Data Sheet—Saturday, October 15, 2016
Last week the federal government leveled a serious accusation against a major adversary: Russia has been meddling in the upcoming U.S. presidential election by compromising email messages linked to campaigns and political parties.
The warning by the Office of the Director of National Intelligence and the Homeland Security Department alluded to recently disclosed hackings of various Democratic committees and officials like Clinton campaign chairman John Podesta. The government agencies noted that “only Russia’s senior-most officials could have authorized these activities” that involved stealing documents and handing them over to vigilante online publishers, like WikiLeaks, and other websites and personas believed to be Russian fronts, like DC Leaks and the wily, if dubious, online hacker “Guccifer 2.0.” The statement concluded, chillingly, that these acts of foreign subterfuge were “intended to interfere” with the country’s democratic process.
Unsurprisingly, Russia disagreed. Russian President Vladimir Putin chalked up the finger-pointing to “hysteria.” Sergey Lavrov, Russia’s foreign minister, called the claims “flattering,” “ridiculous,” and unsubstantiated. When asked whether Moscow rejected the attribution, Lavrov told CNN, provocatively, “we did not deny this—they did not prove it.” Hmm. Perhaps Lavrov’s remark was a slip of the non-native tongue, but his statement might be more than a little revealing. The Kremlin has not denied its involvement, strictly speaking, in the archive dumps; rather, its leaders have sidestepped the question by responding ambiguously.
The American electorate is quickly learning what security and intelligence pros have understood for decades: Cyber warfare and information warfare are inextricable. Unable to directly hijack voting booths, America’s adversaries are trying their damnedest to manipulate the views of prospective voters before they cast their ballots on November 8—just as the mischief-makers did to varying degrees in past operations in Estonia, in Latvia, in Georgia, in Greece, in Italy, in France, in Germany, and in Ukraine. Regardless of whomever these ill-gotten revelations (and planted bits of disinformation) help or hurt, it’s vital to recognize that it is happening.
The election isn’t rigged. But it is under attack.
Welcome to the Cyber Saturday edition of Data Sheet, Fortune’s daily tech newsletter. Fortune reporter Robert Hackett here. You may reach me via Twitter, Cryptocat, Jabber (see OTR fingerprint on my about.me), PGP encrypted email (see public key on my Keybase.io), Wickr, Signal, or however you (securely) prefer. Feedback welcome.
Moscow's meddling menace. Cybersecurity experts are warning Americans about Russia's attempts to influence the presidential election. The hacks pose a dilemma for U.S. citizens: voters seem to want the information, but may disagree with the method by which it was obtained. (Guardian)
Billions and billions. Businesses will spend $101.6 billion on cybersecurity software, hardware, and services in 2020, according to a new research report out of the International Data Corporation. That 12-figure budget represents a 38% increase over the $73.7 billion that the research firm forecasts that organizations will spend this year. (Fortune)
Batten down the money vaults. The "group of seven" or G7 industrial powers released a three-page set of cybersecurity guidelines aimed at protecting the global financial system on Tuesday. Government agencies of the group's member nations—Britain, Canada, France, Germany, Italy, Japan, and the United States—posted the document, which advised threat sharing and security regulation, on their respective websites. (Fortune)
Well, that was SWIFT. An enterprising hacker group is targeting the SWIFT financial messaging network with an attack employed earlier this year by another gang of digital bank robbers who stole $81 million from the Bangladesh central bank, according to the antivirus giant Symantec. The new group, dubbed Odinaff, has planted malicious code inside the computer networks of as many as a score of organizations. (Fortune)
Batch of patches. Microsoft and Adobe issued a slew of important software fixes this week. Microsoft also updated its policy on patch rollouts, no longer granting people the option to pick and choose which fixes to download and instead opting to dispense them as bundles. (Krebs on Security)
Mmm...that does sound like a delicious dish of risotto...
Share today's Data Sheet with a friend:
Looking for previous Data Sheets? Click here.
Here's Fortune's Mathew Ingram on the reporter's dilemma when assessing the public interest of leaked information.
Regular dumps of classified documents and other internal communications have become a fixture of modern life, thanks in part to stateless—and frequently lawless—entities like WikiLeaks. But is publishing those leaks always the right thing to do? That’s one of the questions raised by the recent leak of private emails from John Podesta, the campaign chairman for Democratic presidential candidate Hillary Clinton. Read more on Fortune.com
How to Stop Hackers from Taking Over Your Home by Jeff John Roberts
Firms Are in Denial About the EU's Coming Privacy Law, Survey Suggests by Jeff John Roberts
ONE MORE THING
"Maybe there is no hacking. But they always blame Russia." Cris Thomas, a strategist at the cybersecurity firm Tenable Network Security who goes by the hacker alias "Space Rogue," wrote a piece defending Republican presidential candidate Donald Trump's refusal to acknowledge Russia as the culprit behind recent intrusions into politically affiliated computer networks. In the nominee's defense, Thomas said, the U.S. government should release more information about its claims so that the public can reach its own conclusions. (Christian Science Monitor)