How Russian Cyber Power Attacked The US

Who's To Blame: The FBI's failure to grasp the scope of the initial attacks on the Democratic party undercut efforts to minimize their impact.

When Special Agent Adrian Hawkins of the Federal Bureau of Investigation called the Democratic National Committee (DNC)  in September 2015 to pass along some troubling news about its computer network, he was transferred, naturally, to the help desk.

His message was brief, if alarming. At least one computer system belonging to the DNC had been compromised by hackers, the federal investigators had named “the Dukes,” a cyberespionage team linked to the Russian government.

The FBI knew it well: The bureau had spent the last few years trying to kick the Dukes out of the unclassified email systems of the White House, the State Department and even the Joint Chiefs of Staff, one of the government’s best-protected networks.

Yared Tamene, the tech-support contractor at the DNC who fielded the call, was no expert in cyberattacks. His first moves were to check Google for “the Dukes” and conduct a cursory search of the DNC computer system logs to look for hints of such a cyber-intrusion. By his own account, he did not look too hard even after Special Agent Hawkins called back repeatedly over the next several weeks, in part because he wasn’t certain the caller was a real FBI agent and not an impostor.

“I had no way of differentiating the call I just received from a prank call,” Mr. Tamene wrote in an internal memo, obtained by The New York Times, that detailed his contact with the FBI.

It was the cryptic first sign of a cyber-espionage and information-warfare campaign devised to disrupt the 2016 presidential election, the first such attempt by a foreign power in American history. What started as an information-gathering operation, intelligence officials believe, ultimately morphed into an effort to harm one candidate, Hillary Clinton, and tip the election to her opponent, Donald J. Trump.

Watergate

Like another famous American election scandal, it started with a break-in at the DNC. The first time, 44 years ago at the committee’s old offices in the Watergate complex, the burglars planted listening devices and jimmied a filing cabinet. This time, the burglary was conducted from afar, directed by the Kremlin, with spear-phishing emails and zeros and ones.

What is phishing?

Phishing uses an innocent-looking email to entice unwary recipients to click on a deceptive link, giving hackers access to their information or a network. In “spear-phishing,” the email is tailored to fool a specific person.

An examination byThe New York Times of the Russian operation, based on interviews with dozens of players targeted in the attack, intelligence officials who investigated it and Obama administration officials who deliberated over the best response, reveals a series of missed signals, slow responses and a continuing underestimation of the seriousness of the cyberattack.

The DNC’s fumbling encounter with the FBI meant the best chance to halt the Russian intrusion was lost. The failure to grasp the scope of the attacks undercut efforts to minimize their impact. And the White House’s reluctance to respond forcefully meant the Russians have not paid a heavy price for their actions, a decision that could prove critical in deterring future cyberattacks.

The low-key approach of the FBI meant that Russian hackers could roam freely through the committee’s network for nearly seven months before top DNC officials were alerted to the attack and hired cyber-experts to protect their systems. In the meantime, the hackers moved on to targets outside the DNC, including Mrs. Clinton’s campaign chairman, John D. Podesta, whose private email account was hacked months later.

NYT:           We Are In A New Era Of Espionage:

 

« Obama Advises Trump To Train 100,000 Hackers
The Worst Hacks In 2016 »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Orolia

Orolia

Orolia are experts in deploying high precision GPS time through network infrastructure to synchronize critical operations.

Zivver

Zivver

Zivver is the effortless, secure email platform, powering the next generation of secure communications.

MACH37

MACH37

MACH37 is a market-centric cybersecurity accelerator program designed to facilitate the creation of the next generation of cybersecurity product companies.

DataProtect

DataProtect

DataProtect is a specialized information security company providing consultancy, information management, integration and training services.

Rippleshot

Rippleshot

Rippleshot is a fraud analytics firm that detects mass card compromises faster, allowing issuers to execute more proactive fraud detection strategies.

Specops Software

Specops Software

Specops Software is a leading password management and authentication solution vendor.

Cyber Security Africa

Cyber Security Africa

Cyber Security Africa is a full-service Information Security Consulting firm offering a comprehensive range of Services and Products to help organizations protect their valuable assets.

GroupSense

GroupSense

GroupSense helps governments and enterprises take control of digital risk with cyber reconnaissance, counterintelligence and monitoring for breached credentials.

Neosecure

Neosecure

NeoSecure is a specialist Cybersecurity Solutions and Managed Services provider in Latin America.

Open Data Security (ODS)

Open Data Security (ODS)

Open Data Security is a market leader in the information security sector, offering services to companies, governments and individuals, helping them shield from hackers and cyber attacks.

ProCheckUp

ProCheckUp

ProCheckUp is a London-based independent provider of cyber security services, including IT Security, Assurance, Compliance and Incident Response.

Salem Cyber

Salem Cyber

Salem Cyber builds Artificial Intelligence (AI) solutions that work collaboratively with people to address scalability challenges in cybersecurity operations.

LimaCharlie

LimaCharlie

LimaCharlie gives security teams full control over how they manage their security infrastructure. Get full visibility, build what you want, control your data, get the security capabilities you need.

GeoComply

GeoComply

GeoComply provides fraud prevention and cybersecurity solutions that detect location fraud and help verify a user's true digital identity.

Hubble

Hubble

Hubble grew from the idea that legacy solutions were failing to provide organizations with the asset visibility they needed to effectively secure and operate their businesses.

Hilltop Technologies

Hilltop Technologies

Hilltop Technologies is a cybersecurity company specialized in managed security services and consulting tailored for all sectors from higher education to publicly traded companies.

Pango

Pango

Pango is a leading provider of digital consumer security solutions.