×

Shaheen target of November email hoax, office says



Monitor staff
Tuesday, July 31, 2018

Sen. Jeanne Shaheen was the target of a hoax attempt to set up a phone call with a person purporting to represent the government of Latvia, her office confirmed Tuesday, one of several recently disclosed foreign attempts to intrude onto the business of Senate offices.

In an email to the office, a man calling himself “Arturs Vaiders” and carrying the title the “second secretary of the state protocol” for Latvia offered to set up a phone call between Shaheen and the Latvian foreign minister, according to a report from the Daily Beast on Monday.

The planned phone call, confirmed Tuesday by Shaheen spokesman Ryan Nickel, would center on the status of U.S. sanctions against Russia and “general security with Kaspersky laboratory case,” Vaiders wrote.

Shaheen has been an outspoken critic of Russia and its suspected interference in the 2016 election through cyber attacks, and she recently championed a bill banning the governmental use of cybersecurity software from Kaspersky Laboratories, which has been linked to the Kremlin. Latvia has long had an adversarial relationship with Russia, its neighbor to the east.

Shaheen staffers were initially receptive to the offer, responding with a suggested date and time for the call, Nickel said.

But the strange nature of the request set off alarm bells.

“Staff suspected that something was suspicious and contacted the (Latvian) embassy,” Nickel said Tuesday, adding that the embassy informed the office that the attempt was not a legitimate offer.

Finding the matter a hoax, the office declined to participate in the call, Nickel said. The incident occurred over the course of a few days in November and was reported to the FBI, he added.

It’s not the first time Shaheen’s office has been the target of attacks.

In a CBS interview Sunday, Shaheen referred to a growing number of phishing attempts on her office – efforts to infiltrate the emails and social media accounts of her staffers through scam warnings telling them to reset passwords and update accounts.

In reference to the November incident, she noted “one situation that we have turned over to authorities to look into.”

“And we’re hearing that this is widespread – with political parties across the country, as well as with members of the Senate,” Shaheen said. “So this is a very big issue and it’s something that we need to address in a bipartisan way. It affects both Republicans and Democrats. It’s about the security of our political process and our government functions and we need to work together to address it.”

Other apparent hacking attempts against U.S. senators have cropped up in recent months. Sen. Claire McCaskill, D-Mo., has been directly targeted with hoax password requests over the last year, the Daily Beast reported last week. And in January, the cybersecurity firm Trend Micro Inc. reported that the same group of Kremlin-linked hackers that successfully infiltrated the Democratic Party in 2016 has recently made a broad attempt to break into the U.S. Senate.

According to one cybersecurity expert, the attacks are part of a near-insurmountable trend.

“Election hacking, fraud and corruption are as old as time, but computers really introduce a new element,” said Kenneth Geers, a Toronto-based senior fellow at the Atlantic Council, a Washington foreign policy think tank. “They make everyone more powerful.”

Geers, who specializes in cyber defense and spent 20 years in the federal government, said new technological developments have spurred an upsurge of cyber warfare attempts by governments of all sizes and stripes. So widespread is the practice that the question isn’t whether one government is hacking into another country’s system, but how extensively they’re doing it, he said.

Complicating matters, Geers said: Almost all of it lies in a legal gray area. Given the rising sophistication of the attacks, it’s become relatively easy to trace certain attacks to certain aggressive countries. But doing something meaningful about it is a much different story.

“It’s a challenge because almost anything can be justified on national security grounds. Espionage is okay according to international norms, and cyber espionage is okay,” he said.

Much of it falls under the agreed upon “rules of war,” he added.

Today, countries will often deploy cyber attacks to observe a country’s political developments from afar – an election, a missile strike – soaking up information without necessarily attempting to interfere. In that way, many are putting a modern spin on the 20th-century espionage tactics of wiretaps and document grabs.

“But,” Geers added, “the big difference comes when you weaponize the information.” Some countries such as Russia have begun using their access to actively disrupt the country’s politics, whether by altering the data, distributing it to other actors or making it fully public.

It is unclear whether November’s hoax emails to Shaheen’s office were connected to efforts by the Russian government to interfere in American politics. But for its part, the office is cooperating with federal law enforcement.

“We’re working with relevant authorities to investigate and determine the origins of these incidents,” Nickel said Tuesday.

And he added that while the office hasn’t directly changed its protocol in response to the November incident, all Senate staffers receive training about cyber attacks and remain on alert.

“We already had policies in place, but everything that’s happened has led to increased vigilance,” Nickel said.

 

(Ethan DeWitt can be reached at edewitt@cmonitor.com, or on Twitter at @edewittNH.)