The crisis of election security; new Russian meddling tactic; Canada & cyberattacks, and more

The old-school double-agent tactics governments will use to erode trust (Camille Francois, Quartz)
Government-backed information manipulation is here to stay—and it’s taking a turn that will challenge citizens’ ability to use the internet for collective action.
The global reaction to the Russian disinformation campaign—against Americans, Europeans, and against their own neighbors in the Baltics—has thrown our media, politics, and social media platforms into a chaotic frenzy.
We are still unfurling just how much influence the Kremlin (and others acting in concert with them) truly had on the American public. As scholars and policymakers work through their assessment and mitigation measures, it’s worth keeping in mind that the campaign targeting the US audience before, during, and after the 2016 presidential race began years ago. While brazen and large-scale, it does not represent the state-of-the-art sophistication that is currently being developed, nor the latest strategies already being used by governments around the world to disrupt democratic processes. The efforts we have seen against the US audience so far are basically a beta test for what is to come.

Russia is trying to influence the 2018 US election. But this time the U.S. is prepared. (Alla Baranovsky-Dewey, Washington Post)
We now know Russia interfered in the 2016 U.S. presidential election. Last year, the U.S. intelligence community released a declassified statement outlining how Russia had undertaken a two-pronged strategy that combined “covert intelligence operations — such as cyber activity — with overt efforts by Russian Government agencies, state-funded media, third-party intermediaries, and paid social media users or ‘trolls.’ ”
With the 2018 midterm elections approaching, how likely is it that Russia will do it again? Daniel Coats, the director of national intelligence, said in August that a Russia-orchestrated disinformation campaign continues on social media. Two 2018 candidates — one of them Sen. Claire McCaskill, a Missouri Democrat seeking reelection — have already reported that Russian hackers have targeted their computers.
But while Russia is clearly trying to influence the 2018 elections, this time the United States is prepared and taking action to counter it. That makes it likely that Russia’s efforts will not be as broad and that its effects will not be as large as in 2016.

A comprehensive account of Russia’s scheming in the 2016 election (Kai Bird, Washington Post)
We called Watergate our long national nightmare. The presidential scandal captured headlines for two full years, from 1972 until President Richard Nixon resigned in August 1974. But our collective obsession with the scandals of President Trump, elected just under two years ago, seems somehow far more excruciating. We are exhausted from trying to absorb revelations involving a wide cast of characters — not to mention the president’s almost daily barrage of tweets, some merely outrageous and not a few bordering on the nonsensical. Even the most careful readers of this newspaper and other serious news outlets must sometimes struggle against a definite sensation of vertigo.
We cannot understand what happened in the 2016 election, Russia-gate or the imploding Trump presidency by reading the 24-hour digital news on our phones or watching the talking heads on partisan cable news platforms. Fortunately, we still have a simple technology invented nearly six centuries ago: books. Greg Miller has written a damn good one. The Apprentice is not as breathless as Bob Woodward’s recent Fear: Trump in the White House, nor as anecdotally investigative as this spring’s Russian Roulette, by Michael Isikoff and David Corn. Miller’s book paints on a broad canvas, showing readers the full arc of an incredibly complicated political tale. Miller has twice won Pulitzer Prizes for his reporting on national security issues for The Washington Post. He and other Post reporters, including Adam Entous and Ellen Nakashima, have broken many of the hard news stories about the Trump presidency. But Miller puts it all together in “The Apprentice,” placing the story in a comprehensible historical and political context. The resulting portrait of our very weird president is certainly not flattering — but somehow it is reassuring that Trump comes off as a politician more in the tradition of the dangerous but clownish Silvio Berlusconi rather than the fascistic Benito Mussolini.

Voting machine used in half of U.S. is vulnerable to attack, report finds (Robert McMillan and Dustin Volz, Wall Street Journal)
Election machines used in more than half of U.S. states carry a flaw disclosed more than a decade ago that makes them vulnerable to a cyberattack, according to a report to be delivered Thursday on Capitol Hill.
The issue was found in the widely used Model 650 high-speed ballot-counting machine made by Election Systems & Software LLC, the nation’s leading manufacturer of election equipment. It is one of about seven security problems in several models of voting equipment described in the report, which is based on research conducted last month at the Def Con hacker conference.

Researchers find Russian “VPNfilter” malware was a Swiss Army hacking knife (Sean Gallagher, Arstechnica)
Researchers at Cisco’s Talos have discovered that VPNfilter—the malware that prompted Federal Bureau of Investigation officials to urge people to reboot their Internet routers—carried an even bigger punch than had previously been discovered. While researchers already found that the malware had been built with multiple types of attack modules that could be deployed to infected routers, further research uncovered seven additional modules that could have been used to exploit the networks routers were attached to, thus stealing data and creating a covert network for command and control over future attacks. The malware appeared to be primarily intended to attack Ukraine on the anniversary of the NotPetya attack, but VPNfilter was clearly built for long-term use as a network exploitation and attack platform.

How prepared is Canada for cyberattacks ? (Derek Burney, Globe and Mail)
Indications that the government is analyzing the cyberthreats to Canada from equipment made by foreign telecommunication companies is welcome enough but the scope for review should be broader and lines of accountability need to be streamlined.

Revealed: What Erik Prince and Moscow’s money man discussed in that infamous Seychelles meeting (Betsy Woodruff and Erin Banco, Daily Beast)
Mueller’s team and congressional investigators have looked into a meeting in the Seychelles between allies of Trump and Putin. Now we have the Russian read-out of what was said.