Pages

Search This Blog

Translate

Search Tool




Jun 1, 2020

Analysis | The Cybersecurity 202: Protest goes online in Minneapolis as city, police websites hit by cyberattacks

By Joseph Marks


with Tonya Riley

The clash is now online in Minneapolis.
Cyberattacks struck city government and law enforcement computers as mass anger over the killing of George Floyd, a black man who died after a Minneapolis police officer pressed his knee into his neck, led to major protests there.
The operation, known as a denial of service attack, rendered websites for Minneapolis police and some city agencies inaccessible for hours by overwhelming them with a flood of web traffic. A similar attack struck state computer systems but was less effective.
The attacks demonstrate how hacker activists who are willing to skirt the law can frequently amplify protests against police and government. The sometimes-violent protests and clashes with police led to thousands of arrests in cities across the nation, including Washington and Atlanta.
“When a police website goes down, that’s flashy and it communicates something emotional,” M.R. Sauter, an assistant professor at the University of Maryland who wrote a 2014 book about denial of service attacks and digital activism, told me. “This is a type of protest theater, which is what a lot of street [protest] actions are. It’s just online.”
Sauter acknowledged that while some digital activism can go too far – and end up limiting the free flow of information to the public or impede police work – the Minneapolis attack was more acceptable because it communicated public anger at the police and local officials without seriously endangering anyone.
It doesn’t stop the police from doing normal operations or from communicating necessary things with the public,” Sauter said. “People rarely use homepages for necessary communications that don’t have a backup.”

People use their phones to record the police during a protest in response to the police killing of George Floyd . (Photo by Elijah Nouvelage/Getty Images)
Coronavirus is amplifying concerns about digital attacks hurting public access to information.  
The loss of city and police websites – even if temporary – could surge public anxiety, which is already high after days of protests, violence and property destruction. Especially if cyberattacks continue.
“We as a society have been rightly protesting these agencies but we also depend on them for public safety and we’ve got to be careful about that,” said Hardik Modi, an associate vice president at the cybersecurity firm NetScout who focuses on denial of service attacks.
People also might feel more anxious about a website going down now since the pandemic has made everyone far more dependent on the Internet. “With everyone working and studying from home, it’s especially impactful to lose access to services,” Modi said. “This [website] is a key means of disseminating information and they lost it for some period of time."
Denial of service attacks have become increasingly common component of protests against police brutality. 
Hackers used such attacks in 2014 to take down police websites in Ferguson, Mo., after the police shooting of Michael Brown, an unarmed black teenager.
Another denial of service attack in 2015 took down local government sites in Baltimore after Freddie Gray, a black man, died after suffering a spinal injury while riding in the back of a police van.
Launching such attacks also carries heavy criminal penalties. Last year, for example, a man was sentenced to six year in prison for launching denial of service attacks against city government and police websites in Akron, Ohio.

A protester uses his phone during a rally against the death in Minneapolis police custody of George Floyd, in Washington, D.C., U.S. May 31, 2020. REUTERS/Jonathan Ernst
Denial of service attacks are common largely because they’re incredibly easy to launch.
Minnesota Gov. Tim Walz (D) described the attack on state computers as “very sophisticated” and “not somebody sitting in their basement.” But, in fact, such attacks require little skill. That's largely because the perpetrators don't have to actually hack into any computer or websites, just pummel them with web traffic.
In most cases, people who organize the attacks simply pay nefarious online groups to launch them – usually using the computing power from thousands of hacked computers whose users don’t realize they’ve been compromised.
There have been some instances of prominent and damaging denial of service attacks, such as a 2007 attack on Estonian government computers that's often attributed to Russia and a 2012 attack on U.S. financial systems that officials blamed on Iran. But cybersecurity pros have become far better at defending against such attacks in recent years.
These attacks are extraordinarily unsophisticated,” Robert Graham, owner of the cybersecurity firm Errata Security, told me. “Within a minute you can take down someone's website.”
Such attacks often seem sophisticated to victims because they lacked digital protections that could have prevented or mitigated them, Graham said on Twitter.
The "sophisticated" cyber attack is a cliche, a trope, used to disguise the victim's own ineptness. It's not us that is so stupid, but them that is so sophistimicated.
— Robᵉʳᵗ Graham😷 (@ErrataRob) May 31, 2020
It’s also often very easy for victims to recover from denial of service attacks, evidenced by the fact the Minneapolis Police Department came back online so quickly.
“It’s a form of protest but it's not a very effective one,” Graham said.
No groups have officially taken credit for the Minnesota attacks.
Social media sites affiliated with the hacktivist collective Anonymous, however, have threatened retribution against Minneapolis police. They also pledged to “intervene if and when it becomes necessary” after President Trump claimed he will label the far-left “antifa” movement as a terrorist group. “Trump cannot, for practical and legal reasons, formally designate antifa a terrorist organization, and neither he nor his attorney general has made public specific evidence that the far-left movement is orchestrating the fiery protests that have erupted in dozens of U.S. cities,” my colleagues Matt Zapotosky, Robert Klemko and Jacqueline Alemany report.
And because denial of service attacks are so easy, the list of possible perpetrators is nearly endless. 
“Anyone upset about [the Floyd killing], which is millions of people could push a button and do this,” Graham said.

The keys
The NSA accused a Russian military unit of running a global hacking campaign in a rare public rebuke.

 National Security Administration (NSA) campus  (AP Photo/Patrick Semansky, File)

The move suggests the National Security Agency may be getting more aggressive in countering Russian hacking as the 2020 election approaches, Julian Barnes and David Sanger at The New York Times report.
The alert focused on the same military intelligence unit that intelligence officials say was responsible for  hacks against the Democratic National Committee and the Hillary Clinton campaign in 2016. The agency did not disclose any victims of the hacking campaign, which targeted email servers, but said it began in August 2019. A fix for the bug the Russian hackers exploited was issued 11 months ago but hackers are still attacking systems that haven't been updated with the fix, the NSA says.
Investigators knocked down Georgia Gov. Brian Kemp's accusations that Democrats hacked state voter registration systems.

Atlanta Gov. Brian Kemp, left, joins Vice President Mike Pence at a roundtable discussion with restaurant executives at the Waffle House Headquarters, Friday, May 22, 2020, in Atlanta. (John Spink/Atlanta Journal-Constitution via AP)

Kemp (R) accused the Democratic party of hacking the systems two days before the 2018 election. But an investigation found Kemp, who was the state’s top election official at the time, “mistook planned security tests and a warning about potential election security holes for malicious hacking,” The Atlanta Journal-Constitution and ProPublica report.
The state investigator's report shows there was no "evidence of damage to (the secretary of state’s office’s) network or computers, and no evidence of theft, damage, or loss of data."
The suspicious Internet activity Kemp's office described was a scan by the Department of Homeland Security that Kemp's office had agreed to three months earlier. The investigation also confirmed that the state's voter information page had  a significant security hole that Kemp's office has never publicly acknowledged.
The computer chip industry is using coronavirus tensions between the United States and China to push for billions in government funding. 

U.S. President Donald Trump and China's President Xi Jinping (not shown) make a joint statement at the Great Hall of the People on November 9, 2017 in Beijing, China. Trump is on a 10-day trip to Asia. (Photo by Thomas Peter-Pool/Getty Images)

Proposals from an industry trade group include billions in subsidies for a new chip factory, aid for states looking to attract industry investment and increased research funding, the Wall Street Journal reports
China hawks have pointed to the semiconductor industry as key to reducing U.S. companies' reliance on Chinese hardware that could be used for government spying. The White House and lawmakers from both parties have introduced plans that would boost government spending on the industry.
Last month the White House moved to block overseas sales of chips produced with U.S. technology to Huawei and other Chinese firms that represent national security risks.

Global cyberspace

North Korea called U.S. allegations it conducts cyberattacks a smear tactic.  

A directional sign showing the distance to North Korea's Kaesong city and South Korea's capital Seoul (AP Photo/Lee Jin-man)

Pyongyang officials also accused the Trump administration of using the allegations as leverage in stalled denuclearization talks, Reuters reports. U.S. officials have accused North Korean government hackers of digitally stealing money from banks and ATMs in order to help fund the government.
“We want to make it clear that our country has nothing to do with the so-called ‘cyber threat’ that the U.S. is talking about,” North Korea’s Foreign Ministry said.
More international news:
Germany's foreign ministry called in the Russian ambassador in Berlin on Thursday to complain "in the strongest possible terms" about a hack attack on the German lower house of parliament in 2015 and discuss possible sanctions against those responsible.
Reuters

Government scan

Washington state has recovered $300 million in fradulent coronavirus unemployment benefit claims.

In this May 27, 2020, photo, thermometers, gloves, and cleaning swabs sit on a table at the entrance (AP Photo/Ted S. Warren)
The state has not disclosed how much it paid on the claims from criminals who used stolen personal information, the Associated Press reports.
More government and legal news:

A weeks-old policy about virus misinformation laid the groundwork for the social platform’s steps this past week to push back on the president’s posts.
https://www.facebook.com/georgia.e.wells

Daybook

  • The House Homeland Security Committee will host a panel “Election Security and Integrity During a Pandemic” at 3 p.m. today.
  • George Washington University’s Institute for Data, Democracy, and Politics will host a virtual forum on covid-19 and social media disinformation on June 16 at 10 a.m.

Secure log off

A silver lining from this weekend: SpaceX safely landed two astronauts on the International Space Station.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.