Security News

A declassified joint report from several United States agencies assesses that Russian and Iranian threat actors did attempt to meddle in the 2020 U.S. presidential election, but claims that the technical integrity of the voting process wasn't affected. The joint report is meant to provide information on the extent to which foreign actors attempted interference with the 2020 U.S. elections, along with details on whether these adversaries targeted political organizations, campaigns, or election candidates, and an assessment on whether the attacks were able to successfully compromise the targeted infrastructure.

The USA's Office of National Intelligence today released its previously classified assessment of "Foreign Threats to the 2020 US Federal Elections" and found "Some successful compromises of state and local government networks prior to Election Day-as well as a higher volume of unsuccessful attempts". It's described as the intelligence community's collective assessment of attempts to disrupt the 2020 election and to contain "Analytic judgments identical to those in the classified version" but without "Full supporting information" or information on "Specific intelligence reports, sources , or methods."

Russian authorities said Tuesday they would block Twitter in a month if it doesn't take steps to remove banned content, a move that escalates the Russian government's drawn-out standoff with social media platforms that have played a major role in amplifying dissent in Russia. Russia's state communications watchdog, Roskomnadzor, last week announced it was slowing down the speed of uploading photos and videos to Twitter over its alleged failure to remove content encouraging suicide among children and information about drugs and child pornography.

The US government might have subtly signalled that it likely won't hack Russia this month - by telling credulous journalists it has a "Clandestine" plan to, er, launch an attack against its rival before April. Set against the backdrop of the SolarWinds and FireEye hack, and the most recent Hafnium attacks against Microsoft Exchange servers, it isn't hard to imagine presidential PR advisors wanting to give the impression that cyber warfare is their boss's top priority.

Leading technology companies said Tuesday that a months-long breach of corporate and government networks was so sophisticated, focused and labor-intensive that a nation had to be behind it, with all the evidence pointing to Russia. In the first congressional hearing on the breach, representatives of technology companies involved in the response described a hack of almost breathtaking precision, ambition and scope.

The National Security and Defense Council of Ukraine is accusing threat actors located on Russia networks of performing DDoS attacks on Ukrainian government websites since February 18th. The National Coordination Center for Cybersecurity at the NSDC state that these DDoS attacks have been massive and have targeted government websites in the defense and security sector. While Ukraine did not directly accuse Russia of the denial of service attacks, they stated that the attackers' IP addresses were located on Russian networks.

A US Air Force intelligence officer who kidnapped her daughter to Mexico and attempted to defect to Russia with top-secret information is set to spend the better part of a decade behind bars. According to court documents [PDF] her unusual story started in July 2019, when she fled her Hedgesville home and flew to Mexico City where she contacted the Russian embassy, offering classified documents that she had removed from secure locations over the past 20 years.

A US Air Force intelligence officer who kidnapped her daughter to Mexico and attempted to defect to Russia with top-secret information is set to spend the better part of a decade behind bars. According to court documents [PDF] her unusual story started in July 2019, when she fled her Hedgesville home and flew to Mexico City where she contacted the Russian embassy, offering classified documents that she had removed from secure locations over the past 20 years.

Obscure software packages can have hidden vulnerabilities that affect the security of these networks, and sometimes the entire Internet. Any system for acquiring software needs to evaluate the security of the software and the security practices of the company, in detail, to ensure they are sufficient to meet the security needs of the network they're being installed in.

The United States has pinned the blame on Russia for a devastating cyberattack campaign that has hit government agencies and corporations across the country. In a joint statement, the agencies said that the work "Indicates that an Advanced Persistent Threat actor, likely Russian in origin, is responsible for most or all of the recently discovered, ongoing cyber compromises of both government and non-governmental networks." Further, the group said it believes the incident was designed as an intelligence gathering effort, which means a surveillance operation aimed at finding confidential and sensitive information.