Welcome to Codebook, the cybersecurity newsletter that just sort of assumes you know all the lyrics to "Threepenny Opera" (see below).
Russian President Putin appears on a computer screen in a 2006 live webcast. Photo: Denis Sinyakov/AFP via Getty Images
According to a Washington Post report (and confirmations in Russian media), U.S. Cyber Command disrupted the internet access of Russia's Internet Research Agency on Election Day in 2018 — a clear attempt to send a message to the so-called "troll farm" to back off.
Why it matters: The gambit is a public example of the Defense Department's new "defending forward" emphasis in cyber defense, which aims to enter foreign networks to disrupt potential attacks.
The big question: Does sending signals this way work? Experts from intelligence, national security and academia seem to think it's at least worth a chance.
The big picture: The IRA hackers are Russia's most prominent purveyors of social media misinformation. But they work year-round, election years and not.
Yes, but: There are multiple unknowns on both sides of the message.
What's next: With cyber activities, it's hard to gauge what will provoke a response and what kind of response that would be.
Business email compromise? BEC scams convince organizations to transfer money to criminals, thinking they are transferring money to creditors.
Scarlet Widow is now targeting 30,000 individuals in 13,000 organizations across 12 countries — though most of the targets are U.S.-based, and most of nearly all the remainder are in the U.K.
Sergiy Usatyuk of Oak Park, Illinois, pleaded guilty to orchestrating millions of server-crashing distributed denial-of-service (DDoS) attacks for hire.
DDoS attacks overload servers with so much traffic that they collapse.
Details: Usatyuk and a co-conspirator operated a number of different DDoS-as-a- service websites (often called "stressers" or "booters").
Voters cast their ballots, Las Vegas, Nevada, Nov. 8, 2016. Photo: Ethan Miller/Getty Images
At a hearing yesterday, Rep. Mike Quigley (D-Ill.), chair of the House Appropriations Committee's subcommittee on financial services and general government, argued for the necessity of a Democratic plan to increase elections funding.
Background: Democrats want to add more than $1 billion to election security efforts as part of a broader election security push, beyond the $380 million distributed to upgrade systems last year.
What they're saying: "We saw an overwhelming demand for assistance. Every single state and eligible territory requested grant funding, and the Election Assistance Commission has disbursed every single dollar of the $380 million," said Quigley, according to the official transcript.
During his press conference with North Korean leader Kim Jong-un, President Trump said he took the Pyongyang dictator "at his word" that Kim didn't know about a U.S. prisoner allegedly tortured into a vegetative state in a North Korean prison.
Why it matters (to cybersecurity): This is largely the same reasoning that Trump used to deny Russia was involved in election hacking during the 2016 election after a summit with Vladimir Putin: "They said they think it’s Russia. I have President Putin; he just said it’s not Russia.”
Our thought bubble: Trump was skeptical about the Russia attribution before the summit, but the similarity suggests a broader pattern of behavior. While the president's critics argue that Trump's Russia comments reveal a fealty to Russia, maybe, just maybe, the comments show Trump's willingness to take even reviled figures at their word after they speak to him face to face.