米国 CISAとFBIがイランのAPT攻撃者が有権者登録データを取得していたと公表していますね。。。
こんにちは、丸山満彦です。
米国 CISAとFBIがイランのAPT攻撃者が有権者登録データを取得していたと公表していますね。。。
大統領選が近づいてきて、色々とあるのでしょうね。。。
● CISA
・2020.10.30 Alert (AA20-304A) Iranian Advanced Persistent Threat Actor Identified Obtaining Voter Registration Data
Technical Detailsに
CISA and the FBI can confirm that the actor successfully obtained voter registration data in at least one state. The access of voter registration data appeared to involve the abuse of website misconfigurations and a scripted process using the cURL tool to iterate through voter records. A review of the records that were copied and obtained reveals the information was used in the propaganda video.
とあるので、データが取得されたと認めているようですね。。。どこの州かは言及されていませんが。。。
いずれにしても大統領選を前にサイバー空間も含めて色々な意図を持った活動が行われているようですね。。。
■ 報道等
● Bloomberg
・2020.10.31 Iran Accused of Hacking U.S. Voter Data Before Election Day by Kartikay Mehrotra
The FBI and the Cybersecurity Infrastructure Security Agency -- a unit of the Department of Homeland Security -- revealed Friday that the attack was an effort to “influence and interfere” in the 2020 presidential election. The agencies said the attack was executed by the same group of Iranians that sent faked, threatening emails targeting Democratic voters earlier this month.
The agencies didn’t disclose which state was breached.
● NBC news
・2020.10.31 Iran targeting U.S. state voter rolls and spreading election propaganda, officials say
At least one state's voter registration data was obtained, but there is no indication that any voter registration databases have been manipulated or any votes have been changed.
● FOX
・2020.10.30 Iranian hackers who posed as the Proud Boys accessed voter data in one state, feds say by Donie O'Sullivan and Alex Marquardt, CNN
● Voice of America
・2020.10.30 US Confirms Iran Hacked Voter Registration Data in 1 State by Jeff Seldin
● Cyberscoop
・2020.10.30 Iranian hackers probed election-related websites in 10 states, US officials say by Sean Lyngaas
● Bleeping Computer
・2020.10.30 FBI: How Iranian hackers stole voter info from state election sites by Sergiu Gatlan
DHS CISA and the FBI today shared more info on how an Iranian state-sponsored hacking group was able to harvest voter registration info from U.S. state websites, including election sites.
The harvested data was later used fake Proud Boys voter intimidation emails that targeted Democratic voters attempting to convince them to vote for President Trump.
■ その他参考
● FBI
・2020.10.22 [PDF] Iranian State-Sponsored Advanced Persistent Threat Actors Threaten Election-Related Systems
SUMMARY
The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) are warning that Iranian advanced persistent threat (APT) actors are likely intent on influencing and interfering with the U.S. elections to sow discord among voters and undermine public confidence in the U.S. electoral process.
The APT actors are creating fictitious media sites and spoofing legitimate media sites to spread obtained U.S. voter-registration data, anti-American propaganda, and misinformation about voter suppression, voter fraud, and ballot fraud.
The APT actors have historically exploited critical vulnerabilities to conduct distributed denial-of-service (DDoS) attacks, structured query language (SQL) injections attacks, spear-phishing campaigns, website defacements, and disinformation campaigns.
イランのAPT工作員が、有権者の間に不和を生み出し、選挙プロセスに対する国民の信頼を損なうために、米国の選挙に影響を与え、妨害することを意図して活動しているとCISAとFBIは考えているようですね。
彼らは、架空のメディアサイトを作成したり、正規のメディアサイトになりすましたりして、入手した米国の有権者登録データ、反米プロパガンダ、有権者弾圧、有権者詐欺、投票詐欺に関する誤報を広めているようですね。
● The New York Times
・2020.10.21 Iran and Russia Seek to Influence Election in Final Days, U.S. Officials Warn
Iran is behind threatening, spoofed emails sent to voters, the officials said, but there was no indication that any votes themselves had been altered.
Comments