Hackers are targeting Senators' and staffers' personal email accounts, and Senator Ron Wyden (D-OR) is asking the Senate's security office for help.
Wyden ... said in a Wednesday letter to Senate leaders that his office discovered that “at least one major technology company” has warned an unspecified number of senators and aides that their personal email accounts were “targeted by foreign government hackers.”
On Thursday, Google spokesman Aaron Stein confirmed that his company had notified the Senate targets.
Neither Stein nor Wyden provided any indication as to who might be behind the attempted break-ins, whether they targeted lawmakers from both political parties or their timing, though a Senate staffer said they occurred “in the last few weeks or months.” ...
(...)
Wyden noted that the Office of the Sergeant at Arms , which oversees Senate security, had informed legislators and staffers that it has no authority to help secure personal, rather than official, accounts.
“This must change,” Wyden wrote in the letter. “The November election grows ever closer, Russia continues its attacks on our democracy, and the Senate simply does not have the luxury of further delays.”
Wyden has proposed legislation that would allow the security office to offer digital protection for personal accounts and devices, the same way it does with official ones.
(...)
“The personal accounts of senators and their staff are high-value, low-hanging targets,” [Thomas Rid, a cybersecurity expert at Johns Hopkins University] wrote [in a letter to Wyden last week]. “No rules, no regulations, no funding streams, no mandatory training, no systematic security support is available to secure these resources.”
Attempts to breach such accounts were a major feature of the yearlong AP investigation into Fancy Bear that identified hundreds of senior officials and politicians — including former secretaries of state, top generals and intelligence chiefs — whose Gmail accounts were targeted.
The AP notes there is something the Senate Office of Sergeant at Arms could do right now to help.
Boosting protection in the Senate could begin with the distribution of small chip-based security devices such as the YubiKey, which are already used in many secure corporate and government environments, [University of Texas cybersecurity fellow and former British intelligence official Matt] Tait said. Such keys supplement passwords to authenticate legitimate users, potentially frustrating distant hackers.
Cybersecurity experts also recommend them for high-value cyber-espionage targets including human rights workers and journalists.
“In an ideal world, the Sergeant at Arms could just have a pile of YubiKeys,” said Tait. “When legislators or staff come in they can (get) a quick cybersecurity briefing and pick up a couple of these for their personal accounts and their official accounts.
As current members of Congress look to protect themselves from cybercrime, another case of digital election interference has emerged in California. Denial of Service (DDoS) attacks took down California Democratic candidate Bryan Caforio’s website at four key moments during his campaign to challenge incumbent Republican Steve Knight (CA-25).
According to emails and forensic data obtained by Rolling Stone and reviewed by cybersecurity experts, the four times Caforio’s website crashed were not the result of organic blasts of traffic from a news story or a Facebook link. Nor were they random flukes. Caforio, experts say, appears to be the victim of repeated distributed denial of service, or DDoS, attacks. A DDoS attack is when a burst of bogus traffic overwhelms a website and temporarily cripples it ...
It’s unclear who was behind the attacks on Caforio. A source close to the campaign provided emails showing that they’d reported the incidents to the Department of Homeland Security, which handles complaints about DDoS attacks. A DHS employee sent the campaign a primer on DDoS attacks and offered to help investigate, but the campaign never responded to the request, according to a DHS spokeswoman.
(...)
Emails obtained by Rolling Stone show that Caforio’s website was down for a total of 21 hours over the course of the primary. Even after the campaign added DDoS protection to the site, it created a lag for anyone trying to visit, which could’ve turned away more people. A source close to the campaign refused to blame Caforio’s narrow loss on the DDoS attacks but believes it made a difference in Caforio’s final vote tally. “For us, when he loses by 2 percentage points, everything matters.”
Caforio’s experience is yet another chapter in the ongoing story of cyberattacks in the 2018 midterm elections. Rolling Stone reported last month that the FBI had investigated a series of hacking attempts targeting a Democratic candidate in Southern California who had run against Rep. Dana Rohrabacher (R-CA), widely seen as the most pro-Russia and pro-Putin member of Congress. Reuters reported several days later that the FBI had also examined an attack on another Southern California Democrat who had run in a nearby congressional district. And in July, the Daily Beast revealed that Sen. Claire McCaskill (D-MO), who faces a difficult reelection bid this year, had been targeted by Russian hackers in 2017, around the same time President Trump had urged Missouri voters to “vote her out of office.”
The attacks on Caforio appear to be the first reported instances of DDoS attacks on a congressional candidate. But cybersecurity experts say that DDoS attacks are a growing threat for political campaigns, parties and committees.
(...)
“As I saw firsthand, dealing with cyberattacks is the new normal when running for office, forcing candidates to spend time fending off those attacks when they should be out talking to voters,” Caforio tells Rolling Stone.
(...)
The attacks on Caforio are the third reported instance of attacks happening in a competitive congressional race in Southern California. Eight of DCCC’s 84 “Red to Blue” races are located in California, more than any other state in the country. Democrats need a strong showing in Southern California if they have any hope of winning back the House in November.
New Documents Reveal Yet Another California Democratic Cyberattack (Rolling Stone)
State-backed hackers target Gmail of US senators, aides (AP)