hacking

By Adam Bakst

With recent cyber attacks on Riviera Beach and Lake City, security of computer systems and information seems to be a growing concern even for the smallest of cities.

This is leading local information technology departments throughout the state to try and control this problem before they fall victim to hackers.

The search is on to determine which two Florida counties’ voter data was accessed by Russian hackers.

A South Florida Sun Sentinel investigation found that at least 13, and as many as 20, elections offices in Florida were sent an email by GRU, a Russian military intelligence agency. According to an FBI investigation, that email included an attachment that appeared to be a harmless Word document, but contained software that allowed the sender to access the computer files of anyone who opened the attachment.

Updated at 4:35 p.m. ET

Florida lawmakers were angry Thursday when they emerged from an FBI briefing that left them with unanswered questions about the two county election offices in their state that were breached by Russian cyberattacks in 2016.

Russian hackers breached the systems of two county elections systems in Florida in 2016, Florida Gov. Ron DeSantis said Tuesday at a news conference. DeSantis said no data were tampered with and vote tallies were not affected.

The intrusions, which had not ever been publicly confirmed, were first disclosed in special counsel Robert Mueller's report about Russian interference in the 2016 election last month.

As the U.S. government investigates the breach of Marriott's Starwood chain hotel reservation system, it appears Chinese state hackers are mostly likely responsible for the data breach. The information of about 500 million customers worldwide was exposed.

Updated 5:37 p.m. ET

Facebook says that it has discovered a security breach affecting nearly 50 million accounts and that it's not yet clear whether any information was accessed or any accounts were otherwise misused.

The vulnerability that caused the breach was found Tuesday and was fixed on Thursday night, Facebook says. It was the result of bugs introduced into Facebook's code in July 2017. No passwords or credit card numbers were stolen, the company says.

As the news broke of a school shooting in Parkland, Fla., on Wednesday, hundreds of Twitter accounts believed to be under Russian sway pivoted.

Many had been tweeting about places like Syria and Ukraine — countries where Russia is seeking to strengthen its influence. Suddenly the accounts shifted to hashtags like #guncontrol, #guncontrolnow and #gunreformnow. Tweets mentioning Nikolas Cruz, the name of the shooting suspect, spiked.

The ransomware attack on worldwide computer networks earlier this month largely spared those of the federal government. While the government dodged a bullet this time, experts say, its systems are still vulnerable — although perhaps less so than in the past.

When the global malware attack — dubbed "WannaCry" — was first detected, a government cybersecurity response group moved quickly.

Updated at 2:40 p.m. ET

The Justice Department has announced charges against four people, including two Russian security officials, over cybercrimes linked to a massive hack of millions of Yahoo user accounts.

Yahoo is warning some of its users that their accounts might have been breached by intruders using forged cookies, allowing them to access private information without knowing users' passwords.

Cookies are pieces of code stored by browsers to, among other things, keep track of whether a user is logged into a password-protected account. They're also used for innocuous functions, such as keeping track of online shopping cart contents.

R
Kevin Lamarque/Reuters

Editor's note: This story was published in January. Congress is still investigating Russian attempts to influence the 2016 US presidential election. FBI Director James Comey and Mike Rogers of the National Security Agency testify before the House Intelligence Committee on March 20. You can watch those proceedings here.

Updated at 7:00 p.m. ET

Yahoo says hackers stole names, email addresses, phone numbers, dates of birth and encrypted or unencrypted security questions and answers from more than 1 billion accounts.

In a statement posted to its website on Wednesday, the company said it had "taken steps to secure user accounts and is working closely with law enforcement."

The statement continued:

More and more of the things we use every day are being connected to the Internet.

The term for these Internet-enabled devices — like connected cars and home appliances — is the Internet of things. They promise to make life more convenient, but these devices are also vulnerable to hacking.

Security technologist Bruce Schneier told NPR's Audie Cornish that while hacking someone's emails or banking information can be embarrassing or costly, hacking the Internet of things could be dangerous.