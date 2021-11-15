The report from the Aspen Institute think tank's Commission on Information Disorder urges a surge in federal funding to combat the sort of conspiracy theories promoted by former president Donald Trump and his allies.
Given the new attacks on democracy, election officials need to be given more resources and more communication capabilities, Chris Krebs, one of the co-chairs of the commission, told me.
“Even if elections are 100 percent bulletproof, there’s still plenty of opportunity for the bad guys to stoke fear and doubt," Krebs said.
During the 2020 election, Krebs led the Cybersecurity and Infrastructure Security Agency, which was the lead government agency working on election security. Trump fired him by tweet partly for disputing baseless claims that the election was rigged.
Other co-chairs of the commission are longtime TV journalist Katie Couric and Rashad Robinson, president of the advocacy group Color of Change. The election security recommendations are part of a broad report that covers disinformation related to public health, climate change and a slew of other topics.
Fraud claims
Here’s the crux of the problem: Election officials have spent roughly $1 billion making elections more secure against hacking and other manipulations since 2016. But that hasn’t protected the public against a wave of phony claims aimed at degrading faith in the electoral process.
The commission treats election security and girding the public against phony election interference claims as basically two sides of the same coin.
Here are its three big priorities:
- Helping state and local election officials counter phony claims about election improprieties
- Educating voters about what well-run elections are supposed to look like so they won’t be easily conned by conspiracy theorists with false or misleading claims
- Funding nationwide implementation of post-election audits that are designed to maximize public assurance that all votes were recorded accurately
State and local officials should also consider devoting any leftover federal election security money from before this year to combating misinformation, the commissioners write.
Money, money, money
The report doesn’t put a dollar figure on how much Congress should spend on election security and combating disinformation.
Krebs declined to provide a dollar figure during our interview but listed two big priorities:
- The money should ensure the retirement of all voting machines that still lack paper voting records. Such machines are used by less than 10 percent of voters, but analysts say they’re the least secure because it’s impossible to verify votes weren’t changed by hackers or other means.
- The funding should arrive on a regular basis so states and localities can factor it into their own spending decisions rather than in sporadic lump sums whenever Congress can manage it.
Getting money out of Congress will be a tall order.
Election security funding has been a flashpoint for partisan conflict since the 2016 election was marred by Russian interference.
Big picture: Democrats sought up to $4 billion and strict security standards for how state and local officials must run elections. Between 2018 and 2020, they settled with Republicans on about $1 billion in election grants with no strings attached. In addition to election security, the money went to ensuring safe voting during the coronavirus pandemic.
Neither party has backed down from those positions so a compromise on additional funding will be highly difficult.
Another big problem
Supporters of Trump’s false election claims are running for top election official positions in numerous battleground states. That raises the specter that officials in charge of knocking back election conspiracy theories could be spouting them instead.
Such officials might also accede to the sort of demands to undermine election results that Trump made in 2020 and that Republican secretaries of state resisted.
“They are promoters of the big lie, and I think there's a significant risk that they’re in a position [if] they’re administering the elections, that they've got their hand on the levers and…may be able to influence an outcome,” Krebs said.
The keys
A hacker sent thousands of fake cyberattack alerts from an FBI email address
The phony emails targeted thousands of recipients and could have prompted widespread panic — but suspicious wording made them relatively easy to identify as fake. The FBI blamed the attack on a “software misconfiguration” on an FBI website.
The hackers didn’t appear to have plans to use the vulnerability more destructively. “Cybersecurity experts said the fact that the email didn’t include any malicious attachments could indicate the hackers stumbled across a vulnerability in the FBI portal and didn’t have a particular plan to exploit it,” my colleague Rachel Pannett writes.
A hacker using the name “pompompurin” took responsibility for the hack, telling journalist Brian Krebs that they sent the emails to expose the vulnerability on the FBI website, not for any personal gain. The hacker made the dubious claim the vulnerability could not have been discovered or exposed without breaking the law.
“I could’ve 1000% used this to send more legit looking emails, trick companies into handing over data etc.,” Pompompurin told Krebs. “And this would’ve never been found by anyone who would responsibly disclose, due to the notice the feds have on their website.”
The hacker wasn’t able to “access or compromise any data or [personally identifiable information] on the FBI’s network,” the FBI said. It fixed the website flaw and warned its partners about the emails, it said.
Wall Street traders are raising alarms about NSO Group
Traders are increasingly worried that the embattled spyware company isn’t financially sound enough to pay off its debts, people familiar with the trading told Bloomberg’s Davide Scigliuzzo. The company owes around $300 million.
The report is another major blow for the company, which is reeling from a U.S. government blacklisting. An investigation by The Washington Post and 16 media partners found NSO's government clients routinely used its Pegasus spyware to target journalists, activists and business executives.
NSO faces headaches on several other fronts:
- Former telecom executive Isaac Benbenisti resigned as NSO's CEO before his first day, citing the “special circumstances that have arisen” in the wake of the U.S. sanctions.
- NSO faces pressure from Palestinian activists and diplomats who say they were targeted with Pegasus.
U.S. authorities accuse Russian entrepreneur of money laundering for the Ryuk ransomware group
Dutch police arrested Denis Dubnikov on a U.S. charge of conspiring to launder money for Ryuk, the Wall Street Journal’s Robert McMillan and Kevin Poulsen report. The Justice Department has asked Dutch authorities to send him to the United States for trial, they report.
Dubnikov’s arrest is the first by law enforcement authorities in connection with Ryuk, a notorious ransomware gang that has targeted U.S. hospitals. He “is accused of receiving more than $400,000 in bitcoin out of the millions paid to the Ryuk gang,” McMillan and Poulson write. The Justice Department declined to comment.
Dubnikov was denied entry into Mexico during an attempted vacation and Mexican authorities sent him to the Netherlands, The Record’s Catalin Cimpanu reports. Dubnikov’s lawyer, Arkady Bukh, accused the FBI of having “kidnapped” Dubnikov, telling Russia’s state-owned Sputnik news agency that “US intelligence services … put him on a plane to the Netherlands and sent him there having paid for his ticket.” Dubnikov “will be pleading not guilty because he had no knowledge of someone engaging in criminal activity,” Bukh told the Journal.
