen as less hawkish than some other Russian security officials.
“Especially when we talk about nuclear weapons and speak about the hypothetical possibility of world war three, I believe that everyone is smart enough not to take things to a hot war,” he said. “But if we talk about cold war, information war and propaganda war, that is a fact of life. We see that every day.”