As the United States presidential election draws near, Microsoft issued a warning on Wednesday that Russia, Iran, and China are actively engaged in various influence operations targeting both the Trump and Harris campaigns, as well as races further down the ballot. Among the many policies that the future president will influence is the U.S. strategy for AI regulation. Experts caution that a second term for Trump could have perilous consequences for the safety, transparency, and fairness of evolving AI platforms.
WIRED conducted an insightful exploration of ZachXBT, a bitcoin recovery enthusiast who has been instrumental in locating billions in stolen cryptocurrency, including recently tracing $243 million from what might be the largest cryptocurrency theft from a single individual.
In a significant development, Nigeria has dropped its money laundering and tax evasion charges against Binance executive and former IRS agent Tigran Gambaryan after an extensive eight-month investigation. Additionally, an exposed database from United Nations Women revealed over 115,000 sensitive files publicly accessible online, concerning organizations that support vulnerable populations worldwide. Furthermore, WIRED delved into the anti-Kremlin group known as North Atlantic Fella Organization, which has successfully raised millions to procure supplies for Ukrainian soldiers engaged in the conflict against Russia.
In August, the U.S. Department of Homeland Security issued a report to local agencies highlighting the economic risks associated with dependence on Chinese utility storage batteries. This is particularly concerning given the need to cultivate a secure battery-manufacturing supply chain in the U.S. This report was originally acquired by the national security transparency nonprofit Property of the People and subsequently reviewed by WIRED. Additionally, U.S. Immigration and Customs Enforcement’s $2 million contract with the surveillance firm Paragon Solutions is currently being examined by the White House for potential violations of the Biden administration’s executive order on spyware.
There’s more to uncover! Each week, we compile the security and privacy updates that we haven’t explored thoroughly. Click the headlines to delve into the complete stories. Stay safe out there.
When reports emerged earlier this fall regarding hackers who were allegedly working for the Chinese government breaching the networks of Verizon, AT&T, and Lumen, officials warned of potential access to a trove of private communications and metadata of Americans. It now seems that these hackers, identified as Salt Typhoon, specifically targeted at least two notable Americans: Donald Trump and JD Vance.
The New York Times revealed on Friday afternoon that Chinese hackers were aiming to obtain the telephone communications of Trump and Vance, a U.S. senator and his partner in the upcoming 2024 U.S. presidential race, through their infiltration of Verizon, according to anonymous officials. The Wall Street Journal also noted on Friday that these same hackers had targeted individuals connected to U.S. Vice President Kamala Harris’ presidential campaign.
The breach at Verizon likely provided the hackers with access to at least some metadata regarding the candidates’ communications, including who they were in contact with and when. It could possibly reveal even more sensitive information, such as details from unencrypted voice or text conversations, although the precise extent of the hackers’ access remains uncertain. Even the metadata alone could contain sensitive insights about the candidates’ associates that might be utilized for influence operations or additional espionage activities.
The Chinese espionage operation contributes to an increasing apprehension about various foreign digital interventions in the elections. This situation follows attempts by Iranian hackers to breach and publish emails from the Trump campaign—which yielded little success—and disinformation activities tied to Russia across social media platforms.
As Apple prepares to officially launch its AI platform, Apple Intelligence, next week, it introduced tools for security researchers to assess its cloud infrastructure named Private Cloud Compute. The tech giant has invested significant effort in developing a secure and private AI cloud platform. This week’s introduction features comprehensive technical documentation outlining its security attributes, alongside a research environment accessible in the macOS Sequoia 15.1 beta release. The testing functionalities enable researchers, or anyone interested, to download and analyze the current version of the PCC software utilized in Apple’s cloud. According to the company, the only changes to the software involve optimizing its operation for use in the virtual research environment. Additionally, Apple released the source code for PCC, stating that vulnerabilities identified by researchers in this environment may qualify for a bug bounty payout of up to $1 million under its bug bounty program.
This past summer, Politico, The New York Times, and The Washington Post disclosed that they were contacted by a source offering hacked emails from the Trump campaign. The US Justice Department claims this source was acting on behalf of the Iranian government. None of the news organizations opted to publish or report on the stolen content. However, it seems that Iranian hackers eventually discovered platforms outside of mainstream media that would disseminate these emails. American Muckrakers, a PAC managed by a Democratic operative, published the documents after inviting submissions via a public post on X, stating, “Send it to us and we’ll get it out.”
American Muckrakers subsequently revealed internal communications from the Trump campaign regarding North Carolina Republican gubernatorial candidate Mark Robinson and Florida Republican representative Anna Paulina Luna. They also shared material indicating a financial arrangement between Donald Trump and Robert F. Kennedy Jr., the third-party candidate who withdrew from the race and endorsed Trump. Independent journalist Ken Klippenstein also obtained and released some of the hacked contents, including a research profile compiled by the campaign on Trump’s running mate and US senator JD Vance during the evaluation process for his candidacy. Klippenstein later received a visit from the FBI, who cautioned him that the documents were a part of a foreign influence campaign. He has maintained his stance, arguing that the media should not act as a “gatekeeper for what the public should know.”
As Russia has engaged in both military and cyber warfare against Ukraine, it has also executed an extensive hacking campaign against another neighboring country with a complicated history: Georgia. Bloomberg recently disclosed, ahead of the Georgian election, that Russia systematically infiltrated the country’s infrastructure and government through a long series of digital intrusion operations. Between 2017 and 2020, for example, Russia’s military intelligence agency, the GRU, hacked Georgia’s Central Election Commission (mirroring its actions in Ukraine in 2014), several media outlets, and the information technology systems of the national railway company. This was in addition to the attack on Georgian television stations, which the NSA attributed to the GRU’s Sandworm unit in 2020. Moreover, hackers known as Turla, working for the FSB (the Kremlin’s KGB successor), breached Georgia’s Foreign Ministry and siphoned off gigabytes of officials’ emails over several months. Bloomberg reports that Russia’s hacking endeavors were not confined to espionage; they also appeared to involve preparations to disrupt Georgian infrastructure, such as the electrical grid and oil companies, should tensions escalate.
For many years, cybersecurity experts have debated the definition of a cyberattack. Is an intrusion intended to destroy data, create disruption, or sabotage infrastructure classified as a cyberattack? Certainly. But a hacker breach aimed at data theft? Not so much. A hack-and-leak strategy or an espionage operation that includes a disruptive cleanup phase? Likely not, but there’s still ground for discussion. However, the Jerusalem Post recently presented perhaps the clearest example of mislabeling a cyberattack—in a headline, no less—that is evidently not one: disinformation spread on social media. The so-called “Hezbollah cyberattack” reported by the news outlet consisted of a series of images of Israeli hospitals shared by “hackers” claiming to be Hezbollah supporters, which implied that weapons and cash were hidden beneath the hospitals and suggested they should be targeted. This post appeared to be a reaction to similar assertions made by the Israeli Defense Forces (IDF) regarding hospitals in Gaza that they have bombed, along with a more recent claim concerning a hospital in Beirut, Lebanon.
“These are NOT CYBERATTACKS,” security researcher Lukasz Olejnik, the author of the books The Philosophy of Cybersecurity and Propaganda, remarked alongside a screenshot of the Jerusalem Post headline on social media platform X. “Posting images to social media is not hacking. Such a misguided interpretation.”