How Russian Cyber Power Attacked The US

Uploaded on 2016-12-30 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, GOVERNMENT-National, FREE TO VIEW

Who's To Blame: The FBI's failure to grasp the scope of the initial attacks on the Democratic party undercut efforts to minimize their impact.

When Special Agent Adrian Hawkins of the Federal Bureau of Investigation called the Democratic National Committee (DNC)  in September 2015 to pass along some troubling news about its computer network, he was transferred, naturally, to the help desk.

His message was brief, if alarming. At least one computer system belonging to the DNC had been compromised by hackers, the federal investigators had named “the Dukes,” a cyberespionage team linked to the Russian government.

The FBI knew it well: The bureau had spent the last few years trying to kick the Dukes out of the unclassified email systems of the White House, the State Department and even the Joint Chiefs of Staff, one of the government’s best-protected networks.

Yared Tamene, the tech-support contractor at the DNC who fielded the call, was no expert in cyberattacks. His first moves were to check Google for “the Dukes” and conduct a cursory search of the DNC computer system logs to look for hints of such a cyber-intrusion. By his own account, he did not look too hard even after Special Agent Hawkins called back repeatedly over the next several weeks, in part because he wasn’t certain the caller was a real FBI agent and not an impostor.

“I had no way of differentiating the call I just received from a prank call,” Mr. Tamene wrote in an internal memo, obtained by The New York Times, that detailed his contact with the FBI.

It was the cryptic first sign of a cyber-espionage and information-warfare campaign devised to disrupt the 2016 presidential election, the first such attempt by a foreign power in American history. What started as an information-gathering operation, intelligence officials believe, ultimately morphed into an effort to harm one candidate, Hillary Clinton, and tip the election to her opponent, Donald J. Trump.

Watergate

Like another famous American election scandal, it started with a break-in at the DNC. The first time, 44 years ago at the committee’s old offices in the Watergate complex, the burglars planted listening devices and jimmied a filing cabinet. This time, the burglary was conducted from afar, directed by the Kremlin, with spear-phishing emails and zeros and ones.

What is phishing?

Phishing uses an innocent-looking email to entice unwary recipients to click on a deceptive link, giving hackers access to their information or a network. In “spear-phishing,” the email is tailored to fool a specific person.

An examination byThe New York Times of the Russian operation, based on interviews with dozens of players targeted in the attack, intelligence officials who investigated it and Obama administration officials who deliberated over the best response, reveals a series of missed signals, slow responses and a continuing underestimation of the seriousness of the cyberattack.

The DNC’s fumbling encounter with the FBI meant the best chance to halt the Russian intrusion was lost. The failure to grasp the scope of the attacks undercut efforts to minimize their impact. And the White House’s reluctance to respond forcefully meant the Russians have not paid a heavy price for their actions, a decision that could prove critical in deterring future cyberattacks.

The low-key approach of the FBI meant that Russian hackers could roam freely through the committee’s network for nearly seven months before top DNC officials were alerted to the attack and hired cyber-experts to protect their systems. In the meantime, the hackers moved on to targets outside the DNC, including Mrs. Clinton’s campaign chairman, John D. Podesta, whose private email account was hacked months later.

NYT:           We Are In A New Era Of Espionage:

 

« Obama Advises Trump To Train 100,000 Hackers
The Worst Hacks In 2016 »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Orolia

Orolia

Orolia are experts in deploying high precision GPS time through network infrastructure to synchronize critical operations.

GrammaTech

GrammaTech

GrammaTech is a leading developer of software-assurance tools and advanced cyber-security solutions.

Abusix

Abusix

Abusix specializes in Internet security, network abuse handling, antispam and fraud prevention.

Puleng Technologies

Puleng Technologies

Puleng provides customers with a client-centric strategy to manage and secure the two most valuable assets an organisation has - its Data and Users.

Drootoo

Drootoo

Drootoo is transforming businesses and making them high performing entities with its unified cloud platform.

Servian

Servian

Servian is one of Australia's leading IT consultancies, with expertise in cloud, data, machine learning, DevOps and cybersecurity.

Adit Ventures

Adit Ventures

Adit Ventures is a venture capital firm with a focus on dynamic growth sectors including AI & Machine Learning, Big Data, Cybersecurity and IoT.

Global Resources

Global Resources

Global Resources' planning and management capabilities support city, regional, and national utility and infrastructure management, and information systems and cyber security service delivery.

RedLegg

RedLegg

RedLegg is a master provider of information security services, a boutique, nimble, old-fashioned customer service company that enjoys the technology battlefield.

Flotek

Flotek

Flotek is an IT & Comms service provider delivering SMEs with trusted, innovative and cost effective cloud technology, with confidence, clarity and clout.

Supra ITS

Supra ITS

Supra ITS is a leading full-service technology partner offering IT Consulting, Cloud Services, 24x7 Managed IT & Cybersecurity Services, and IT Project Support.

DataProof Communications

DataProof Communications

DataProof Communications is Cybersecurity Company specialising in cybersecurity operations, incident management and response best practices and technologies.

Scribe Security

Scribe Security

Scribe security provides end-to-end software supply chain security solutions.

Twine Security

Twine Security

Twine is pioneering the creation of AI digital cybersecurity employees to help improve efficiency for cybersecurity teams.

Start-Up Chile (SUP)

Start-Up Chile (SUP)

Start-Up Chile is a business accelerator program created by the Chilean Government for high-potential tech entrepreneurs.

Affinity Technology Partners

Affinity Technology Partners

Affinity Technology Partners has been fueling the growth of Nashville, Tennessee businesses and nonprofits with reliable IT services since 2002.