With help from Eric Geller and Martin Matishak
Editor’s Note: Morning Cybersecurity is a free version of POLITICO Pro Cybersecurity’s morning newsletter, which is delivered to our subscribers each morning at 6 a.m. The POLITICO Pro platform combines the news you need with tools you can use to take action on the day’s biggest stories. Act on the news with POLITICO Pro.
— Some states plan to use election security grants to prepare for coronavirus-related expenses like an expansion of vote-by-mail, while some aren’t sure yet.
— Bug bounty platform HackerOne and mobile voting app Voatz have split up, with HackerOne saying the Voatz program didn’t meet its standards.
— President Donald Trump extended the state of emergency over cyberattacks.
HAPPY TUESDAY and welcome to Morning Cybersecurity! At least some of our favorite musicians are stuck at home making music for us…? Send your thoughts, feedback and especially tips to [email protected]. Be sure to follow @POLITICOPro and @MorningCybersec. Full team info below.
VIRUS ALTERS STATES’ HAVA GRANT PLANS — With the coronavirus pandemic severely taxing state budgets nationwide, some election officials are considering using their recently received election security grants for virus-related election preparations. Three states — Rhode Island, Tennessee and West Virginia — confirmed to POLITICO that they are using some of the Help America Vote Act funds approved in March 2018 and December 2019 to modify their election plans to account for the coronavirus. Two states — Delaware and New Mexico — said they were likely to do so, while 15 others said they were still evaluating their funding needs.
Russian interference in the 2016 election prompted lawmakers to twice appropriate funds to help states address what experts called the most serious threat to American democracy. But with the coronavirus outbreak now threatening the fundamental mechanics of voting, election officials face an even more serious menace — and they’re scrambling to allocate resources accordingly. The Election Assistance Commission recently told states that they can use the security grants for coronavirus-related expenses, such as mail-in balloting, buying protective equipment for poll workers and disinfecting voting machines.
“We are tapping into the funds to assist with what will now be a predominantly mail ballot election,” said Nick Domings, a spokesperson for Rhode Island Secretary of State Nellie Gorbea. He said Rhode Island might need to tap both tranches of election security money plus its share of the $400 million in the latest coronavirus relief bill “to cover unanticipated 2020 elections costs due to the coronavirus.” Julia Bruck, a spokesperson for Tennessee Secretary of State Tre Hargett, said the Volunteer State would likely use both election security grants. West Virginia is “using what we had left [from] 2018,” said Michael Queen, a spokesperson for Secretary of State Mac Warner.
Even these three grants may not be enough for some states. “We don’t anticipate those funds covering everything we’ll need,” said Alex Curtas, a spokesperson for New Mexico Secretary of State Maggie Toulouse Oliver, “and so we may also need some help from state funding.”
BREAKING UP IS HARD TO DO — The bug bounty platform HackerOne has severed its relationship with mobile voting app Voatz, the company confirmed to MC on Monday. Before CyberScoop first reported the news, there were signs that the relationship might be defunct.
“We partner with organizations that prioritize acting in good faith towards the security researcher community and providing adequate access to researchers for testing,” a HackerOne spokesperson said. “While Voatz was able to surface and resolve vulnerabilities through their bug bounty program, we decided to discontinue our partnership. The program ultimately did not adhere to our partnership standards and was no longer productive for either party.”
Voatz criticized a recent MIT study on vulnerabilities in its app. Voatz CEO Nimit Sawhney told MC the split with HackerOne was mutual, and that it was moving its bug bounty program in-house. He blamed pressure from a small group of security researchers to discredit Voatz for making the existing circumstances unworkable. He said there were false allegations that Voatz reported a researcher to the FBI; he said the company in 2018 reported attempts to break into a live system to West Virginia, where it was conducting a pilot, and the state notified the FBI.
A FIVE-YEAR EMERGENCY — The White House announced on Monday that President Donald Trump would re-up the national emergency first declared in 2015 in response to cyberattacks. “These significant malicious cyber-enabled activities continue to pose an unusual and extraordinary threat to the national security, foreign policy, and economy of the United States,” reads a notice in the Federal Register set for publication today. “For this reason, the national emergency declared on April 1, 2015, must continue in effect beyond April 1, 2020.”
President Barack Obama initiated the order to expand the Treasury Department’s authority to sanction those responsible for cyberattacks or cyber espionage. He updated the executive order before departing office in 2016.
WFH, SYB — A coalition of 13 nonprofits launched a public awareness campaign to help people work from home securely. The Work From Home, Secure Your Business campaign will offer guidance, tools and instructions for businesses to reduce the cyber risk of their remote workforce. The organizations are the Cyber Readiness Institute; Cyber-Sicherheitsrat Deutschland e.V./German Cyber-Security Council; Bestyrelsesforeningen/Danish Board Leadership Society; Cybercrime Support Network; APWG; APWG.eu; CyberGreen; Cyber Threat Alliance; Aspen Digital, a program of the Aspen Institute; Adaptable Security; Scottish Business Resilience Centre; Telecommunications UK Fraud Forum; and Global Cyber Alliance.
“Our aim is to provide a unified voice to guide people to put better security in place as they work in a remote environment,” said Philip Reitinger, president and CEO of the Global Cyber Alliance. “While many corporations and government agencies have security protocols and teams of people in place, smaller businesses are not equipped to do that.”
ICANN’T — The compliance procedures of ICANN, the nonprofit that coordinates internet domain names, are failing, making it easier to carry out cybercrime in the age of Covid-19, a report out this morning from Interisle Consulting Group concludes. “ICANN’s recent policies have unnecessarily deprived good actors of those data points they need,” reads the report. “ICANN’s ‘Temporary Specification’ of 2018 allowed registrars to redact contact data for any domains.” Therefore, “One of the effects of that policy is that … malicious domains are not being identified as quickly as before, and some malicious registrations are not being detected at all.”
FORKING HELL — More than 40 million user records for a third-party version of the messaging app Telegram used in Iran were left exposed online, Comparitech and security researcher Bob Diachenko said Monday. The 42 million user IDs, user names, phone numbers, and hashes and secret keys were up for 11 days, and at least one person had posted the information in a hacker forum. Third-party “fork” versions of Telegram are used in Iran, as the app is banned there.
“Not only does it reveal who in Iran uses Telegram (or a Telegram fork), it also opens them up to attack,” Comparitech said in a blog post, highlighting SIM swap attacks. “Affected users could also be at risk of targeted phishing or scams using the phone numbers in the database.” Hackers in 2016 also compromised information on 15 million Iranian Telegram users.
ZOOM ZOOM ZOOM — Hackers are spoofing Zoom domain names to target people working from home, cybersecurity firm Check Point Research said in a blog post Monday. “During the past few weeks, we have witnessed a major increase in new domain registrations with names including ‘Zoom,’ which is one of the most common video communication platforms used around the world,” according to Check Point. Over 1,700 new domains with the word “zoom” have been created since the start of the year, with 25 percent in the past week alone. Of those, 4 percent have been found to have “suspicious characteristics.” Hackers are also distributing phony Zoom installation files that could lead to additional malicious software infecting user computers.
TWEET OF THE DAY — Hahahahahaha *crying*
RECENTLY ON PRO CYBERSECURITY — Cyber criminals are scooping up domain names related to coronavirus. … China and Russia expanded their use of GPS jamming and spoofing last year, according to the Center for Strategic and International Studies.
— The New York Times: The New York attorney general is questioning Zoom over its privacy and data security practices.
— The New York Times: “Tech Giants Prepared for 2016-Style Meddling. But the Threat Has Changed.”
— CyberScoop: The FBI is turning to insurance companies for ransomware data.
— CyberScoop: The FBI also arrested a Russian man, accusing him of laundering money for a cyber criminal gang.
— TechCrunch: A voter contact and canvassing company, used exclusively by Republican political campaigns, mistakenly left an unprotected copy of its app’s code on its website for anyone to find.
That’s all for today.
Stay in touch with the whole team: Eric Geller ([email protected], @ericgeller); Bob King ([email protected], @bkingdc); Martin Matishak ([email protected], @martinmatishak); and Tim Starks ([email protected], @timstarks).
#rhoa #maatiedtomedicine #couplescourttv @couplescourttv #gregoryevans #dating #datingscams #onlinedating #romance #romancescams #sexoffenfer #fakeprofile #fakeprofiles #boyfriends #cheaters #cheatingwife #swingers #swingercouple #pof #fakeprofile #cheatinghusband #scams #love #lovescams #worsedates #sex #ncs #metoomovement #metoo #muterkelly #activist #metoo #donaltrump #sextrafficking