Search
Content type: Examples
20th December 2018
In July 2018, Robert Mueller, the special prosecutor appointed to look into Russian interference in the 2016 US presidential election, charged 12 Russian intelligence officers with hacking Hillary Clinton's campaign and the Democratic National Committee by spearphishing staffers. The charges include conspiracy to commit an offence against the US, aggravated identity theft, conspiracy to launder money, and conspiracy to access computers without authorisation. The hack led to the release of…
Content type: Examples
20th December 2018
Facebook ads purchased in May 2016 by the Internet Research Agency, a notorious Russian troll farm, urged users to install the FaceMusic app. When installed, this Chrome extension gained wide access to the users' Facebook accounts and web browsing behaviour; in some cases it messaged all the user's Facebook Friends. The most successful of these ads specifically targeted American girls aged 14 to 17 and said the app would let them play their favourite music on Facebook for free and share it with…
Content type: Examples
20th December 2018
With only days to go before the 2018 US midterm elections, a federal judge ruled that the state of Georgia must change its "exact match" law that required voter registrations with even the tiniest variation from other official identifications to be flagged as potential non-citizens unless they could produce proof of identity. A group of civil rights groups sued Republican secretary of state Brian Kemp, in charge of the elections despite also running for governor, to change the procedure, which…
Content type: Examples
20th December 2018
In August 2018, the US Democratic National Committee notified the FBI that the San Francisco-based security company Lookout and the cloud service provider DigitalOcean had detected an attempted hack targeted at the DNC voter database. The attack took the form of a fake DNC login page intended to trick people into disclosing their usernames and passwords thinking they were accessing the DNC's VoteBuilder platrform. Lookout believes it found the site within 30 minutes of its going up online, but…
Content type: Examples
20th December 2018
Shortly before the 2018 US midterm elections, Georgia secretary of state and gubernatorial candidate Brian Kemp accused Georgia's Democratic Party of hacking into the state's voter registration database, though without providing any evidence to support the claim. The motives behind the claim were unclear, but a report published by WhoWhatWhy suggested that the claim may have referred to a cybersecurity investigation conducted by the Democrats that uncovered significant flaws in the state's…
Content type: Examples
20th December 2018
In July 2018, Election Systems and Software (ES&S), long the top US manufacturer of voter machines, admitted in a letter to Senator Ron Wyden (D-OR) that it had installed pcAnywhere remote access software and modems on a number of the election management systems it had sold between 2000 and 2006. The admission was in direct contradiction to the company's response for a New York Times article earlier in the year on US voting machines' vulnerability to hacking. ES&S says it stopped…
Content type: Examples
20th December 2018
In the run-up to the November 2018 US midterm elections, Vice tested Facebook's new system of mandatory "Paid for" disclosure intended to bring greater transparency to the sources of ads relating to "issues of national importance". Placing political ads requires a valid ID and proof of residence. Vice found that Facebook quickly approved ads the site attempted to place that named Islamic State, US vice president Mike Pence, and Democratic National Committee chair Tom Perez in the "Paid for"…
Content type: Examples
20th December 2018
A combination of entrenched and litigious voting machine manufacturers with immense control over their proprietary software and a highly complex and fragmented voting infrastructure mean that even though concerns were raised as early as 2004 about the security of US voting machines, the 2018 midterm election saw little improvement. The machines in use in the more than 10,000 US election jurisdictions are all either optical-scan or direct-recording electronic (DRE). Optical-scan, which scans…
Content type: Examples
20th December 2018
In September 2018, when Massachusetts state police tweeted a map of responses to fires and explosions during a gas emergency, they inadvertently revealed that they were closely monitoring several activist groups, including a Facebook group for Mass Action Against Police Brutality, the Coalition to Organize and Mobilize Boston Against Trump, Facebook 413, Facebook MA Activism, and Resistance Calendar. The image was taken down and cropped after half an hour, but it spurred journalists to ask…
Content type: Examples
20th December 2018
In September 2018, Google warned a selection of US senators and their aides that their Gmail accounts were being targeted by foreign government hackers. Google has issued warnings of phishing attempts by state-sponsored actors since 2012, though getting a notice does not mean the account has been compromised.
https://www.cnet.com/news/google-warns-us-senators-of-foreign-hackers-targeting-their-gmail-accounts/
Writer: Richard Nieva
Publication: CNet
Content type: Examples
20th December 2018
In the run-up to the 2018 US mid-term elections, researchers found that the dissemination of fake news on Facebook was increasingly a domestic American phenomenon rather than, as in the 2016 presidential election, an effort driven by state-backed Russian operatives. Removing such accounts (Twitter) and pages (Facebook) is tricky in the US, where the boundary between free speech and disinformation is particularly sensitive. In addition, domestic disinformation is harder to distinguish. One of…
Content type: Examples
20th December 2018
In the months leading up to the US 2018 midterm elections, Republican officials in Georgia, Texas, and North Carolina made moves they described as ensuring voting integrity but which critics saw as blocking voter access. In Georgia, where Secretary of State Brian Kemp is charged with enforcing election law and was simultaneously running for governor, election officials blocked 53,000 applications to register, 70% of which are those of African-Americans, under a law requiring personal…
Content type: Examples
20th December 2018
A few months before the US 2018 midterm elections, the Trump campaign team signed a contract with the newly-formed Virginia-based company Excelsior Strategies to exploit the first-party data the campaign had collected. The contract was set up by Trump's campaign manager, Brad Parscale, who built the list as the digital director of Trump's 2016 campaign and began renting it out soon after the November 2016 elections.
Subject to the Trump's campaign veto authority, Excelsior rents out this…
Content type: Examples
20th December 2018
A little over a month before the US 2018 midterm elections, Twitter updated its rules to reduce manipulation of its platform. Among the changes, the company outlined the factors it would use to determine whether an account is fake and should be removed, provided an update on its automated detection and enforcement actions, and announced some changes to its user interface, which included reminding candidates to turn on two-factor authentication and encouraging US voters to register and vote.…
Content type: Examples
8th December 2018
Days before the US November 2018 midterm elections, ProPublica discovered that an organisation called Energy4US spent $20,000 to run ads on Facebook pushing conservatives to support the Trump administration's reversal of fuel emission standards. On closer scrutiny, Energy4US appeared to be a front organisation for the trade association American Fuel and Petrochemical Manufacturers, which numbers the world's largest oil companies among its members. Although Facebook's announced requirement that…
Content type: Examples
8th December 2018
In the run-up to the US 2018 mid-term elections, Facebook announced it would broaden the company's policies against voter suppression by banning misrepresentations about how to vote and whether a vote will be counted. The company also introduced a reporting option to allow users to report incorrect information and dedicated reporting channels for state election authorities. The company noted it was getting better at detecting and removing fake accounts and increasing transparency about…
Content type: Examples
4th December 2018
In May 2018, US Immigration and Customs Enforcement abandoned the development of machine learning software intended to mine Facebook, Twitter, and the open Internet to identify terrorists. The software, announced in the summer of 2017, had been a key element of president Donald Trump's "extreme vetting" programme and expected to flag at least 10,000 people a year for investigation. ICE decided instead to opt for a contractor who could provide training, management, and human personnel to do the…
Content type: Examples
5th May 2018
A data breach at the Internet Research Agency, the Russian troll farm at the centre of Russia's interference in the 2016 US presidential election, reveals that one way the IRA operated was to use identities stolen from Americans. Using these accounts and other fake ones, the troll farm interacted via social media with genuine US activists and recruited them to participate in and help organise rallies, all in the interests of aggravating long-standing American social divisions.
https://www.…
Content type: Examples
5th May 2018
According to whistleblower Christopher Wylie, during the 2014 US midtern elections, Cambridge Analytica, needing data to complete the new products it had promised to political advisor Steve Bannon, harvested private information from the Facebook profiles of more than 50 million users without their permission. There was enough information about 30 million of these users to match them to other records and build psychographic profiles.
After the news became public in March 2018, Facebook…
Content type: Examples
5th May 2018
A former Facebook insider explains to Wired Magazine why it's almost certain that the Trump campaign's skill using the site's internal advertising infrastructure was more important in the 2016 US presidential election than Russia's troll farm was. The first was the ads auction; the second a little-known product called Custom Audience and its accompanying Lookalike Audiences. Like Google's equivalent, Facebook's auction has advertisers bid with an ad, an ideal user specification, and a bid for…
Content type: Examples
5th May 2018
Caucuses, which are used in some US states as a method of voting in presidential primaries, rely on voters indicating their support for a particulate candidate by travelling to the caucus location. In a 2016 Marketplace radio interview, Tom Phillips, the CEO of Dstillery, a big data intelligence company, said that his company had collected mobile device IDs at the location for each of the political party causes during the Iowa primaries. Dstillery paired caucus-goers with their online…
Content type: Examples
5th May 2018
In what proved to be the first of several years of scandals over the use of personal data in illegal, anti-democratic campaigning, in 2015 the Guardian discovered that Ted Cruz's campaign for the US presidency paid at least $750,000 that year to use tens of millions of profiles of Facebook users gathered without their permission by Cambridge Analytica, owned by London-based Strategic Communications Laboratories. Financially supported by leading Republican donor Robert Mercer, CA amassed these…
Content type: Examples
3rd May 2018
In 2016, supporters of Ted Cruz and Rand Paul for president were surprised to begin getting emails from the Trump campaign soon after their candidates dropped out of the race for the Republican nomination. In an investigation, CNNMoney found that nearly every failed 2016 presidential candidate sold, rented, or loaned their supporters' email addresses to other candidates, marketers, charities, and private companies. From analysing thousands of emails and Federal Election Commission records,…
Content type: Examples
3rd May 2018
In 2016, the American Civil Liberties Union of Northern California published a report revealing that the social media monitoring service Geofeedia had suggested it could help police track protesters. The report's publication led Twitter and Facebook to restrict Geofeedia's access to their bulk data. ACLUNC argued that even though the data is public, using it for police surveillance is an invasion of privacy. Police are not legally required to get a warrant before searching public data; however…
Content type: Examples
3rd May 2018
Documents submitted as part of a 2015 US National Labor Relations Board investigation show that Walmart, long known to be hostile to unions, spied on and retaliated against a group of employees who sought higher wages, more full-time jobs, and predictable schedules. In combating the group, who called themselves the Organization United for Respect at Walmart (OUR Walmart), Walmart hired an intelligence-gathering service from Lockheed Martin, contacted the FBI, and set up an internal Delta team…