National: Blue-state lawmakers want to keep Trump off 2020 ballot unless he releases tax returns | The Washington Post

Lawmakers in several deep-blue states want to require presidential candidates to release their tax returns in order to appear on the ballot in those states, a sharp rebuke of President-elect Donald Trump’s ongoing refusal to make his tax records public. A pair of Maryland Democrats on Tuesday announced they would introduce a bill mandating the release of five years of tax returns, mirroring similar proposals in New York, Massachusetts, California and Maine. If approved, the proposals could keep Trump from appearing on some ballots in 2020 if he continues breaking with the decades-long tradition of financial transparency and decides to seek a second term. U.S. Sen. Ron Wyden (D-Ore.) in May introduced a federal bill requiring major-party candidates to release their returns, but that legislation didn’t advance in the Republican-controlled Congress.

National: Lawmakers preparing Russia sanctions bill | CNN

A group of bipartisan senators is preparing a bill that would offer sanctions against Russia, lawmakers confirmed as the Senate convened a new session of Congress on Tuesday. Maryland Sen. Ben Cardin, the top Democrat on the Senate Foreign Relations Committee, told reporters on Capitol Hill on Tuesday that he was working on the bill with a “broad group” of bipartisan senators. He said he hoped the bill would be released this week. “It will be a comprehensive bill that will provide congressional authorization for additional sanctions against Russia,” Cardin said.

National: Uncertainty clouds debate on Russia’s suspected role in election hacks | PCWorld

How do you prove Russia meddled with the presidential election? That’s a question the U.S. government is facing, but may never fully answer, at least not publicly. Last week, the U.S. punished Russia, claiming the country’s cyberspies hacked Democratic groups and figures during the election season. However, missing from last week’s announcement was any new evidence — or a smoking gun — proving the Kremlin’s involvement. This isn’t sitting well with everyone in the security industry, especially since identifying the culprit of any cyberattack is no easy matter. “Maybe Russia did do it, but until we have sufficient evidence, it’s a mistake to move forward,” said Jeffrey Carr, a cybersecurity consultant. Carr isn’t the only skeptic. Incoming President Donald Trump has also been doubtful over Russia’s suspected role in the cyber-meddling. “Unless you catch ‘hackers’ in the act, it is very hard to determine who was doing the hacking,” tweeted Trump, who’s compared the problem to the U.S. incorrectly concluding that Iraq possessed weapons of mass destruction over a decade ago. Nevertheless, the outgoing administration of President Barack Obama remains convinced that the Kremlin directed the high-profile hacks in an effort to sway public opinion in the run-up to the election.

National: Sanctions mark rare window into cyberwar | USA Today

Sanctions and the expulsion of Russian diplomats from the USA in response to alleged hacking intended to influence the U.S. presidential election are rare physical responses to growing cyberwars between nations. President Obama’s announcement of sanctions Thursday and Russia’s subsequent decision not to expel U.S. diplomats Friday may signal a larger engagement over events in cyberspace, one experts have long said was coming but that may seem like a strange new world to the public. Previous responses to cyberthreats were directed toward nation-states with no full nuclear deterrent capability, said Ian Gray, a cyberintelligence analyst with the Flashpoint company. Those include Iran and North Korea, cases that never escalated to full-blown sanctions. “The possible implications of two fully nuclear-armed powers escalates the potential for future conflict, making the implications unique,” Gray said.

National: Early Voting Didn’t Boost Overall Election Turnout, Studies Show | Wall Street Journal

Most early voting programs didn’t increase the number of people who cast ballots in 2016, they just changed the way people participated, according to examinations of this year’s election results. President-elect Donald Trump’s Nov. 8 victory also put aside long-held notions that pre-Election Day indicators from early-voting data could serve as useful predictors of who would win the election. Election figures in Ohio bear out the lack of relationship between the availability of early voting and overall turnout. Before the 2008 election, Ohio lawmakers for the first time introduced early and no-excuse absentee voting in the state. When President Barack Obama defeated Sen. John McCain that year, 1.72 million Ohioans voted before Election Day. But postelection figures showed that overall turnout increased from 2004 by just 51,000 votes. Fewer Ohioans voted in 2012, and fewer still in 2016, even as early voting numbers rose to 1.86 million in 2012 and 1.88 million in 2016.

National: Post-recount, experts say electronic voting remains ‘shockingly’ vulnerable | The Parallax

As the Obama administration took tough action against Russia for interfering with the 2016 U.S. election this week, two experts in U.S. voting-machine security offered evidence at Europe’s largest annual hacker conference here they say proves that while the voting machines used in the November presidential election were not hacked, U.S. voting systems remain “shockingly” exposed to hackers. “We knew on November 8 that hacking was possible,” J. Alex Halderman, a University of Michigan computer science professor who specializes in testing voting-machine security, said Wednesday in front of a crowd of more than 1,000 attendees of the 33rd annual Chaos Communication Congress. Prior to Election Day, as Donald Trump repeatedly claimed that the election would be “rigged” against him, email servers belonging to the Democratic National Committee and Clinton campaign manager John Podesta, as well as voter registration systems in Illinois and Arizona, were hacked. And after the election, which resulted in Hillary Clinton winning the popular vote by a substantial margin but Trump winning more votes in the overriding Electoral College, many people, including Green Party candidate Jill Stein, called into question whether votes had been tallied without interference. Trump also alleged on Twitter that if it wasn’t for “the millions of people who voted illegally,” he would have won the popular vote. “Shockingly—at least shockingly to me and many other people, even under these circumstances—approximately zero U.S. states were going to look at enough paper ballots to know whether the computers had been hacked,” Halderman said. “This is a major gap in our system.”

National: Here’s the evidence U.S. intelligence has on Russia’s election hacking | The Daily Dot

U.S. intelligence agencies on Thursday released a detailed report laying out evidence showing that Russia’s government orchestrated cyberattacks meant to tamper with America’s presidential election. The 13-page Joint Analysis Report (JAR), released by the FBI and the Department of Homeland Security (DHS), details the technical methods two Russian intelligence agencies used to “compromise and exploit networks and endpoints associated with the U.S. election, as well as a range of U.S. Government, political, and private sector entities.” The report coincides with the White House announcement that it has ejected 35 Russian intelligence diplomats and imposed sanctions on nine Russian officials or entities. 

National: White House fails to make case that Russian hackers tampered with election | Ars Technica

Talk about disappointments. The US government’s much-anticipated analysis of Russian-sponsored hacking operations provides almost none of the promised evidence linking them to breaches that the Obama administration claims were orchestrated in an attempt to interfere with the 2016 presidential election. The 13-page report, which was jointly published Thursday by the Department of Homeland Security and the FBI, billed itself as an indictment of sorts that would finally lay out the intelligence community’s case that Russian government operatives carried out hacks on the Democratic National Committee, the Democratic Congressional Campaign Committee, and Clinton Campaign Chief John Podesta and leaked much of the resulting material. While security companies in the private sector have said for months the hacking campaign was the work of people working for the Russian government, anonymous people tied to the leaks have claimed they are lone wolves. Many independent security experts said there was little way to know the true origins of the attacks. Sadly, the JAR, as the Joint Analysis Report is called, does little to end the debate. Instead of providing smoking guns that the Russian government was behind specific hacks, it largely restates previous private-sector claims without providing any support for their validity. Even worse, it provides an effective bait and switch by promising newly declassified intelligence into Russian hackers’ “tradecraft and techniques” and instead delivering generic methods carried out by just about all state-sponsored hacking groups.

National: Supreme Court Faces Its Own Campaign Season | US News & World Report

America’s nasty, brutish and not-so-short 2016 presidential campaign raised some painful issues about the nation’s democratic institutions and the treatment of people involved in them. Charges were made about voter fraud, “rigged” elections and whether people’s ethnic or racial background makes them more likely to commit crimes. It was the sort of ugly dialogue justices on the US Supreme Court can typically experience as interested observers, separated from the politics and immune from the fallout. But this year, a high court already hit with the collateral damage of legislative-executive branch politics may well be dealing with the aftermath of a painful election season. Voting rights, redistricting and the fairness of the criminal justice system to racial and ethnic minorities are all topics likely to reach the high court, adding a judiciary sequel to the tense debates of the 2016 campaign season. “It’s going to go on forever, apparently,” quips David Coale, a partner at Dallas-based Lynn Pinker Cox Hurst who has been monitoring critical cases rooted in the Lone Star State.

National: Obama Strikes Back at Russia for Election Hacking | The New York Times

President Obama struck back at Russia on Thursday for its efforts to influence the 2016 election, ejecting 35 suspected Russian intelligence operatives from the United States and imposing sanctions on Russia’s two leading intelligence services. The administration also penalized four top officers of one of those services, the powerful military intelligence unit known as the G.R.U. Intelligence agencies have concluded that the G.R.U. ordered the attacks on the Democratic National Committee and other political organizations, with the approval of the Kremlin, and ultimately enabled the publication of the emails it harvested. The expulsion of the 35 Russians, whom the administration said were spies posing as diplomats and other officials, and their families was in response to the harassment of American diplomats in Russia, State Department officials said. It was unclear if they were involved in the hacking.

National: Recounts or no, US elections are still vulnerable to hacking | Associated Press

Jill Stein’s bid to recount votes in Pennsylvania was in trouble even before a federal judge shot it down Dec. 12. That’s because the Green Party candidate’s effort stood little chance of detecting potential fraud or error in the vote — there was basically nothing to recount. Pennsylvania is one of 11 states where the majority of voters use antiquated machines that store votes electronically, without printed ballots or other paper-based backups that could be used to double-check the balloting. There’s almost no way to know if they’ve accurately recorded individual votes — or if anyone tampered with the count. More than 80 percent of Pennsylvanians who voted Nov. 8 cast their ballots on such machines, according to VotePA, a nonprofit seeking their replacement. VotePA’s Marybeth Kuznik described the proposed recount this way: “You go to the computer and you say, ‘OK, computer, you counted this a week-and-a-half ago. Were you right the first time?'” These paperless digital voting machines, used by roughly 1 in 5 U.S. voters last month, present one of the most glaring dangers to the security of the rickety, underfunded U.S. election system. Like many electronic voting machines, they are vulnerable to hacking. But other machines typically leave a paper trail that could be manually checked. The paperless digital machines open the door to potential election rigging that might not ever be detected.

National: State election recounts confirm Trump win but reveal hacking vulnerabilities | The Guardian

The US presidential election was correct, according to a crowdfunded effort to recount the vote in key states, but the review also highlighted the unprecedented extent to which the American political system is vulnerable to cyberattack, according to two computer scientists who helped the effort to audit the vote. J Alex Halderman and Matt Bernhard, both of the University of Michigan, campaigned in favor of a recount of the US presidential election, which was eventually spearheaded by Jill Stein, the Green party candidate. Only the Wisconsin recount was substantially completed, with the recount in Michigan eventually stopped and a potential recount in Pennsylvania killed before it had even begun. But the researchers say the recounted counties and precincts were enough to give them confidence that Donald Trump is the genuine winner of the election. “The recounts support that the election outcome was correct,” Bernhard told the Chaos Communications Congress cybersecurity convention in Hamburg, where he and Halderman gave a talk summarising their findings.

National: Obama expels 35 Russian diplomats as part of sanctions for US election hacking | The Guardian

The Obama administration on Thursday announced its retaliation for Russian efforts to interfere with the US presidential election, ordering sweeping new sanctions that included the expulsion of 35 Russians. US intelligence services believe Russia ordered cyber-attacks on the Democratic National Committee (DNC), Hillary Clinton’s campaign and other political organizations, in an attempt to influence the election in favor of the Republican candidate, Donald Trump. In a statement issued two weeks after the president said he would respond to cyber-attacks by Moscow “at a time and place of our choosing”, Obama said Americans should “be alarmed by Russia’s actions” and pledged further action. “I have issued an executive order that provides additional authority for responding to certain cyber activity that seeks to interfere with or undermine our election processes and institutions, or those of our allies or partners,” Obama said in the statement, released while he was vacationing with his family in Hawaii. “Using this new authority, I have sanctioned nine entities and individuals: the GRU and the FSB, two Russian intelligence services; four individual officers of the GRU; and three companies that provided material support to the GRU’s cyber operations.

National: US releases detailed look at Russia’s election hacking | Associated Press

The U.S. on Thursday released its most detailed report yet on Russia’s efforts to interfere in the U.S. presidential election by hacking American political sites and email accounts. The 13-page joint analysis by the Homeland Security Department and the Federal Bureau of Investigation was first such report ever to attribute malicious cyber activity to a particular country or actors. It was also the first time the U.S. has officially and specifically tied intrusions into the Democratic National Committee to hackers with the Russian civilian and military intelligence services, the FSB and GRU, expanding on an Oct. 7 accusation by the Obama administration. The report said the intelligence services were involved in “an ongoing campaign of cyber-enabled operations directed at the U.S. government and its citizens.” It added, “In some cases, (the Russian intelligence services’) actors masqueraded as third parties, hiding behind false online personas designed to cause the victim to misattribute the source of the attack.”

National: U.S. elections are more vulnerable than ever to hacking | Politico

America’s political system will remain vulnerable to cyberattacks and infiltration from foreign and domestic enemies unless the government plugs major holes and commits millions of dollars in the coming years. Despite expectations that the U.S. on Thursday will slap Russia with retaliatory measures for hacking the recent presidential race, major political, financial and logistical obstacles stand in the way of ensuring that hackers are locked out of future elections, not to mention an incoming administration that is dismissive about the government’s own allegations that Russia pulled off a widespread hacking campaign that fueled Americans’ wariness of the political process and possibly helped President-elect Donald Trump win the White House.

National: America keeps voting earlier — and it keeps not affecting turnout that much | The Washington Post

Mike Dawson of OhioElectionResults.com was curious about the extent to which the state’s early-voting rules affected turnout in its elections. That’s one of the goals of early voting, of course — to increase the amount of time people have to cast a ballot and, therefore, make it easier for those with tricky schedules to do so. Dawson analyzed presidential voting in each cycle since 2000, a period that overlapped with Ohio’s introduction of early voting before the 2008 election. His conclusion? “While early in-person voting and no-excuse absentee voting in Ohio has reduced waiting times on Election Day, it has had no measurable impact on increasing voter turnout,” he wrote. For those who spend much time looking at early voting, that’s not a big surprise.

National: The 2016 Election Wasn’t Hacked, But the 2020 Election Could Be | Motherboard

After partial vote recounts in certain states, US election officials found no evidence that votes had been manipulated by a cyberattack on voting machines, security researchers told an audience at the Chaos Communication Congress hacking festival on Wednesday. But, the researchers called for a vast overhaul in voting machine security and related legislation, warning that an attack is still possible in a future election. “We need this because even if the 2016 election wasn’t hacked, the 2020 election might well be,” said J. Alex Halderman, a professor of computer science at the University of Michigan, during a presentation with Matt Bernhard, a computer science PhD student. Halderman’s and other security experts’ concerns made headlines in November when he participated in a call with the Clinton campaign about a potential recount in some states. Green Party candidate Jill Stein subsequently held a crowdfunding campaign to finance the recounts. “Developing an attack for one of these machines is not terribly difficult; I and others have done it again and again in the laboratory. All you need to do is buy one government surplus on eBay to test it out,” Halderman, who has extensively researched voting machine security, said during the talk.

National: U.S. Poised to Act Over Alleged Election Hacking | Wall Street Journal

The Obama administration could announce as early as Thursday moves to retaliate against Russia for its alleged use of cyberattacks to meddle in last month’s presidential election, a senior U.S. official said. The White House has been considering a variety of measures to respond to the hacking of the Democratic National Committee and the email account of Hillary Clinton’s campaign chairman, John Podesta, including sanctions and retaliatory cyber actions. U.S. officials have said the “proportional response” could involve both steps that would be publicly disclosed afterward and covert moves that would remain classified.

National: Northeastern states weigh move to early voting | The Hill

Legislators in several Northeastern and New England states are considering whether to join the growing move toward opening polling places days, and even weeks, before Election Day. Connecticut legislators will weigh a measure to allow up to two weeks of early voting before the next election. New York Attorney General Eric Schneiderman (D) included an early voting proposal in a package of election reforms he unveiled this month. And Rhode Island Secretary of State Nellie Gorbea (D) will ask legislators to consider allowing early voting, as well. “We just need to expand voting infrastructure to include early voting so people can exercise their franchise, their right,” said Connecticut state Rep. William Tong (D), who plans to introduce a bill once the legislature returns to session next year. Tong said he decided to act after seeing lines out the door at 6 a.m. on Election Day in his suburban Stamford district. Some people left the long lines before they had a chance to vote to get to work on time.

National: Obama administration is close to announcing measures to punish Russia for election interference | The Washington Post

The Obama administration is close to announcing a series of measures to punish Russia for its interference in the 2016 presidential election, including economic sanctions and diplomatic censure, according to U.S. officials. The administration is finalizing the details, which also are expected to include covert action that will probably involve cyber-operations, the officials said. An announcement on the public elements of the response could come as early as this week. The sanctions portion of the package culminates weeks of debate in the White House on how to revise a 2015 executive order that was meant to give the president authority to respond to cyberattacks from overseas but that did not cover efforts to influence the electoral system.

National: Intelligence agencies sued for records on Russian election interference | The Hill

A lawsuit has been filed against the CIA, the FBI, the Department of Homeland Security and the Office of the Director of National Intelligence seeking records pertaining to Russia’s interference in the presidential election. Journalist Jason Leopold and Ryan Shapiro, a Ph.D. candidate at the Massachusetts Institute of Technology (MIT), filed a lawsuit in the U.S. District Court for the District of Columbia on Monday asserting that the agencies have failed to comply with their request for documents under the Freedom of Information Act (FOIA).

National: Why it’s so hard to prove that Russia was behind the election hacks | The Washington Post

“If I can’t use this information, then what good is it to have it?! Why even collect it in the first place?!” It’s a cry of frustration, an angry rhetorical exclamation I heard many times during my 30-year career as an operations officer at the CIA. Usually it comes from ambassadors or senior members of the national security apparatus in Washington, and occasionally even from analysts in the intelligence community who have been provided with a truly stunning piece of information acquired clandestinely from human or technical sources. The sense of frustration among these consumers of intelligence is heightened when the topic is critical and timely, and when both the government and the American public are clamoring for answers to difficult questions. This is precisely where we as a nation find ourselves when discussing the claim by the U.S. intelligence community that Russian hackers attempted to influence the U.S. presidential elections. The White House has ordered a report on what the hackers did, and to what extent they were trying to help Donald Trump, before Trump is sworn in as president Jan. 20. News reports say officials at the FBI and the CIA have agreed that hackers targeted the Democratic National Committee and Hillary Clinton’s campaign chairman, John Podesta, to boost Trump. President Obama suggested this month that Russian President Vladimir Putin knew about the hacks. But proving that case to the public at large will get complicated. The discussion about the cyber intrusions and what U.S. intelligence agencies know about them goes directly to some of the most sensitive questions in the business: the best way to protect sources and methods, and how to use clandestinely acquired information to resolve a politically charged issue. Secrets intelligence agencies want to keep compete with an understandable desire to reveal them. Facts may help resolve the matter, but in revealing the facts, the government may also reveal how we got them. It is truly not an overstatement to say that technical capabilities we have spent years and millions to develop could be rendered useless in one news cycle if disclosure is not handled correctly. Worse — and I do not exaggerate — if it were human sources that provided the information, they could lose their lives.

National: The Year in Government Hacking: 2016 in Review | Electronic Frontier Foundation

There’s no question that this has been a big year for government hacking. Not a day has gone by without some mention of it in the news. 2016 may forever be remembered as the year when government hacking went so mainstream that Stephen Colbert cracked jokes about Fancy Bear and Cozy Bear on The Late Show. The Obama administration has publicly blamed the Russian government for a series of compromises of U.S. political institutions and individuals in this election year, including the Democratic National Committee, the Republican National Committee, and John Podesta, former Chairman of the Hillary Clinton election campaign. Political espionage is nothing new, but what distinguishes this series of attacks is the element of publication. This election cycle was dominated by news stories stemming from DNC and Podesta emails leaked to and published by Wikileaks, which has repeatedly said that it will not comment on sources but denies that the source of the documents is Russian.

National: Why don’t more Americans vote? Maybe because they don’t trust U.S. elections. | The Washington Post

The U.S. election has reinforced concerns on all sides about problems of electoral integrity. During the campaign and even after his victory, Trump made claims about widespread voter fraud. Democrats and civil rights organizations accused GOP state houses of suppressing voters’ rights. Journalists criticized fake online stories. Election Day brought complaints about long wait lines and broken voting machines. Perhaps most seriously, the CIA and FBI reported that Russia attempted to influence the U.S. election through cyberattacks. Even before the Putin surprise, however, few Americans trusted the honesty of their elections. A Gallup poll two weeks before Election Day found that only one-third of Americans (35 percent) were “very confident” that their vote would be counted accurately. Even worse, when people around the world were asked how confident they were in the honesty of their elections, Gallup found that this year the United States ranked 90th out of 112 countries. Widespread belief that elections are rigged or stolen may seriously damage democracy. My research for “Why Electoral Integrity Matters” using the World Values Survey showed that when people believe that electoral malpractice is common, they are significantly less likely to vote.

National: Electoral integrity in all 50 US states, ranked by experts | Vox

Ever since the contested 2000 presidential election, the way that American elections are run has become increasingly partisan and contentious. The 2016 elections ratcheted up the number of complaints by all parties, yet there is heated disagreement about the nature of the problem — let alone potential solutions. For many years, the main complaint by the GOP has centered on alleged incidents of illegal fraud, in which it is claimed that ineligible people registered and cast ballots, for example non-US citizens and felons, or simply imposters voting more than once. Throughout the campaign Donald Trump stoked up the heated rhetoric by alleging that victory would be stolen from him. After he won the Electoral College vote, he claimed (falsely) that he also won the popular vote “if you deduct millions of people who voted illegally.” In fact, across the country, officials found next to no credible evidence for cases of voter fraud. For Democrats, by contrast, the main problem has been framed as one of the suppression of voting rights designed to depress legitimate citizen participation. Civil rights organizations routinely criticize attempts by GOP state legislatures to tighten voter ID requirements and restrict polling facilities, making it harder to vote, especially for minorities and the elderly. Here the evidence about the impact of implementing stricter registration requirements in depressing the vote is somewhat clearer, although debate continues about the size of the effect, among other questions.

National: Senate investigation of Russian hacking will be broad, going beyond 2016 elections | McClatchy DC

The Senate’s most powerful committee with oversight of U.S. intelligence agencies will meet mostly behind closed doors as it takes on a broad and serious investigation into “cyber activity directed against our nation by the Russian government,” said U.S. Sen. Richard Burr, intelligence committee chairman, on Friday. Burr, who is North Carolina’s senior Republican senator, laid out in a news statement a lengthy description of the committee’s work ahead, which will be done by Democrats and Republicans, in nonpartisan fashion, he said. Officials who work for President Barack Obama, as well as members of President-elect Donald Trump’s team, could be called on to testify under oath in front of Congress on the issue of alleged Russian hacking and subsequent leaks. The hacking targeted the Democratic Party and, specifically, Hillary Clinton’s presidential campaign.

National: Stein pushes Justice Department for investigation of electoral system | The Hill

Jill Stein is continuing her push to investigate the integrity of the U.S. electoral system, with lawyers for the former Green Party presidential candidate asking Attorney General Loretta Lynch to probe the issue. “We write to urge the Department of Justice to launch an investigation into the integrity of our nation’s election system generally, and our nation’s voting machines specifically, based on the information we discovered in the course of this representation,” reads the letter from Stein’s counsel dated Friday.

National: Group allegedly behind DNC hack targeted Ukraine, report finds | The Guardian

A new report suggests the same hacking group believed to have hacked the Democrats during the recent presidential election also targeted Ukrainian artillery units over a two-year period, that if confirmed would add to suspicions they are Russian state operatives. The report, issued by cybersecurity firm CrowdStrike, said a malware implant on Android devices was used to track the movements of Ukrainian artillery units and then target them. The hackers were able to access communications and geolocations of the devices, which meant the artillery could then be fired on and destroyed. The report will further fuel concerns that Russia is deploying hacking and cyber-attacks as a tool of both war and foreign policy. The hack “extends Russian cyber-capabilities to the frontlines of the battlefield”, the report said. Russia gave military and logistical backing to separatists fighting against Ukrainian forces in east Ukraine, in a war that broke out in spring 2014. The application was designed for use with the D-30 122mm towed howitzer, a Soviet-made artillery weapon still in use today. The app reduced firing times from minutes to seconds, according to the Ukrainian officer who designed it. However, it appears that the Android app was infected with a Trojan.

National: Cybersecurity firm finds evidence that Russian military unit was behind DNC hack | The Washington Post

A cybersecurity firm has uncovered strong proof of the tie between the group that hacked the Democratic National Committee and Russia’s military intelligence arm — the primary agency behind the Kremlin’s interference in the 2016 election. The firm CrowdStrike linked malware used in the DNC intrusion to malware used to hack and track an Android phone app used by the Ukrainian army in its battle against pro-Russia separatists in eastern Ukraine from late 2014 through 2016. While CrowdStrike, which was hired by the DNC to investigate the intrusions and whose findings are described in a new report, had always suspected that one of the two hacker groups that struck the DNC was the GRU, Russia’s military intelligence agency, it had only medium confidence. Now, said CrowdStrike co-founder Dmitri Alperovitch, “we have high confidence” it was a unit of the GRU. CrowdStrike had dubbed that unit “Fancy Bear.” The FBI, which has been investigating Russia’s hacks of political, government, academic and other organizations for several years, privately has concluded the same. But the bureau has not publicly drawn the link to the GRU. CrowdStrike’s fingering of the GRU helps to deepen the public’s understanding of how different arms of the Russian government are carrying out malicious and deeply troubling cyber acts in the United States.

National: U.S. government loses to Russia’s disinformation campaign: advisers | Reuters

The U.S. government spent more than a decade preparing responses to malicious hacking by a foreign power but had no clear strategy when Russia launched a disinformation campaign over the internet during the U.S. election campaign, current and former White House cyber security advisers said. Far more effort has gone into plotting offensive hacking and preparing defenses against the less probable but more dramatic damage from electronic assaults on the power grid, financial system or direct manipulation of voting machines. Over the last several years, U.S. intelligence agencies tracked Russia’s use of coordinated hacking and disinformation in Ukraine and elsewhere, the advisers and intelligence experts said, but there was little sustained, high-level government conversation about the risk of the propaganda coming to the United States.