As the 2024 United States presidential election approaches, documents have surfaced revealing governmental evaluations of election security and stability. The nonprofit Property of the People obtained these documents, which were subsequently reported by WIRED. One document from the U.S. Department of Homeland Security, distributed in October, suggested that cybercriminals with financial motives and hacktivists with ideological goals present a greater threat to U.S. election infrastructure than hackers backed by states. Another memo highlighted the risks of insider threats to the election process, warning that internal misconduct could undermine a fair and transparent election.
In the current polarized and contentious environment, U.S. elections have become increasingly militarized. Measures such as bulletproof glass, drones, defensive blockades, and sniper units are now standard at election offices, as officials prepare for potential violent incidents. Additionally, WIRED’s investigation uncovered a CIA operation that successfully hacked into Venezuela’s military payroll system as part of a Trump administration attempt to overthrow President Nicolás Maduro.
In other cybersecurity updates, WIRED examined a prolonged conflict involving the firewall vendor Sophos, which has been working to counter Chinese hackers engaging in espionage operations on vulnerable devices. Researchers have also raised concerns about a severe zero-click vulnerability within a default photo application on Synology network-attached storage devices, which hackers could exploit to steal data or penetrate networks.
A related piece of news reported that a former Disney employee, after being terminated, allegedly hacked the software used by Walt Disney World restaurants. The fired employee, Michael Scheuer, reportedly altered menus and locked out several employees from their accounts by using an automated script.
Infostealers, a type of malware, have gained popularity among cybercriminals and sophisticated state groups over the past few years, often bundled with pirated software to harvest personal data from web browsers. A global police initiative reportedly dismantled the Redline infostealer, which was responsible for stealing over 170 million pieces of information, along with a similar program named Meta. The operation led to the identification of Russian national Maxim Rudometov as the developer of Redline, following a series of operational security oversights.
Additionally, the leak of sensitive military information has once again become a concern, with recent exposures through the fitness app Strava highlighting lapses in security protocol. This incident enabled tracking the movements of prominent figures such as Joe Biden, Donald Trump, and Kamala Harris due to data inadvertently shared by their security teams.
Meanwhile, Italian prosecutors placed four individuals under house arrest and announced investigations into at least 60 others following allegations that an intelligence firm, Equalize, had hacked government databases in Italy. The firm allegedly accessed the personal information of over 800,000 individuals, including prominent politicians and public figures, for commercial sale or extortion purposes. Reports suggest Equalize’s clientele may extend outside Italy, potentially including entities such as Israeli intelligence and the Vatican.
