How Russian Cyber Power Attacked The US

Who's To Blame: The FBI's failure to grasp the scope of the initial attacks on the Democratic party undercut efforts to minimize their impact.

When Special Agent Adrian Hawkins of the Federal Bureau of Investigation called the Democratic National Committee (DNC)  in September 2015 to pass along some troubling news about its computer network, he was transferred, naturally, to the help desk.

His message was brief, if alarming. At least one computer system belonging to the DNC had been compromised by hackers, the federal investigators had named “the Dukes,” a cyberespionage team linked to the Russian government.

The FBI knew it well: The bureau had spent the last few years trying to kick the Dukes out of the unclassified email systems of the White House, the State Department and even the Joint Chiefs of Staff, one of the government’s best-protected networks.

Yared Tamene, the tech-support contractor at the DNC who fielded the call, was no expert in cyberattacks. His first moves were to check Google for “the Dukes” and conduct a cursory search of the DNC computer system logs to look for hints of such a cyber-intrusion. By his own account, he did not look too hard even after Special Agent Hawkins called back repeatedly over the next several weeks, in part because he wasn’t certain the caller was a real FBI agent and not an impostor.

“I had no way of differentiating the call I just received from a prank call,” Mr. Tamene wrote in an internal memo, obtained by The New York Times, that detailed his contact with the FBI.

It was the cryptic first sign of a cyber-espionage and information-warfare campaign devised to disrupt the 2016 presidential election, the first such attempt by a foreign power in American history. What started as an information-gathering operation, intelligence officials believe, ultimately morphed into an effort to harm one candidate, Hillary Clinton, and tip the election to her opponent, Donald J. Trump.

Watergate

Like another famous American election scandal, it started with a break-in at the DNC. The first time, 44 years ago at the committee’s old offices in the Watergate complex, the burglars planted listening devices and jimmied a filing cabinet. This time, the burglary was conducted from afar, directed by the Kremlin, with spear-phishing emails and zeros and ones.

What is phishing?

Phishing uses an innocent-looking email to entice unwary recipients to click on a deceptive link, giving hackers access to their information or a network. In “spear-phishing,” the email is tailored to fool a specific person.

An examination byThe New York Times of the Russian operation, based on interviews with dozens of players targeted in the attack, intelligence officials who investigated it and Obama administration officials who deliberated over the best response, reveals a series of missed signals, slow responses and a continuing underestimation of the seriousness of the cyberattack.

The DNC’s fumbling encounter with the FBI meant the best chance to halt the Russian intrusion was lost. The failure to grasp the scope of the attacks undercut efforts to minimize their impact. And the White House’s reluctance to respond forcefully meant the Russians have not paid a heavy price for their actions, a decision that could prove critical in deterring future cyberattacks.

The low-key approach of the FBI meant that Russian hackers could roam freely through the committee’s network for nearly seven months before top DNC officials were alerted to the attack and hired cyber-experts to protect their systems. In the meantime, the hackers moved on to targets outside the DNC, including Mrs. Clinton’s campaign chairman, John D. Podesta, whose private email account was hacked months later.

NYT:           We Are In A New Era Of Espionage:

 

« Obama Advises Trump To Train 100,000 Hackers
The Worst Hacks In 2016 »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

QMS International

QMS International

QMS is one of the leading ISO certification bodies in the UK and serves clients worldwide.

Kobil Systems

Kobil Systems

Kobil is a pioneer in the fields of smart card, one-time password, authentication and cryptography.

European Society of Criminology (ESC)

European Society of Criminology (ESC)

The ESC Working Group on Cybercrime is focused on cybercrime, its causes and offenders, impact on victims, and our response to it at the individual, corporate, and governmental levels.

CryptoSec.info

CryptoSec.info

CryptoSec.info is a web resource focused on educating the beginners in the cryptocurrency space on how to properly secure their online assets from hackers and scammers.

Scout Ventures

Scout Ventures

Scout Ventures is an early stage venture capital firm that is making the world a better, safer place by cultivating standout frontier technologies.

Ironhack

Ironhack

Ironhack provide intensive training courses & bootcamps in Web Development, UX/UI Design, Data Analytics & Cybersecurity.

Appsec Phoenix

Appsec Phoenix

Appsec Phoenix is an end to end vulnerability management platform that focuses on workflows, threat feed, and real time data.

FTCYBER

FTCYBER

FTCYBER offers the latest technology and data recovery services to identify and extract data from computers and other digital devices.

Advent One

Advent One

Advent One are recognised for solving intricate dilemmas, not only making technology work but building foundations that customers can grow upon in an effective and secure way.

Intelligent CloudCare

Intelligent CloudCare

Intelligent CloudCare, a division of IPS, is a full IT Services provider serving the needs of SMBs in the metropolitan New York City region.

Limes Security

Limes Security

Limes Security GmbH is the leading OT Security expert in the German-speaking region of Europe.

The CyberWire

The CyberWire

The CyberWire gets people up to speed on cyber quickly and keeps them a step ahead in a continually changing industry.

Stack Identity

Stack Identity

Stack Identity protects access to cloud data by prioritizing identity and access vulnerabilities via a live data attack map.

Roberts & Obradovic Law

Roberts & Obradovic Law

Roberts & Obradovic Law Group is a corporate, privacy, employment and litigation law firm.

Secure Blink

Secure Blink

Secure Blink provides automated application and API security solutions that empower developers and security engineers to protect critical assets from exploitation.

Endari

Endari

Endari specializes in building cybersecurity maturity within the operational DNA of early-stage startups and SMBs.