Monday December 17, 2018
Home U.S.A. U.S. Legislat...

U.S. Legislature To Question Silicon Valley Over Russian Hackers

Following Wednesday morning's Senate hearing in the U.S. Twitter CEO Dorsey will appear solo before the House Energy and Commerce Committee.

0
//
U.S. Senate
The U.S. Capitol is seen in Washington, Sept. 3, 2018.
Republish
Reprint

As legislators prepare to grill Silicon Valley executives over Russian hacking ahead of midterm elections, some observers say the debate over expanded government oversight is far from over.

On Tuesday, Twitter CEO Jack Dorsey met with legislators in Washington ahead of Wednesday morning’s hearing, where Dorsey and Facebook COO Sheryl Sandberg will answer questions about cybersecurity before the Senate Intelligence Committee.

Senator Mark Warner of Virginia, the committee’s ranking Democrat, told The Washington Post that the hearing aims to “to sound the alarm that what happened in 2016, as we’ve seen, was not a one-off.”

U.S. Senate
Jack Dorsey, CEO and co-founder of Twitter and founder and CEO of Square, speaks at the Consensus 2018 blockchain technology conference in New York City. VOA

In recent weeks, Microsoft reported that it had disabled six Russian-launched websites masquerading as U.S. think tanks and Senate sites. Facebook and the security firm FireEye revealed influence campaigns, originating in Iran and Russia, that led the social network to remove 652 impostor accounts, some targeting Americans. The office of Republican Senator Pat Toomey of Pennsylvania said hackers tied to a “nation-state” had sent phishing emails to old campaign email accounts.

Hacking attempts

Newly reported attempts at infiltration and social media manipulation — which Moscow officially denies — point to Russia’s continued interest in meddling in U.S. politics. While observers say there is no clear evidence of Kremlin efforts to disrupt midterms, it nonetheless appears hackers outside the American political system are probing for a way in.

“What’s interesting about this is that the Russians have shown here that they are not at all partisan in this,” said David Sanger of The New York Times, who first reported on Microsoft’s account of the latest attacks, in which company officials seized website domains created by the Kremlin-linked hacker group known as Fancy Bear or APT28 — the same group that federal investigators and private cybersecurity firms blamed for the 2016 election hack.

U.S. Senate
A sign for Microsoft is seen on a building in Cambridge. VOA

The phony sites, designed to emulate the Hudson Institute and International Republican Institute, surreptitiously routed users to pages built by hackers to steal passwords and log-in credentials. The aim, Sanger said, is to disrupt institutions that challenge Moscow or Russian President Vladimir Putin.

“They are pursuing their own national interests, going after think tanks that have taken positions that the Russians find uncomfortable or threatening, whether it’s the use of sanctions or promotion of democracy or pursuit of kleptocrats,” Sanger told VOA.

The extent to which Microsoft coordinated with federal investigators to thwart the latest attack wasn’t clear, he said.

“I’m not sure whether they gave the government an advance heads up, but the nature of cyber now is that you hear about these [attacks from the] companies before you hear about them from government,” Sanger added.

In recent months, legislators on both sides of the aisle have expressed willingness to regulate how U.S. tech companies safeguard themselves against intrusions. But analyst Ben Nimmo of the Atlantic Council’s Digital Forensic Research Lab says the Microsoft takedown bodes well for the tech sector’s independent ability to prevent attacks.

“This is something we’ve seen over the last couple of months — tech companies have been much more forward-leaning in their attempts to prevent this kind of interference,” Nimmo told VOA.

“We had Microsoft coming out up front and saying we’ve just stopped this attack, and they actually attributed it directly to Fancy Bear, which is very striking that they’re actually confident in making that direct attribution. A couple of weeks ago, we had Facebook coming out and exposing a number of inauthentic accounts, which had some connections with the troll farm in St. Petersburg,” he added, referring to the Internet Research Agency linked to the 2016 U.S. election hack. “About a month before that, we had Twitter coming out and releasing a list of handles that it had traced back to the troll farm.”

A troll farm is a group of people who attempt to create disruption in an online community by posting comments online that are deliberately inflammatory or provocative.

US, European action

With all of the recent activity on the platform side, Nimmo said the question is “what are we going to see on the government level?”

More specifically, what can the West can do in order to pressure the Russian government — and does the West have the political will to do it? If nothing else, the latest attacks are likely to embolden U.S. and European lawmakers to pass additional sanctions.

U.S. Senate
Facebook COO Sheryl Sandberg, seen in this Nov. 3, 2015, file photo, will answer questions about cybersecurity before the Senate Intelligence Committee on Wednesday. VOA

“Although I think we need to fully understand the scope of this activity that Microsoft has reported, it clearly demonstrates that Russia is not in any way pulling back from the techniques that it used in 2016,” said Alexander Vershbow, a distinguished fellow at the Atlantic Council’s Scowcroft Center for Strategy and Security, and a former NATO deputy secretary general.

“If anything, it’s broadening its target to include conservative think tanks and organizations like the Hudson Institute, and so I think you can say right now, at a minimum, it would give momentum to congressional efforts to tighten the sanctions even further,” added Vershbow, who also has been a U.S. ambassador to Russia, South Korea and NATO. “It may also strengthen the hand of administration officials as they consult with Europe in trying to push the Europeans to tighten their sanctions as well.”

Retired Marine General Jim Jones, former national security adviser during the Obama administration, said although sanctions can be effective in the short term, long-term national security depends on safeguarding the cyber infrastructure itself.

“In a not so distant future, the country that first succeeds in reaching complete cybersecurity will be able to cause even more serious disorders,” Jones told VOA. “That’s the essence of cyberwar in our century.”

Also Read: Facebook Complete New Sustainability Project ‘MPK21’

For individuals targeted by foreign hackers, such as the Hudson Institute’s Russian kleptocracy expert Ben Judah, no amount of new sanctions or malware detection will be enough.

“Be careful of what you keep on your computer and on your phone,” Judah told VOA in an extended interview. “Have sensitive information? Use pen and paper.”

Following Wednesday morning’s Senate hearing, Twitter CEO Dorsey will appear solo before the House Energy and Commerce Committee, where he’ll be asked to address allegations of political censorship. (VOA)

Click here for reuse options!
Copyright 2018 NewsGram

Next Story

Account Removal, Information Requests up From India: Twitter

"The number of reports we received from governments of terrorist content decreased by 77 per cent compared to the previous reporting period," said Twitter

0
Twitter, India, Smartphone
Twitter on a smartphone device. Pixabay

The Indian government made information requests for 355 Twitter accounts in the January-June 2018 period while law enforcement agencies in the country asked the micro-blogging platform to remove 237 accounts for violating the law of the land.

According to Twitter’s 13th biannual Transparency Report, the company provided some information to the Indian government in 11 per cent of cases.

“Twitter withheld two accounts and 23 Tweets in response to a legal demand from the Ministry of Electronics and Information Technology (MEITY) under Section 69A of the India Information Technology Act, 2000, for propagating objectionable content,” the company said in the report late Thursday.

When it comes to legal requests (including 9 requests in the form of court order) from India, 19 accounts and 498 Tweets were withheld as per the rules.

In total, Twitter met the legal demands to withhold some content from India in 5 per cent of the cases.

“Governments (including law enforcement agencies), organisations chartered to combat discrimination, and lawyers representing individuals are among the many complainants that submit legal requests,” said Twitter.

In July-December 2017, the Indian government made information requests for 315 Twitter accounts and law enforcement agencies had asked the social network to remove 144 accounts.

Globally, Twitter received 10 per cent more government information requests (combined emergency disclosure requests and non-emergency requests), which is the largest percentage increase since its July-December 2015 report.

“The latest report shows that Twitter received approximately 80 per cent more global legal demands, impacting more than twice as many accounts compared to the previous reporting period.

Twitter CEO
Twitter on a smartphone device. VOA

“Similar to the last reporting period, roughly 87 per cent of the total global volume originated from only two countries: Russia and Turkey,” Twitter said.

For the first time, Twitter published metrics pertaining to its actions to fight spam and other malicious forms of automation.

“We challenge millions of potentially spammy accounts every month, requesting additional details, like email address and phone numbers to authenticate them. From January to June, 2018, approximately 75 per cent of accounts challenged ultimately did not pass those challenges and were suspended,” informed the company.

The average number of reports it received through reporting flow continued to drop — from an average of approximately 868,349 in January to approximately 504,259 in June.

“These report decreases indicate the effectiveness of our proprietary built technology in proactively identifying and challenging accounts at source and at scale,” said Twitter.

In the same period, Twitter suspended 487,363 accounts for violations related to child sexual exploitation.

Also Read- U.S. Welcomes Pakistan’s Actions Towards Peace in Afghanistan

Nearly 97 per cent of these accounts were proactively flagged by a combination of technology, including PhotoDNA, and other purpose-built internal proprietary tools.

Twitter also suspended a total of 205,156 accounts flagged for promoting terrorism. Of those suspensions, 91 per cent consisted of accounts that were proactively flagged by internal, proprietary tools.

“The number of reports we received from governments of terrorist content decreased by 77 per cent compared to the previous reporting period,” said Twitter. (IANS)