Welcome to Codebook, the cybersecurity newsletter that was once again overlooked for "Outstanding Actress in a Drama Series."
Tips? Hit reply to this very email.
Photo: Justin Sullivan/Getty Images
Cybersecurity firm Cybereason will host on Thursday a unique tabletop experiment on election security from its Boston headquarters. Some players will represent a hacker group trying to disrupt the election, while others will play city emergency responders trying to stop it. But these play-hackers won't be allowed to attack the election itself — they will have to disrupt it by disrupting the city, finding ways to keep people from voting.
Why it matters: There are dozens of ways to interfere with an election without touching voting equipment, ranging from causing traffic jams to blasting air conditioning in a polling place on an already cold day. Nearly all of our attention to election security has focused on attacks Russia has already tried or on the most obvious target — the voting machines themselves. But the next wave of attacks won't play by the rulebook we expect bad guys to use.
Tabletop exercises are group games that are sort of like a two-team Dungeons & Dragons — no computers, just paper and brains. It's an interesting scenario to play out in your head. What needs to happen ...
Handicapping the race: These war games split players into a red team of attackers and a blue team of defenders. "I would say the blue team has a fighting chance, but I wouldn’t put it greater than 50%," says Ross Rustici, Cybereason's senior director of intelligence services.
The Netherlands announced Friday it had deported two Russian intelligence agents for attempting to hack the laboratory testing the poison used against former Russian spy Sergei Skripal and his daughter Yulia.
The attack was reported Friday by Joep Dohmen of the Dutch newspaper NRC Handelsblad and by Thomas Knellwolf and Titis Plattner of the Swiss newspaper Tages Anzeiger (and reported on in English by Sean Gallagher of Ars Technica on Monday).
The details: The attempted hack against the Spiez Laboratory allegedly took place this spring as the lab was investigating whether Skripal had been poisoned using a Russian-specific nerve agent.
Symantec is asking websites likely to be mimicked for phishing attacks or to propagate false information, particularly election-related websites, to contact the security firm about a newly public anti-phishing initiative.
The details: Project Dolphin stops Symantec product users from falling for phishing scams through an AI system trained to detect visually similar fake websites.
Dolphin has been an internal tool at Symantec for a while, but it will now accept public submissions of sites to check.
What they're saying: "We named it Project Dolphin because we were trying to take down a lot of phishing scams," Eric Chien of Symantec's Security Technology and Response team told Codebook. "Dolphins eat a lot of fish."
Georgia Secretary of State Brian Kemp celebrates a primary win for governor earlier this year. Photo: Jessica McGowan/Getty Images)
U.S. District Judge Amy Totenberg ruled Monday evening that Georgia would not have to change its paperless balloting system in time for November's elections, but not before saying that state officials had "burried their heads in the sand" about the issue.
The ruling provides a temporary end to a lawsuit demanding Georgia overhaul its voting system over security concerns — though the ruling notes there will likely be an appeal.
What was at stake: Georgia relies on direct-recording electronic (DRE) voting — touch-screen voting machines that do not produce a paper record of votes. Experts agree that these systems are less secure than systems that produce a paper record, as paper records give a chance for recount on a medium that cannot be hacked.
Totenberg agreed with the plaintiffs that Georgia's voting system was dangerously insecure against hacking. But she also noted the catch-22 that changing the voting machines in September for an election in November would be chaotic.
Researchers at Kaspersky Lab tabulate that so-called "internet of things" devices (basically everything connected to the internet that isn’t a traditional computer) face an alarming growth of new malware.
The numbers: In all of 2017, by Kaspersky’s count, IoT devices faced a little more than 30,000 distinct modifications of malware. In the first half of 2018, that number grew to 120,000 — a nearly fourfold increase.
Why it matters: IoT devices often have less security than traditional computers, meaning that weaker security is being saddled with the deluge of new attacks.