Welcome to Codebook, a cybersecurity newsletter you signed up for.
Tips? Feel free to hit reply.
Today's Smart Brevity: 1,249 words, <5 minute read
Illustration: Aïda Amer/Axios
State and city election boards have spent the better part of 3 years hardening their systems for a 2020 hacker invasion. Yet all that work may not be enough to keep out ransomware.
Driving the news: On Monday, Reuters was first to report that the Department of Homeland Security would begin helping elections officials prepare for ransomware attacks.
Background: DHS has been aiding local officials since 2016, trying to prevent a repeat of that year’s election interference campaigns.
The big question: Accessing and altering data is technically all that most ransomware does, and the criminals behind ransomware are at least notionally less sophisticated than the militaries and spies that states are gearing up to protect against. So why is ransomware still a problem for elections?
When Russia probed voter databases in 2016, it approached them through the easiest access point — vulnerabilities in web applications that connect to the database. So states concentrated on shoring defenses around the web applications and databases, said Dylan Owen, senior manager for cyber services at Raytheon.
What they’re saying: Homeland Security describes both the databases and the systems retrieving data as potential concerns.
States have made strides in protecting voter databases, but not all states are entirely there yet.
TrickBot, a major player in financial malware, now has the ability to steal phone accounts, too, according to a new report from Secureworks.
Background: TrickBot has traditionally been a financial trojan, a class of malware that sends users to fake login pages for financial institutions to pilfer usernames and passwords.
Teach an old bot new Tricks. The latest version of TrickBot uses the same tactic to swindle mobile phone account usernames and passwords.
My job appears to be secure.
Driving the news: A new report from Juniper Research pegs cyber crime to grow 11% a year over the next 5 years, from $3 trillion to $5 trillion.
Update on telephone primaries (Codebook, Bloomberg): At the beginning of the month, Codebook reported on the potential problems for vote-by-phone caucuses being offered in Iowa and Nevada, part of a Democratic Party national initiative to expand access to the quirky system for primaries.
Facebook faces new election woes (Reuters, Facebook, Axios): Nonprofits funding a series of disinformation studies announced by Facebook threatened to pull their funding after allegedly not receiving all of the data they were promised.
New details to Hexane threat (Secureworks): Secureworks added new information to Hexane, the nation-backed espionage group targeting the oil and gas industry it believes is functioning out of the Middle East. Secureworks calls the group Lyceum.
When do hackers use bots? (Arkose): Arkose, a security firm focused on preventing fake logins, released statistics on attacks on Monday with a few surprising implications.
McAfee logo at McAfee pavilion, during the Mobile World Congress, Barcelona, Spain. Photo: Joan Cros/NurPhoto via Getty Images
Bloomberg reports that McAfee may be headed to an IPO with at least an $8 billion valuation, headed by Bank of America and Morgan Stanley.
$8 billion is a milestone number for the firm, slightly more than former owner Intel paid for the firm. Intel has since spun off the company.