Feds Probe Alleged Phone Hacks as Election Fears Surge
Oct 4, 2016 7:00 AM PT
Federal authorities have been investigating reports that hackers targeted the mobile phones of a handful of Democratic Party staffers, according to a Reuters article published last week.
The news follows a series of breaches in recent months that revealed emails and other personal information of party staffers and other Democratic officials.
The FBI has launched an investigation into the attacks, which party officials believe are linked to Russia. Several members of Congress have raised suspicions in recent weeks that Russia might be attempting to interfere with the U.S. elections.
In addition to cyberattacks on Democratic Party operatives, recent breaches of state election systems are suspected of having Russian connections.
Possible targets were asked to turn over their phones so an "image" could be made of the devices, the latest reports indicated. Data retrieved from Democratic Party staff emails may have been used to access the mobile phones.
CrowdStrike, a Cybersecurity firm that investigated prior cyberattacks involving the DNC and other targets, declined to comment for this story.
The alleged mobile phone hacks reportedly involve malicious software infecting the devices. The data probe could involve photos, contacts, text messages, phone logs and other items.
DNC officials did not respond to our request to comment for this story. FBI officials declined to comment.
A variety of means can be used to infect software, said Christopher Budd, global threat communications manager at Trend Micro.
"For mobile, the one unique vector is getting people to install what they believe are legitimate apps from spoofed or otherwise misrepresented app stores," he told TechNewsWorld. "However, there's no indication that a malicious app was involved in this case. It's a little harder to get malicious software on a mobile device, but it can be done."
News of the investigation adds to the heightened state of alert about the integrity of various U.S. election systems. Sen. Dianne Feinstein, vice chairman of the Senate Intelligence Committee, and Rep. Adam Schiff, ranking member of the House Intelligence Committee, recently released a statement on alleged Russian hacking activity against various systems.
"Based on briefings we have received, we have concluded that the Russian intelligence agencies are making a serious and concerted effort to influence the U.S. election," they said. "At the least, this effort is intended to sow doubt about the security of our election and may well be intended to influence the outcomes of the election -- we can see no other rationale for the behavior of the Russians."
The orders for such activity could only come only from "very senior levels of the Russian government," Feinstein and Schiff maintained, and they called on Russian President Vladimir Putin to order an immediate halt to the activity.
Shoring Up Defenses
In wake of attacks on election databases in Illinois and Arizona, 18 states have accepted an offer from the Department of Homeland Security to help them make sure their election systems are secure, Secretary Jeh Johnson testified in a Senate committee hearing last week.
In those cases, suspected overseas hackers compromised the personal information of up to 200,000 voter records in Illinois and also attacked the election infrastructure in Arizona. However, no individual records were compromised.
The Illinois breach involved a suspected SQL injection attack, officials confirmed. Arizona election officials have linked the attack there to suspected Russian actors.
DHS last month issued a warning to state election officials about possible threats to their respective systems and offered to provide additional security measures, including cyberhygiene scans of their respective Internet-facing systems, and risk and vulnerability scans by on-site experts.
The public should have confidence in the election system, despite concerns about recent attacks on the DNC and infrastructures in Arizona and Illinois, said Thomas Hicks, chairman of the U.S. Election Assistance Commission.
"Because of the decentralized nature of the American election administration system, there is no single, uniform national system that would affect the outcome of election results for the November 2016 presidential election," he testified late last month before the Subcommittee for Information Technology for the Committee on Oversight and Government Reform.
Suspected Russian hackers, including the teams known as "Fancy Bear" and "Cozy Bear," have been implicated in earlier hacks on the DNC and other federal agencies.
A spearphising attack on Bellingcat, a website backed by a group of citizen journalists involved in the probe of MH 17, carries the hallmarks of Fancy Bear, according to ThreatConnect.
The attacks, which date back to last year, targeted individual emails, and were similar to the attack on White House staffer Billy Rinehart, whose stolen information recently was splashed onto DCleaks, suspected of being a Russian-influenced operation.
"There is no way to easily tell the intentions of the hacks targeting Bellingcat and its journalists," said Kyle Ehmke, senior threat intelligence researcher at ThreatConnect.
"Certainly there are a range of actions that could be enabled," he told TechNewsWorld, "based on the information they are seeking to secure."