The Wall Street Journal reports: With the hacking of Hillary Clinton’s campaign and the Democratic National Committee, U.S. officials say Russia has unleashed a strengthened cyberwarfare weapon to sow uncertainty about the U.S. democratic process.
In doing so, Russia has transformed state-sponsored hackers known as Fancy Bear and Cozy Bear from internet spies to political tools with the power to target the country’s adversaries, according to U.S. officials and cybersecurity experts.
The attacks are the harder side of parallel campaigns in the Kremlin’s English-language media, which broadcast negative news about Western institutions and alliances and focus on issues that demonstrate or stoke instability in the West, such as Brexit. Moscow seeks particularly to weaken the North Atlantic Treaty Organization, which has expanded its defense against Russia.
“The underlying philosophy of a lot of these attacks is about establishing information as a weapon,” said Alexander Klimburg, a cyber expert at the Hague Center for Strategic Studies. “Hacking for them is literally about controlling information.”
President Vladimir Putin denies Russian involvement in the hacking, but in a way that telegraphs glee about the potential chaos being sown in the U.S. democratic process.
“Everyone is talking about who did it, but is it so important who did it?” Mr. Putin said. “What is important is the content of this information.”
Former Central Intelligence Agency Director Michael Hayden said the Kremlin doesn’t appear to be trying to influence the election’s outcome, noting Russian involvement has provided fodder for both Republicans and Democrats. “They are not trying to pick a winner,” he said Tuesday at a cybersecurity conference in Washington. Rather, Russia is likely unleashing the emails “to mess with our heads.”
Pro-Kremlin commentators in Russia have seized on the DNC leaks to cast doubt on the American democratic process and argue that Washington has no right to criticize Moscow. They have said the hacked DNC emails, which showed party officials working to undermine primary runner-up Bernie Sanders, prove Americans are hypocritical when they malign Mr. Putin’s authoritarianism. [Continue reading…]
Category Archives: hacking
Czech police arrest Russian in connection with U.S. hacking attacks
Reuters reports: Czech police have detained a Russian man wanted in connection with hacking attacks on targets in the United States, the police said, without giving further details.
The arrest was carried out in cooperation with the U.S. Federal Bureau of Investigation, Czech police said on their website on Tuesday evening. Interpol had issued a so-called Red Notice for the man, seeking his arrest, they added. [Continue reading…]
CIA prepping for possible cyber attack against Russia
NBC News reports: The Obama administration is contemplating an unprecedented cyber covert action against Russia in retaliation for alleged Russian interference in the American presidential election, U.S. intelligence officials told NBC News.
Current and former officials with direct knowledge of the situation say the CIA has been asked to deliver options to the White House for a wide-ranging “clandestine” cyber operation designed to harass and “embarrass” the Kremlin leadership.
The sources did not elaborate on the exact measures the CIA was considering, but said the agency had already begun opening cyber doors, selecting targets and making other preparations for an operation. Former intelligence officers told NBC News that the agency had gathered reams of documents that could expose unsavory tactics by Russian President Vladimir Putin.
Vice President Joe Biden told “Meet the Press” moderator Chuck Todd on Friday that “we’re sending a message” to Putin and that “it will be at the time of our choosing, and under the circumstances that will have the greatest impact.”
When asked if the American public will know a message was sent, the vice president replied, “Hope not.”
Retired Admiral James Stavridis told NBC News’ Cynthia McFadden that the U.S. should attack Russia’s ability to censor its internal internet traffic and expose the financial dealings of Putin and his associates. [Continue reading…]
And what better way to expose such information than by providing it to Wikileaks. Julian Assange can then demonstrate that he’s not a puppet of Putin’s — or risk being outed if it turns out his organization chooses not to release such material.
Wouldn’t that turn Wikileaks into a puppet of the U.S. government? Kind of — except Assange’s position is that it’s not his job to pass judgment on the motives of his sources. His commitment is to protect his sources and publish secrets.
Entire U.S. political system ‘under attack’ by Russian hacking, experts warn
Geof Wheelwright writes: It could have been a cold war drama. The world watched this week as accusations and counter-accusations were thrown by the American and Russian governments about documents stolen during a hack of the Democratic National Committee and the email account of Hillary Clinton’s campaign chair John Podesta.
The notion that public figures have any right to privacy appears to have been lost in the furore surrounding the story, stolen correspondence being bandied around in attempts to influence the outcome of one of the nastiest, most vitriolic US presidential campaigns in history.
Some have argued that as secretary of state, Hillary Clinton’s emails were fair game for hacking because had they not been held on a private server, they would have been subject to freedom of information requests and available to the general public.
There may be some truth to that, but it doesn’t change the fact that correspondence between public figures has allegedly been hacked by those acting under the direction of a foreign government and released for everyone to peruse, with little opportunity for the authors to offer context or even confirm that the contents of the leaks are accurate.
The hacks have created a dilemma for American voters, according to Rob Guidry, CEO of social media analytics company Sc2 and a former special adviser to US Central Command. He says voters seem to want the information that has been leaked by the hackers but don’t feel entirely comfortable with the hacks that have brought the information to light. [Continue reading…]
White House says U.S. will retaliate against Russia for hacking
Politico reports: White House Press Secretary Josh Earnest promised on Tuesday that the U.S. would deliver a “proportional” response to Russia’s alleged hacking of American computer systems.
In addition to pledging that the U.S. “will ensure that our response is proportional,” Earnest told reporters flying on Air Force One that “it is unlikely that our response would be announced in advance.”
“The president has talked before about the significant capabilities that the U.S. government has to both defend our systems in the United States but also carry out offensive operations in other countries,” he said as the press corps traveled with the president to a Hillary Clinton campaign event in North Carolina. “So there are a range of responses that are available to the president and he will consider a response that is proportional.” [Continue reading…]
How Donald Trump is promoting Russian disinformation to American voters
Kurt Eichenwald writes: I am Sidney Blumenthal. At least, that is what Vladimir Putin — and, somehow, Donald Trump — seem to believe. And that should raise concerns about not only Moscow’s attempts to manipulate this election but also how Trump came to push Russian disinformation to American voters.
An email from Blumenthal — a confidant of Hillary Clinton and a man, second only to George Soros, at the center of conservative conspiracy theories — turned up in the recent document dump by WikiLeaks. At a time when American intelligence believes Russian hackers are trying to interfere with the presidential election, records have been fed recently to WikiLeaks out of multiple organizations of the Democratic Party, raising concerns that the self-proclaimed whistleblower group has become a tool of Putin’s government. But now that I have been brought into the whole mess — and transformed into Blumenthal — there is even more proof that the Russians are not only orchestrating this act of cyberwar but also really, really dumb.
The evidence emerged thanks to the incompetence of Sputnik, the Russian online news and radio service established by the government-controlled news agency, Rossiya Segodnya.
The documents that WikiLeaks has unloaded recently have been emails out of the account of John Podesta, the chairman of Clinton’s election campaign. Almost as soon as the pilfered documents emerged, Sputnik was all over them and rapidly found (or probably already knew about before the WikiLeaks dump) a purportedly incriminating email from Blumenthal.
The email was amazing — it linked Boogie Man Blumenthal, Podesta and the topic of conservative political fever dreams, Benghazi. This, it seemed, was the smoking gun finally proving Clinton bore total responsibility for the attack on the American outpost in Libya in 2012. Sputnik even declared that the email might be the “October surprise” that could undermine Clinton’s campaign. [Continue reading…]
Even the U.S. military is looking at blockchain technology — to secure nuclear weapons
Quartz reports: Blockchain technology has been slow to gain adoption in non-financial contexts, but it could turn out to have invaluable military applications. DARPA, the storied research unit of the US Department of Defense, is currently funding efforts to find out if blockchains could help secure highly sensitive data, with potential applications for everything from nuclear weapons to military satellites.
The case for using a blockchain boils down to a concept in computer security known as “information integrity.” That’s basically being able to track when a system or piece of data has been viewed or modified. DARPA’s program manager behind the blockchain effort, Timothy Booher, offers this analogy: Instead of trying to make the walls of a castle as tall as possible to prevent an intruder from getting in, it’s more important to know if anyone has been inside the castle, and what they’re doing there.
A blockchain is a decentralized, immutable ledger. Blockchains can permanently log modifications to a network or database, preventing intruders from covering their tracks. In DARPA’s case, blockchain tech could offer crucial intelligence on whether a hacker has modified something in a database, or whether they’re surveilling a particular military system. [Continue reading…]
Seven reasons the new Russian hack announcement is a big deal
Julia Ioffe writes: It’s been buried under news of Donald Trump bragging about his ability to grab women by their genitals, but Friday afternoon’s news dump included a stunning declaration by the Department of Homeland Security: the first direct accusation from the Obama administration that Russia is trying to interfere with our elections.
“The U.S. Intelligence Community is confident that the Russian Government directed the recent compromises of e-mails from US persons and institutions, including from US political organizations,” the statement said, concluding that “these thefts and disclosures are intended to interfere with the US election process.” After the Democratic National Committee hack and the scattered hacks of voting machines, and months of talk in the press and on Capitol Hill, the Obama administration has openly called out the Kremlin for meddling in the election.
This was immediately followed by a new dump of documents from WikiLeaks, this time of Clinton campaign chair John Podesta’s emails, and news that the Russian ambassador to the United Nations lodged a formal complaint with the organization when another official criticized Trump. And all of this comes against the backdrop of Trump’s constant and effusive praise for Vladimir Putin, as well as a steady stream of revelations about his campaign’s shady ties to Russia.
As head-spinning as it might be and as distracted as we might be by #TrumpTapes, this is arguably the more important story. What’s really going on? The hacking war is a genuinely new development in the long and often fraught U.S. relationship with Russia, and carries profound implications. Here’s what’s behind Friday’s statement — and why it matters so much. [Continue reading…]
U.S. government officially accuses Russia of hacking campaign to interfere with elections
The Washington Post reports: The Obama administration on Friday officially accused Russia of attempting to interfere in the 2016 elections, including by hacking the computers of the Democratic National Committee and other political organizations.
The denunciation, made by the Office of the Director of National Intelligence and the Department of Homeland Security, came as pressure was growing from within the administration and some lawmakers to publicly name Moscow and hold it accountable for actions apparently aimed at sowing discord around the election.
“The U.S. Intelligence Community is confident that the Russian Government directed the recent compromises of e-mails from U.S. persons and institutions, including from U.S. political organizations,” said a joint statement from the two agencies. “. . . These thefts and disclosures are intended to interfere with the U.S. election process.”
The public finger-pointing was welcomed by senior Democratic and Republican lawmakers, who also said they now expect the administration to move to punish the Kremlin as part of an effort to deter further acts by its hackers. [Continue reading…]
Why the internet of things is the new magic ingredient for cyber criminals
John Naughton writes: Brian Krebs is one of the unsung heroes of tech journalism. He’s a former reporter for the Washington Post who decided to focus on cybercrime after his home network was hijacked by Chinese hackers in 2001. Since then, he has become one of the world’s foremost investigators of online crime. In the process, he has become an expert on the activities of the cybercrime groups that operate in eastern Europe and which have stolen millions of dollars from small- to medium-size businesses through online banking fraud. His reporting has identified the crooks behind specific scams and even led to the arrest of some of them.
Krebs runs a blog – Krebs on Security – which is a must-read for anyone interested in these matters. Sometimes, one fears for his safety, because he must have accumulated so many enemies in the dark underbelly of the net. And last Tuesday one of them struck back.
The attack began at 8pm US eastern time, when his site was suddenly hit by a distributed denial of service (DDoS) attack. This is a digital assault in which a computer server is swamped by trivial requests that make it impossible to serve legitimate ones. The attack is called a distributed one because the noxious pings come not from one location, but from computers located all over the world that have earlier been hacked and organised into a “botnet”, which can then direct thousands or millions of requests at a targeted server in order to bring it down. Think of it as a gigantic swarm of electronic hornets overwhelming a wildebeest.
DDoS attacks are a routine weapon in the cybercriminal’s armoury. They are regularly used, for example, to blackmail companies, which then pay a ransom to have the hornets called off. They’re a useful tool because it’s very difficult to pinpoint the individuals or groups that have assembled a particular botnet army. And in the past Krebs has had to deal with DDoS attacks that were probably launched by people who were not amused by the accuracy of his investigative reporting.
Last Tuesday’s attack was different, however – in two respects. The first was its sheer scale. It got so bad that even Akamai, the huge content delivery network that handles 15-30% of all web traffic, had to tell Krebs that it couldn’t continue to carry his blog because the attack was beginning to affect all its other customers. So he asked them to redirect all traffic heading for krebsonsecurity.com to the internet’s equivalent of a black hole. This meant that his site effectively disappeared from the web: a courageous and independent voice had been silenced. [Continue reading…]
Newsweek suspects hackers crashed website because of negative Trump article
Politico reports: Newsweek suspects that hackers are to blame for the crash of its website on Thursday night, after it published an article about Donald Trump’s company secretly conducting business in Cuba in the 1990s.
“We don’t know everything. We’re still investigating,” Newsweek editor in chief Jim Impoco told POLITICO. “But it was a massive DDoS attack, and it took place in the early evening just as prominent cable news programs were discussing Kurt Eichenwald’s explosive investigation into how Donald Trump’s company broke the law by breaking the United States embargo against Cuba.”
A DDoS attack, or distributed denial of service attack, is when an attacker attempts to overwhelm a website or server with traffic, rendering it unable to function reliably.
As of Friday afternoon, Impoco told POLITICO that the main IP addresses involved in the hack were Russian, but that there was “nothing definitive” about the ongoing investigation. [Continue reading…]
Russian hackers harassed journalists who were investigating Malaysia Airlines plane crash
The Washington Post reports: Russian government hackers began targeting a British citizen journalist in February 2015, eight months after he began posting evidence documenting alleged Russian government involvement in the shoot-down of a Malaysian jetliner over Ukraine.
And then in February 2016, a group that researchers suspect is a propaganda mouthpiece of the Russian government — CyberBerkut — defaced the home page of Eliot Higgins’s citizen journalism website, Bellingcat.com.
That same month, CyberBerkut hacked the email, iCloud and social media account of a Bellingcat researcher in Moscow, then posted online personal pictures, a passport scan, his girlfriend’s name and other private details.
Russia’s information operations against Bellingcat are a taste of what may be in store for other media organizations whose reports anger the Kremlin, said a cyber-research firm that has extensively documented the effort. [Continue reading…]
Syrian Electronic Army hacker pleads guilty in Virginia
The Hill reports: A 37-year-old Syrian national once affiliated with the Syrian Electronic Army (SEA) hacker group pleaded guilty in Virginia federal court Wednesday to conspiring to receive extortion proceeds and conspiring to unlawfully access computers.
Beginning in 2011, Peter Romar defaced media and government websites belonging to those the SEA felt were overly critical of Syrian President Bashar al-Assad. By 2013, the SEA’s methods had evolved into extorting money from hacking victims under threat of the group destroying or leaking information from compromised systems.
Romar, who was living in Germany, acted as a go-between for extortion payments when victims could not transfer money directly to Syria. [Continue reading…]
U.S. believes hackers are shielded by Russia to hide its role in cyberintrusions
The Wall Street Journal reports: U.S. officials are increasingly confident that the hacker Guccifer 2.0 is part of a network of individuals and groups kept at arm’s length by Russia to mask its involvement in cyberintrusions such as the theft of thousands of Democratic Party documents, according to people familiar with the matter.
While the hacker denies working on behalf of the Russian government, U.S. officials and independent security experts say the syndicate is one of the most striking elements of what looks like an intensifying Russian campaign to target prominent American athletes, party officials and military leaders.
A fuller picture of the operation has come into focus in the past several weeks. U.S. officials believe that at least two hacking groups with ties to the Russian government, known as Fancy Bear and Cozy Bear, are involved in the escalating data-theft efforts, according to people briefed on the Federal Bureau of Investigation’s probe of the cyberattacks.
Following successful breaches, the stolen data are apparently transferred to three different websites for publication, these people say. The websites — WikiLeaks, DCLeaks.com and a blog run by Guccifer 2.0 — have posted batches of stolen data at least 42 times from April to last week.
WikiLeaks has published U.S. secrets for years but has recently taken an overtly adversarial tone toward Democratic presidential nominee Hillary Clinton. Cybersecurity experts believe that DCLeaks.com and Guccifer 2.0 often work together and have direct ties to Russian hackers. [Continue reading…]
The White House asked Congress to keep quiet on Russian hacking
BuzzFeed reports: The White House sought to muzzle two of Congress’s top intelligence officials when they decided to publicly accuse Russia of meddling in the US election last week, sources familiar with the matter told BuzzFeed News.
In a statement released Friday, Sen. Dianne Feinstein and Rep. Adam Schiff, the vice-chairmen of the Senate and House Intelligence Committees respectively, formally accused Russia of attempting to influence the US election. It was the first official, on-record confirmation from US government officials that the Kremlin is actively working to manipulate public confidence in the country’s election system.
But sources tell BuzzFeed News that the White House — which has stayed silent despite mounting pressure to call out its Moscow adversaries — tried to delay the statement’s release. The public accusation was of such concern to the administration that White House Chief of Staff Denis McDonough was personally involved in the negotiations over releasing it, according to a congressional source.
Feinstein and Schiff, both Democrats, agreed to omit part of their original statement for security reasons, according to another congressional source. That request, which stemmed from concerns over classification, came from the CIA, a congressional source added Wednesday. [Continue reading…]
FBI probes hacks targeting phones of Democratic Party officials
Reuters reports: The FBI is investigating suspected attempts to hack mobile phones used by Democratic Party officials as recently as the past month, four people with direct knowledge of the attack and the investigation told Reuters.
The revelation underscores the widening scope of the U.S. criminal inquiry into cyber attacks on Democratic Party organizations, including the presidential campaign of its candidate, former U.S. Secretary of State Hillary Clinton.
U.S. officials have said they believe those attacks were orchestrated by hackers backed by the Russian government, possibly to disrupt the Nov. 8 election in which Clinton faces Republican Party candidate Donald Trump. Russia has dismissed allegations it was involved in cyber attacks on the organizations.
The more recent attempted phone hacking also appears to have been conducted by Russian-backed hackers, two people with knowledge of the situation said. [Continue reading…]
Russia blamed for hacking attack on German MPs
The Telegraph reports: Germany is investigating a series of sophisticated computer hacking attacks on MPs and political parties amid fears Russia may be trying to influence the outcome of next year’s elections.
The offices of several MPs inside Germany’s parliament were targeted in the attacks, as well as regional offices of Angela Merkel’s Christian Democrats (CDU) and rival parties.
The German government agency in charge of cyber security believes the attacks originated from Russia and may be linked to the hacking of private emails from Hillary Clinton’s campaign team in the US earlier this year. [Continue reading…]
Who are the Russian-backed hackers attacking the U.S. political system?
NBC News reports: Two teams of highly skilled hackers directed and protected by the Russian state are on the offensive.
Cybersecurity experts and intelligence officials tell NBC News the same hackers who broke into the Democratic Party’s computers, the World Anti-Doping Agency’s Administration System and who are implicated in the leaks of the personal emails of former Secretary of State Colin Powell and the health documents of Olympians are executing a Kremlin-backed campaign of cyber-espionage and sabotage.
Their target: Western democratic institutions and Russia’s political opponents.
“They are starting to figure out the way to apply the power they have in terms of technical capabilities into the geopolitical aspect,” Italian cyber security investigator Stefano Maccaglia told NBC News.
At a small square in Rome on a recent summer day, Maccaglia explained how he came to know most of these hackers in the early 2000s, when he was one himself. Having since crossed to the other side, Maccaglia’s job now is to investigate — sometimes for the Italian government — the Russian hackers’ cyber-attacks.
Maccaglia, who is now an advisory consultant for the network security company RSA, explained that the two teams of Russian hackers vary from trained researchers with a mathematical background to “the very funny person” skilled in computer programming languages and are turned into “gangs of cyber-mercenaries” who offer their “brilliance” to the highest bidder.
“They obviously have a very good life now,” Maccaglia said of the privileges they enjoy for their services.
Their relationship to the Russian state, he explained, is a win-win: The cyber gangsters are allowed to keep stealing — their traditional hacking work — as long as they do the bidding of Russian intelligence services.
In exchange, they receive state protection.
“They are above the law and are obviously protected,” Maccaglia said. “That’s why nobody can prosecute them. There is no way to reach them anymore.” [Continue reading…]