Russian Hackers Hunt Hi-Tech Secrets, Exploiting US Weakness - NBC 10 Philadelphia
National & International News
The day’s top national and international news

Russian Hackers Hunt Hi-Tech Secrets, Exploiting US Weakness

Employees at both small companies and defense giants like Lockheed Martin Corp., Raytheon Co., Boeing Co., Airbus Group and General Atomics have been targeted by the hackers, as the Russians seek to catch up in space

    processing...

    NEWSLETTERS

    How to Protect Yourself From Hackers

    Thursday's news that Yahoo suffered a hack of 500 million of its user accounts may have many people taking a new look at how to keep their own email accounts and personal information secure. One easy way to protect yourself from hackers is by regularly updating your software. "Hackers are always finding new vulnerabilities to exploit," said Consumer Reports Editor Jerry Beilinson. (Published Friday, Sept. 23, 2016)

    Russian cyberspies pursuing the secrets of military drones and other sensitive U.S. defense technology tricked key contract workers into exposing their email to theft, an Associated Press investigation has found.

    What ultimately may have been stolen is uncertain, but the hackers clearly exploited a national vulnerability in cybersecurity: poorly protected email and barely any direct notification to victims.

    The hackers known as Fancy Bear, who also intruded in the U.S. election, went after at least 87 people working on militarized drones, missiles, rockets, stealth fighter jets, cloud-computing platforms or other sensitive activities, the AP found.

    Employees at both small companies and defense giants like Lockheed Martin Corp., Raytheon Co., Boeing Co., Airbus Group and General Atomics were targeted by the hackers. A handful of people in Fancy Bear's sights also worked for trade groups, contractors in U.S.-allied countries or on corporate boards.

    Trump Responds as White House Doctor Withdraws VA Nomination

    [NATL] Trump Responds as White House Doctor Withdraws VA Nomination

    President Donald Trump responded to White House doctor Ronny Jackson's decision to withdraw as a nominee for Secretary of Veteran Affairs, calling allegations of Jackson's workplace misconduct "false accusations."

     

    (Published 5 hours ago)

    "The programs that they appear to target and the people who work on those programs are some of the most forward-leaning, advanced technologies," said Charles Sowell, a former senior adviser to the U.S. Office of the Director of National Intelligence, who reviewed the list of names for the AP. "And if those programs are compromised in any way, then our competitive advantage and our defense is compromised."

    "That's what's really scary," added Sowell, who was one of the hacking targets.

    The AP identified the defense and security targets from about 19,000 lines of email phishing data created by hackers and collected by the U.S.-based cybersecurity company Secureworks, which calls the hackers Iron Twilight. The data is partial and extends only from March 2015 to May 2016. Of 87 scientists, engineers, managers and others, 31 agreed to be interviewed by the AP.

    Most of the targets' work was classified. Yet as many as 40 percent of them clicked on the hackers' phishing links, the AP analysis indicates. That was the first step in potentially opening their personal email accounts or computer files to data theft by the digital spies.

    James Poss, who ran a partnership doing drone research for the Federal Aviation Administration, was about to catch a taxi to the 2015 Paris Air Show when what appeared to be a Google security alert materialized in his inbox. Distracted, he moved his cursor to the blue prompt on his laptop.

    "I clicked on it and instantly knew that I had been had," the retired Air Force major general said. Poss says he realized his mistake before entering his credentials, which would have exposed his email to the hackers.

    Macron Invokes US-France Ties Against Extremism, Nationalism

    [NATL] Macron Invokes US-France Ties Against Extremism, Nationalism

    President Emmanuel Macron of France delivered a striking speech against extremism and nationalism on the floor of Capitol Hill on the last day of his state visit to the United States, invoking ties between the U.S. and France as a call to "liberal order." 

    (Published Wednesday, April 25, 2018)

    Hackers predominantly targeted personal Gmail, with a few corporate accounts mixed in.

    Personal accounts can convey snippets of classified information, whether through carelessness or expediency. They also can lead to other more valuable targets or carry embarrassing personal details that can be used for blackmail or to recruit spies.

    Drone consultant Keven Gambold, a hacking target himself, said the espionage could help Russia catch up with the Americans. "This would allow them to leapfrog years of hard-won experience," he said.

    He said his own company is so worried about hacking that "we've almost gone back in time to use stand-alone systems if we're processing client proprietary data — we're FedEx'ing hard drives around."

    The AP has previously reported on Fancy Bear's attempts to break into the Gmail accounts of Hillary Clinton's presidential campaign, American national security officials, journalists, and Kremlin critics and adversaries around the world. U.S. intelligence agencies have concluded the hackers worked for the Kremlin and stole U.S. campaign email to tilt the 2016 election toward Donald Trump.

    But the hackers clearly had broader aims. Fifteen of the targets identified by the AP worked on drones — the single largest group of weapons specialists.

    WATCH: Trump Wipes 'Dandruff' Off French President

    [NATL] WATCH: Trump Wipes 'Dandruff' Off French President, Talks Tough on Iran

    The appearance of French President Emmanuel Macron did little to stem President Donald Trump's disillusionment with the Iran nuclear deal, as Trump railed against Iran and Russia for their involvement in the Middle East during a state visit at the White House. Earlier, he wiped "a little piece of dandruff" off Macron's shoulder and noted, "we have to make him perfect. He is perfect."  

     

    (Published Tuesday, April 24, 2018)

    Countries like Russia are racing to make better drones as the remote-control aircraft have moved to the forefront of modern warfare. They can fire missiles, hunt down adversaries, or secretly monitor targets for days — all while keeping human pilots safely behind computer controls.

    The U.S. Air Force now needs more pilots for drones than for any other single type of aircraft, a training official said last year. Drones will lead growth in the aerospace industry over the next decade, with military uses driving the boom, the Teal Group predicted in November. Production was expected to balloon from $4.2 billion to $10.3 billion.

    So far, though, Russia has nothing that compares with the new-generation U.S. Reaper, which has been called "the most feared" U.S. drone. General Atomics' 5,000-pound mega-drone can fly more than 1,000 miles (1,600 kilometers) to deliver Hellfire missiles and smart bombs. It has seen action in Afghanistan, Iraq and Syria.

    The hackers went after General Atomics, targeting a drone sensor specialist. He did not respond to requests for comment.

    They also made a run at the Gmail account of Michael Buet, an electronics engineer who has worked on ultra-durable batteries and high-altitude drones for SunCondor, a small South Carolina company owned by Star Technology and Research. Such machines could be a useful surveillance tool for a country like Russia, with its global military engagements and vast domestic border frontier.

    "This bird is quite unique," said Buet. "It can fly at 62,000 feet (18,600 meters) and doesn't land for five years."

    Macron Visit Puts Spotlight on Iran Nuclear Deal

    [NATL] Macron Visit Puts Spotlight on Iran Nuclear Deal
    President Emmanuel Macron of France arrived in Washington to a warm welcome, marking the first official state visit of the Trump administration and setting the table for a range of discussions. Macron is expect to urge President Trump not to withdraw from the Iran nuclear, something Mr. Trump has been repeatedly critical of.
    (Published Tuesday, April 24, 2018)

    The Russians also appeared eager to catch up in space, once an arena for Cold War competition in the race for the moon. They seemed to be carefully eyeing the X-37B, an American unmanned space plane that looks like a miniature shuttle but is shrouded in secrecy.

    In a reference to an X-37B flight in May 2015, Russian Deputy Prime Minister Dmitry Rogozin invoked the vehicle as evidence that his country's space program was faltering. "The United States is pushing ahead," he warned Russian lawmakers.

    Less than two weeks later, Fancy Bear tried to penetrate the Gmail account of a senior engineer on the X-37B project at Boeing.

    Fancy Bear has also tried to hack into the emails of several members of the Arlington, Virginia-based Aerospace Industries Association, including its president, former Army Secretary Eric Fanning. It went after Lt. Gen. Mark Shackelford, who has served in the military and aerospace industry as a corporate board member. He has been involved with major weapons and space programs like SpaceX, the reusable orbital rocket company founded by billionaire tech entrepreneur Elon Musk.

    Along another path, the hackers chased people who work on cloud-based services, the off-site computer networks that enable collaborators to easily access and juggle data.

    In 2013, the CIA signed a $600 million deal with web giant Amazon to build a system to share secure data across the U.S. intelligence community. Other spy services followed, and the government cleared them last year to move classified data to the cloud at the "secret" level — a step below the nation's most sensitive information.

    DNC Takes Trump Campaign, Russia and Wikileaks to Court

    [NATL] DNC Takes Trump Campaign, Russia and Wikileaks to Court in Friday Lawsuit

    The suit seeks damages related to the the hack, claiming the DNC spent more than a million dollars to fix computers and lost even more in donations as a result of publicity surrounding the matter.

    (Published Friday, April 20, 2018)

    Fancy Bear's target list suggests the Russians have noticed these developments.

    The hackers tried to get into the Gmail accounts of a cloud compliance officer at Palantir and a manager of cloud platform operations at SAP National Security Services, two companies that do extensive government work. Another target was at Mellanox Federal Systems, which helps the government with high-speed storage networks, data analysis and cloud computing. Its clients include the FBI and other intelligence agencies.

    Yet of the 31 targets reached by the AP, just one got any warning from U.S. officials.

    "They said we have a Fancy Bear issue we need to talk about," said security consultant Bill Davidson. He said an Air Force cybersecurity investigator inspected his computer shortly after the 2015 phishing attempt but found no sign that it succeeded. He believes he was contacted because his name was recognized at the Air Force Office of Special Investigations, where he used to work.

    The FBI declined to give on-the-record details of its response to this Russian operation. Agency spokeswoman Jillian Stickels said the FBI does sometimes notify individual targets. "The FBI takes ... all potential threats to public and private sector systems very seriously," she said in an email.

    However, three people familiar with the matter — including a current and a former government official — previously told the AP that the FBI knew the details of Fancy Bear's phishing campaign for more than a year.

    Justice Department Releases Comey Memos to Congress

    [NATL] Justice Department Releases Comey Memos to Congress

    The Department of Justice has given Congress copies of the memos drafted by former FBI Director James Comey on his interactions with President Trump. Comey says he began the memos after a Trump Tower meeting to brief the president-elect on Russia's claims involving prostitutes. 

    (Published Friday, April 20, 2018)

    Pressed about notification in that case, a senior FBI official, who was not authorized to publicly discuss the hacking operation because of its sensitivity, said the bureau was overwhelmed by the sheer number of attempted hacks. "It's a matter of triaging to the best of our ability the volume of the targets who are out there," he said.

    A Pentagon spokeswoman, Heather Babb, said she could release no details about any Defense Department response, citing "operational security reasons." But she said the department recognizes the evolving cyber threat and continues to update training and technology. "This extends to all of our workforce — military, civilian and contractor," she added.

    The Defense Security Service, which protects classified U.S. technology and trains industry in computer security, focuses on safeguarding corporate computer networks. "We simply have no insight into or oversight of anyone's personal email accounts or how they are protected or notified when something is amiss," spokeswoman Cynthia McGovern said in an email.

    Contacted by the AP, Lockheed Martin, Raytheon, Boeing, Airbus and General Atomics did not respond to requests for comment.

    Jerome Pearson, a space system and drone developer, acknowledged that he has not focused on security training at his company, Star Technology, where Buet has consulted. "No, we really haven't done that," he said with a nervous laugh. "We may be a little bit remiss in that area." He said they may do training for future contracts.

    Cybersecurity experts say it's no surprise that spies go after less secure personal email as an opening to more protected systems. "For a good operator, it's like hammering a wedge," said Richard Ford, chief scientist at the Forcepoint cybersecurity company. "Private email is the soft target."

    Pompeo Nomination Face Wall of Opposition From Democrats

    [NATL] Democratic Senators a Wall of Opposition to Pompeo Nomination

    CIA Director Mike Pompeo's nomination for secretary of state is seeing a wall of opposition from Democratic senators as Republican lawmakers warn their colleagues not to reject Trump's pick. Sen. Rand Paul, R-Kentucky, also declined to support Pompeo's nomination. 

    (Published Friday, April 20, 2018)

    Some officials were particularly upset by the failure to notify employees of cloud computing companies that handle data for intelligence agencies. The cloud is a "huge target for foreign intelligence services in general — they love to get into that shared environment," said Sowell, the former adviser to the Office of the Director of National Intelligence.

    "At some point, wouldn't someone who's responsible for the defense contractor base be aware of this and try to reach out?" he asked.

    Even successful hacks might not translate into new weapons for Russia, where the economy is weighed down by corruption and international sanctions.

    However, experts say Russia, while still behind the U.S., has been making more advanced drones in recent years. Russian officials have recently been bragging as their increasingly sophisticated drones are spotted over war zones in Ukraine and Syria.

    At a 2017 air show outside Moscow, plans were announced for a new generation of Russian combat drones.

    Rogozin, the deputy prime minister, boasted that the technological gap between Russia and the United States "has been sharply reduced and will be completely eliminated in the near future."

    Newborn of Sen. Duckworth Becomes First Baby on Senate Floor

    [NATL] Newborn of Sen. Duckworth Becomes First Baby on Senate Floor

    Illinois Senator Tammy Duckworth brought her newborn baby girl, Maile, to a vote on the Senate floor. Previously all children had been banned from the floor until a rule change was made.

    (Published Thursday, April 19, 2018)