Security News This Week: Russia’s Campaign Interference Cast a Wide Net
The week started off with a metaphorical bang, as special counsel Robert Mueller brought the first charges in his investigation into Russia’s efforts to influence the 2016 presidential election. First came a dozen against former Trump campaign chairman Paul Manafort, alleging conspiracy and various financial crimes. But the more important may prove to be the plea agreement Mueller’s team struck with former Trump campaign advisor George Papadopoulos, who appears to be cooperating.
On the other side of the globe, China has lately been pushing the limits of a hacking armistice it signed with the US a few years ago. And while every few months concerns pop up about a potential North Korean EMP attack, rest assured that you’ve got plenty of bigger things to worry about.
The CIA, meanwhile, released a huge amount of data from Osama bin Laden’s Abbottabad compound this week. Among the 470,000 files were oddities like Tom and Gerry episodes and the “Charlie Bit My Finger” viral YouTube video, but also more serious documents seemingly tying Al-Qaeda activity to Iran. We also tried our darnedest—and spent several thousand dollars—trying to crack Apple’s Face ID, but fell hilariously short.
And there’s more. As always, we’ve rounded up all the news we didn’t break or cover in depth this week. Click on the headlines to read the full stories. And stay safe out there.
Fancy Bear, the hacking team connected with Russian interference in last year’s presidential campaign, targeted thousands of people both in the US and abroad in an elaborate phishing scheme, the AP reports. Specifically, they went after 4,700 people spread across 116 countries. (Many of the attempts were unrelated to the US election.) And while most attempts proved unsuccessful, they did (now famously) manage to pry open the inboxes of Clinton campaign chair John Podesta, among others releasing those emails through WikiLeaks, and even altering some of their contents so as to appear especially damning. It’s the most thorough look yet at just how broad—and bold— Russia’s attempt truly was.
The BadRabbit ransomware that swept through Russia, Ukraine, and other countries last week has confounded attempts to determine its motive or origin. Analysts at security firms Kaspersky, ESET, and elsewhere have pointed to strong connections between the attack and the NotPetya malware that barraged the same countries four months earlier. While that earlier malware outbreak has been widely attributed to Russia, however, the BadRabbit infection’s victims were themselves 65 percent Russian, according to Kaspersky. Now Ukraine’s national police agency has revealed its own analysis: That the BadRabbit aftershock of NotPetya was in fact a Russian operation, and its widespread disruption was designed to hide a simultaneous campaign of targeted phishing emails aimed at stealing confidential information. Those emails spoofed messages to users of a piece of Russian-designed software called 1C, according to comments from the Ukrainian police that were confirmed by 1C.
In a separate note from Ukraine’s top intelligence agency, the country has also pinned the BadRabbit attack explicitly on APT 28, also known as Fancy Bear, the prolific Russian hacker group responsible for attacks on everyone from the Democratic National Committee to the Worldwide Anti-Doping Association. That attribution seems to somewhat contradict findings from ESET, who blamed the NotPetya attacks on the Russian hacker group known as Telebots, or Sandworm. But the Ukrainian analysts write only that they based their assessment on the scale of the attack, the quality of the malware, and its apparent motivations, without revealing further evidence for their findings.
It’s been more than a year since US intelligence agencies first named the Russian government as the culprit behind the hacking of the Democratic National Committee and the Clinton campaign. Now it’s planning the next step in punishing the actual people behind that series of intrusions: According to the Wall Street Journal, Trump’s Justice Department has identified six individuals within the Russian government personally responsible for those hacking operations, and is planning to issue indictments against them sometime next year. While those indictments almost certainly won’t lead to the arrest of any hacker or government official, the charges will limit the travel of those indicted to countries with no extradition agreement with the US. They’ll also send a message that the US can, in fact, pinpoint foreign officials and hackers involved in secret operations that cross the line of typical state-sponsored espionage. In the case of China, for instance, indicting five Chinese hackers was a key step in bringing the Chinese government to the negotiating table in 2015, leading to a historic agreement that’s largely curtailed Chinese hacking of US private sector companies.
Let’s be clear: Facebook is 99 percent certainly not using your phone’s microphone to listen to your conversation and use that audio to target ads at you. The company has, in fact, unequivocally denied doing so. But many, many people believe this is happening, and the anecdotal evidence can almost spooky: Someone calls out to a friend in the grocery store that they should pick up some Red Bull, and immediately sees an ad for new Red Bull flavors. A woman has a conversation with a friend about an obscure coconut-opening device, and soon sees a Facebook ad for the Coco Jack appear in her feed. Internet-focused podcast Reply All asked listeners to call in to share uncanny ad experiences like those two. The show nonetheless came to the conclusion that those those apparent eavesdropping incidents are much more likely caused by Facebook’s powerful ad targeting, which can often be based on the purchases of friends, geolocation, or other semi-magical data science. But trying to dissuade someone who is convinced of the Facebook-bugging-your-house theory, it turns out, is very hard, if not impossible. After collecting those anecdotes, Reply All’s hosts invited anyone convinced they were being Facebook-bugged to call in, and attempted to change their minds—with an exactly zero percent success rate.