Information Technology

Image: Element5 Digital
The Cybersecurity and Infrastructure Security Agency and the Federal Bureau of Investigation said today that they have not seen any cyber-attacks target US voter registration databases and voting systems this year.
The two agencies issued a joint statement today after an article in Russian media had gone viral earlier this morning.
The article, published by Russian news agency Kommersant, claimed that a Russian hacker had obtained voter records for more than 7.6 million Michigan voters following an intrusion into the state’s database earlier this year, in March.
According to Kommersant, the hacker also claimed to be in possession of voter records for Connecticut, Arkansas, Florida, and North Carolina voters, but in smaller numbers, and was making all the databases available for free on a hacking forum since July.

Michigan’s voter records were not hacked. A Michigan voters file was posted on the site “raidforums” by user Gorka9. The file itself, available at https://t.co/og5TRC2mbo, contains only publicly available information from Michigan’s qualified voter file. Thread: pic.twitter.com/tGVdxbVjzk
— Jack Cable (@jackhcable) September 1, 2020

While most voter records in US states are available for free, the hacker claimed that at least the Michigan voter database contained fields that were meant to be private, such as emails and dates of birth.
CISA and the FBI say there was no hack
But in a joint statement published on Twitter today, CISA and the FBI claim that such a hack never happened. In fact, they haven’t seen any cyber-intrusions into election systems at all.
“CISA and the FBI have not seen cyber-attacks this year on voter registration databases or on any systems involving voting,” the two agencies said.

Furthermore, later in the day, Michigan and Connecticut state officials have also denied claims that they’ve been hacked, in statements released to NBC News reporter Kevin Collier.
The two states also reminded US voters that their respective voter databases are public, and anyone can obtain them for free, or by filing an FOIA (Freedom of Information Act) request, effectively calling the Kommersant report a non-story.
Nonetheless, this didn’t stop today’s Kommersant article going viral and causing panic among some US voters, with the report trending on Twitter US at one point earlier this morning.
The ludicrousness of thousands of Americans sharing a story from a Russian news site without questioning its reporting or authenticity was punctuated later in the day when both Facebook and Twitter announced they shut down a Russian-sponsored news site for misleading articles on US politics. More

Moscow, Russia – July 31, 2018: Tourists walk on the red square on a summer day. View of the square and the Kremlin’s Spassky Tower
Zayne C., Getty Images
Facebook and Twitter said on Tuesday that they removed social media accounts for a news organization going by the name of PeaceData, which they linked to Russia’s state propaganda efforts.
The two social networks said they started an investigation into accounts associated with this news site after they received a tip from the FBI earlier this summer.
Who is PeaceData
Following investigations started by both platforms, Facebook said it removed 13 accounts and two pages, while Twitter said it banned five accounts, all of which were used to promote news articles hosted on the PeaceData.net website.
In a report [PDF] published today analyzing PeaceData’s operations, social media research group Graphika said the news site focused on publishing news articles in both English and Arabic, critical of the US, the UK, and France.

PeaceData website
Image: ZDNet
Graphika said the website published content using both fake personas but also real journalists that they hired through ads posted on the Guru job portal.

Image: Graphika
The articles criticized both the right and left wings of the political spectrum, along with US military and foreign policies.
“They published and shared articles about the race protests in the United States, accusations of foreign interference and war crimes committed by the US, corruption, and the suffering caused by capitalism,” Graphika wrote in its report.
These articles are still live on the PeaceData website today. Many have skewed views and cover conspiracy theories, with headlines such as “Overfunding of US Military Is Driving Climate Change and White Supremacist Culture of War Crimes,” “Svetlana Tikhanovskaya’s Deleted Webpages Show She’s Little More Than a Western Regime Change Puppet,” “Portland Protests: Authoritarian Trump Is Worse Than the Demagogue,” and “Era of US Domination of Latin America Coming to an End.”
Graphika said the network was still in its infancy when it was taken down, suggesting that the FBI had spotted the operation before it could do any real damage on social media.
In a series of tweets today, Twitter confirmed this assessment, claiming that the banned PeaceData accounts “achieved little impact on Twitter and were identified and removed quickly.”
Linked to Russia’s IRA
Twitter avoided naming the real entity behind the PaceData website and only said that it could “reliably attribute to Russian state actors.”
On the other hand, Facebook was more brazen in a blog post today, claiming that the PeaceData website was linked to “individuals associated with past activity by the Russian Internet Research Agency (IRA),” the infamous Russian company based in Sankt Petersburg that is known to engage in online influence operations on behalf of the Russian government, and who is mostly known for its interference in the 2016 US presidential election.
Graphika also backed Facebook’s assessment, linking PeaceData to Russia’s IRA as well. More

Image: terimakasih0
The Norwegian Parliament (Stortinget) said on Tuesday that it fell victim to a cyber-attack that targeted its internal email system.
In a press release today, Stortinget director Marianne Andreassen said that hackers breached email accounts for elected representatives and employees alike, from where they stole various amounts of information.
Andreassen said the incident is currently under investigation, and, as a result, couldn’t provide any insight into who was behind the attack, or the number of hacked accounts.
Norway’s intelligence agency is currently investigating the incident, according to a statement the agency posted on its Twitter account earlier today.

PST er kjent med IT-angrepet mot Stortinget. Når PST har mottatt anmeldelsen vil vi vurdere om det er grunnlag for å starte etterforskning. https://t.co/UIuqeXgaea
— PST (@PSTnorge) September 1, 2020

While the investigation is still ongoing, Andreassen said that Stortinget has already started notifying impacted representatives and employees about the incident.
Local press, who first broke the story about the attacks, also reported that the parliament’s IT staff has shut down its email service to prevent the hackers from siphoning more data.
Prior to today’s incident, cyber-attacks targeting Norway have been rare and far apart.
In January 2018, a hacker group stole healthcare data for more than half of Norway’s population, according to local press.
In February 2019, cyber-security firms Rapid7 and Recorded Future revealed that Chinese hackers breached Visma, a Norwegian company that provides cloud-based business software solutions for European companies, and used this access to attack the company’s customers.
In May 2020, a group of internet scammers tricked Norfund, Norway’s state investment fund, out of $10 million, in an attack known as a business email compromise. More

The Pacific Light Cable Network (PLCN), an ambitious underwater data cable project partly owned by Facebook and Google, won’t be connecting Los Angeles to Hong Kong after all. 
New plans for the 12,800 kilometre-long network presented to the US Federal Communications Commission (FCC) show that the PLCN will instead only operate between the US, Taiwan and the Philippines.

Digital transformation

The nearly 13,000 kilometres of underwater cables have already been laid, but the project needed permission from the FCC before operations could kick off. In the new application filed by the companies managing PLCN, authorization was only requested to run the network between the US, Taiwan, and the Philippines. The file specifies that the applicants are not seeking authority for the Hong Kong path.
Initially announced in 2016, the PLCN project was intended to provide direct submarine cable connectivity between Hong Kong and Los Angeles. It is made of six fiber pairs, each linking the US and Hong Kong, with some pairs including branches to Taiwan or the Philippines.
Three firms share ownership of the cable network. Google owns one fiber pair with a branch to Taiwan, and Facebook owns another pair with branches to the Philippines. Hong Kong company Pacific Light Data Co (PLDC) owns all of the remaining pairs and acts as the landing party in Hong Kong. 
Last June, however, an FCC Committee called Team Telecom recommended that the US body deny the operation of a sub-sea cable system connecting directly to Hong Kong, saying that it was not in the interest of US national security or law enforcement interests to approve subsea cables landing in Chinese territory when the Chinese government had previously demonstrated its intent to acquire data on US citizens. 
The FCC Committee also argued that the high capacity and low latency of the network would encourage US communication traffic crossing the Pacific to detour through Hong Kong before reaching the intended destination, which would unnecessarily increase the amount of data going through infrastructure controlled by the Chinese government. 
As a result, plans for parts of the project had to be revised by Google and Facebook. The latest application filed with the FCC, therefore, establishes that the fiber pairs operated by PLDC will not be operational.
A Google spokesperson said: “We can confirm that the original application for the PLCN cable system has been withdrawn, and a revised application for the US-Taiwan and US-Philippines portions of the system has been submitted. We continue to work through established channels to obtain cable landing licenses for our undersea cables.”
Having a direct communication channel with ultra-high capacity between Los Angeles and Hong Kong was a prospect that sat well with many US firms that may want to expand their customer base to Asia. With capacity demand on such a route set to increase in the coming years, the network had been pitched as a way to enhance service quality, redundancy and resilience of communications systems in the region. 
Restricting the system’s perimeter to Taiwan and the Philippines might, therefore, impact business productivity. But FCC commissioner Geoffrey Starks said in a Tweet that national security concerns should prevail: “I share those concerns and will continue to speak out,” he said. “(The) FCC must ensure that our telecom traffic is safe and secure.”
The announcement is the latest move in an escalating trade war between the US and China, as the Trump administration continues to argue that Chinese companies are being leveraged by the Chinese government to spy on foreign nations.
Huawei, for example, was added to the US Entity List, effectively barring the firm from trading with US businesses. More recently, the Chinese telecommunications giant was forbidden from accessing key US semiconductor technologies like chips, on top of gradually being pushed out of several nations’ 5G networks.
The Trump administration is also clamping down on Chinese-owned apps TikTok and WeChat, and recently announced sanctions for any company doing business with the two platforms. More

Leaked documents have revealed the concerns of law enforcement in how Internet of Things (IoT) technology can pose a risk to the safety of police officers. 

Smart doorbell vendors including Ring have created product lines that have transformed traditional bells and door chimes into intelligent technological solutions that provide location monitoring, real-time camera feeds, audio and visual recordings, and the ability to communicate with visitors remotely. 
For homeowners, an IoT doorbell can provide an additional layer of security at points of entry. For law enforcement, their rapid adoption provides a new stream of intelligence for criminal investigations. 
Amazon acquired Ring in 2018. In the past few years, doorbells have been donated to residents in areas including Kansas City to tackle crime (.PDF), and in total, Ring now works with over 400 US police departments.
See also: Ring to enable 2FA for all user accounts after recent hacks
The Neighborhoods initiative brings Ring doorbells together as part of a wider network that displays installations on a map — highlighting where law enforcement could request footage from residents rather than obtain warrants. 
However, nodes in this network may also be used to push back against the police, according to leaked documents. 
As reported by The Intercept, a 2019 analysis bulletin highlights how IoT footage can be used to corroborate witness statements or alibis, but in turn, smart surveillance technology can also “pose security challenges” for law enforcement. 
Namely, when police officers are considered unwanted visitors. 
“Most IoT devices contain sensors and cameras, which generate an alert or can be remotely accessed by the owner to identify activity in and around an owner’s property,” the bulletin reads. “If used during the execution of a search, potential subjects could learn of LE’s [law enforcement] presence nearby, and LE personnel could have their images captured, thereby presenting risk to their present and future safety.”
In “standoff” situations, too, IoT devices containing motion sensors could alert suspects to the position of police officers around or in a property. 
CNET: How to avoid the latest text scam about package deliveries
A 2017 case noted in the bulletin says that the FBI once visited a residential home to serve a search warrant. A Wi-Fi doorbell at the property alerted the subject of the warrant, who was at another location. The subject then contacted his neighbor and landlord regarding the FBI’s presence at his home, rather than engage directly with the police. 
The publication cites another bulletin, “Video Doorbell Devices Pose Risk to Law Enforcement in New Orleans, Louisiana as of 25 July 2017,” which noted the “subject may have been able to covertly monitor law enforcement activity while law enforcement was onthe premises.”
TechRepublic: The best developer-centric security products
Another challenge posed by IoT devices is when users pull the footage and post suspected criminal activity across social media — a trend that you can often see in local Facebook groups, for example — before an investigation is launched. This can result in false accusations and may also tip off criminals to the existence of footage before the police become involved. 
Smart doorbells can be of benefit to consumers who want to enhance their home security. However, when surveillance becomes a sales pitch, muddying the water between a consumer product, law enforcement, and criminal investigations can pose a variety of issues — not just for our personal privacy, but also as these products can be turned away from their original purpose. 

Previous and related coverage
Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0 More

Members include Avast, DuckDuckGo, and Insurgo. More

The Iranian hacker group who’s been attacking corporate VPNs for months is now trying to monetize some of the hacked systems by selling access to some networks to other hackers. More

A Russian cyber-crime group named Cosmic Lynx has been focused on tricking companies into sending over huge wire transfers. More