Kurt Eichenwald writes: I am Sidney Blumenthal. At least, that is what Vladimir Putin — and, somehow, Donald Trump — seem to believe. And that should raise concerns about not only Moscow’s attempts to manipulate this election but also how Trump came to push Russian disinformation to American voters.
An email from Blumenthal — a confidant of Hillary Clinton and a man, second only to George Soros, at the center of conservative conspiracy theories — turned up in the recent document dump by WikiLeaks. At a time when American intelligence believes Russian hackers are trying to interfere with the presidential election, records have been fed recently to WikiLeaks out of multiple organizations of the Democratic Party, raising concerns that the self-proclaimed whistleblower group has become a tool of Putin’s government. But now that I have been brought into the whole mess — and transformed into Blumenthal — there is even more proof that the Russians are not only orchestrating this act of cyberwar but also really, really dumb.
The evidence emerged thanks to the incompetence of Sputnik, the Russian online news and radio service established by the government-controlled news agency, Rossiya Segodnya.
The documents that WikiLeaks has unloaded recently have been emails out of the account of John Podesta, the chairman of Clinton’s election campaign. Almost as soon as the pilfered documents emerged, Sputnik was all over them and rapidly found (or probably already knew about before the WikiLeaks dump) a purportedly incriminating email from Blumenthal.
The email was amazing — it linked Boogie Man Blumenthal, Podesta and the topic of conservative political fever dreams, Benghazi. This, it seemed, was the smoking gun finally proving Clinton bore total responsibility for the attack on the American outpost in Libya in 2012. Sputnik even declared that the email might be the “October surprise” that could undermine Clinton’s campaign. [Continue reading…]
Quartz reports: Blockchain technology has been slow to gain adoption in non-financial contexts, but it could turn out to have invaluable military applications. DARPA, the storied research unit of the US Department of Defense, is currently funding efforts to find out if blockchains could help secure highly sensitive data, with potential applications for everything from nuclear weapons to military satellites.
The case for using a blockchain boils down to a concept in computer security known as “information integrity.” That’s basically being able to track when a system or piece of data has been viewed or modified. DARPA’s program manager behind the blockchain effort, Timothy Booher, offers this analogy: Instead of trying to make the walls of a castle as tall as possible to prevent an intruder from getting in, it’s more important to know if anyone has been inside the castle, and what they’re doing there.
A blockchain is a decentralized, immutable ledger. Blockchains can permanently log modifications to a network or database, preventing intruders from covering their tracks. In DARPA’s case, blockchain tech could offer crucial intelligence on whether a hacker has modified something in a database, or whether they’re surveilling a particular military system. [Continue reading…]
Julia Ioffe writes: It’s been buried under news of Donald Trump bragging about his ability to grab women by their genitals, but Friday afternoon’s news dump included a stunning declaration by the Department of Homeland Security: the first direct accusation from the Obama administration that Russia is trying to interfere with our elections.
“The U.S. Intelligence Community is confident that the Russian Government directed the recent compromises of e-mails from US persons and institutions, including from US political organizations,” the statement said, concluding that “these thefts and disclosures are intended to interfere with the US election process.” After the Democratic National Committee hack and the scattered hacks of voting machines, and months of talk in the press and on Capitol Hill, the Obama administration has openly called out the Kremlin for meddling in the election.
This was immediately followed by a new dump of documents from WikiLeaks, this time of Clinton campaign chair John Podesta’s emails, and news that the Russian ambassador to the United Nations lodged a formal complaint with the organization when another official criticized Trump. And all of this comes against the backdrop of Trump’s constant and effusive praise for Vladimir Putin, as well as a steady stream of revelations about his campaign’s shady ties to Russia.
As head-spinning as it might be and as distracted as we might be by #TrumpTapes, this is arguably the more important story. What’s really going on? The hacking war is a genuinely new development in the long and often fraught U.S. relationship with Russia, and carries profound implications. Here’s what’s behind Friday’s statement — and why it matters so much. [Continue reading…]
The Washington Post reports: The Obama administration on Friday officially accused Russia of attempting to interfere in the 2016 elections, including by hacking the computers of the Democratic National Committee and other political organizations.
The denunciation, made by the Office of the Director of National Intelligence and the Department of Homeland Security, came as pressure was growing from within the administration and some lawmakers to publicly name Moscow and hold it accountable for actions apparently aimed at sowing discord around the election.
“The U.S. Intelligence Community is confident that the Russian Government directed the recent compromises of e-mails from U.S. persons and institutions, including from U.S. political organizations,” said a joint statement from the two agencies. “. . . These thefts and disclosures are intended to interfere with the U.S. election process.”
The public finger-pointing was welcomed by senior Democratic and Republican lawmakers, who also said they now expect the administration to move to punish the Kremlin as part of an effort to deter further acts by its hackers. [Continue reading…]
John Naughton writes: Brian Krebs is one of the unsung heroes of tech journalism. He’s a former reporter for the Washington Post who decided to focus on cybercrime after his home network was hijacked by Chinese hackers in 2001. Since then, he has become one of the world’s foremost investigators of online crime. In the process, he has become an expert on the activities of the cybercrime groups that operate in eastern Europe and which have stolen millions of dollars from small- to medium-size businesses through online banking fraud. His reporting has identified the crooks behind specific scams and even led to the arrest of some of them.
Krebs runs a blog – Krebs on Security – which is a must-read for anyone interested in these matters. Sometimes, one fears for his safety, because he must have accumulated so many enemies in the dark underbelly of the net. And last Tuesday one of them struck back.
The attack began at 8pm US eastern time, when his site was suddenly hit by a distributed denial of service (DDoS) attack. This is a digital assault in which a computer server is swamped by trivial requests that make it impossible to serve legitimate ones. The attack is called a distributed one because the noxious pings come not from one location, but from computers located all over the world that have earlier been hacked and organised into a “botnet”, which can then direct thousands or millions of requests at a targeted server in order to bring it down. Think of it as a gigantic swarm of electronic hornets overwhelming a wildebeest.
DDoS attacks are a routine weapon in the cybercriminal’s armoury. They are regularly used, for example, to blackmail companies, which then pay a ransom to have the hornets called off. They’re a useful tool because it’s very difficult to pinpoint the individuals or groups that have assembled a particular botnet army. And in the past Krebs has had to deal with DDoS attacks that were probably launched by people who were not amused by the accuracy of his investigative reporting.
Last Tuesday’s attack was different, however – in two respects. The first was its sheer scale. It got so bad that even Akamai, the huge content delivery network that handles 15-30% of all web traffic, had to tell Krebs that it couldn’t continue to carry his blog because the attack was beginning to affect all its other customers. So he asked them to redirect all traffic heading for krebsonsecurity.com to the internet’s equivalent of a black hole. This meant that his site effectively disappeared from the web: a courageous and independent voice had been silenced. [Continue reading…]
Politico reports: Newsweek suspects that hackers are to blame for the crash of its website on Thursday night, after it published an article about Donald Trump’s company secretly conducting business in Cuba in the 1990s.
“We don’t know everything. We’re still investigating,” Newsweek editor in chief Jim Impoco told POLITICO. “But it was a massive DDoS attack, and it took place in the early evening just as prominent cable news programs were discussing Kurt Eichenwald’s explosive investigation into how Donald Trump’s company broke the law by breaking the United States embargo against Cuba.”
A DDoS attack, or distributed denial of service attack, is when an attacker attempts to overwhelm a website or server with traffic, rendering it unable to function reliably.
As of Friday afternoon, Impoco told POLITICO that the main IP addresses involved in the hack were Russian, but that there was “nothing definitive” about the ongoing investigation. [Continue reading…]
The Washington Post reports: Russian government hackers began targeting a British citizen journalist in February 2015, eight months after he began posting evidence documenting alleged Russian government involvement in the shoot-down of a Malaysian jetliner over Ukraine.
And then in February 2016, a group that researchers suspect is a propaganda mouthpiece of the Russian government — CyberBerkut — defaced the home page of Eliot Higgins’s citizen journalism website, Bellingcat.com.
That same month, CyberBerkut hacked the email, iCloud and social media account of a Bellingcat researcher in Moscow, then posted online personal pictures, a passport scan, his girlfriend’s name and other private details.
Russia’s information operations against Bellingcat are a taste of what may be in store for other media organizations whose reports anger the Kremlin, said a cyber-research firm that has extensively documented the effort. [Continue reading…]
The Hill reports: A 37-year-old Syrian national once affiliated with the Syrian Electronic Army (SEA) hacker group pleaded guilty in Virginia federal court Wednesday to conspiring to receive extortion proceeds and conspiring to unlawfully access computers.
Beginning in 2011, Peter Romar defaced media and government websites belonging to those the SEA felt were overly critical of Syrian President Bashar al-Assad. By 2013, the SEA’s methods had evolved into extorting money from hacking victims under threat of the group destroying or leaking information from compromised systems.
Romar, who was living in Germany, acted as a go-between for extortion payments when victims could not transfer money directly to Syria. [Continue reading…]
The Wall Street Journal reports: U.S. officials are increasingly confident that the hacker Guccifer 2.0 is part of a network of individuals and groups kept at arm’s length by Russia to mask its involvement in cyberintrusions such as the theft of thousands of Democratic Party documents, according to people familiar with the matter.
While the hacker denies working on behalf of the Russian government, U.S. officials and independent security experts say the syndicate is one of the most striking elements of what looks like an intensifying Russian campaign to target prominent American athletes, party officials and military leaders.
A fuller picture of the operation has come into focus in the past several weeks. U.S. officials believe that at least two hacking groups with ties to the Russian government, known as Fancy Bear and Cozy Bear, are involved in the escalating data-theft efforts, according to people briefed on the Federal Bureau of Investigation’s probe of the cyberattacks.
Following successful breaches, the stolen data are apparently transferred to three different websites for publication, these people say. The websites — WikiLeaks, DCLeaks.com and a blog run by Guccifer 2.0 — have posted batches of stolen data at least 42 times from April to last week.
WikiLeaks has published U.S. secrets for years but has recently taken an overtly adversarial tone toward Democratic presidential nominee Hillary Clinton. Cybersecurity experts believe that DCLeaks.com and Guccifer 2.0 often work together and have direct ties to Russian hackers. [Continue reading…]
BuzzFeed reports: The White House sought to muzzle two of Congress’s top intelligence officials when they decided to publicly accuse Russia of meddling in the US election last week, sources familiar with the matter told BuzzFeed News.
In a statement released Friday, Sen. Dianne Feinstein and Rep. Adam Schiff, the vice-chairmen of the Senate and House Intelligence Committees respectively, formally accused Russia of attempting to influence the US election. It was the first official, on-record confirmation from US government officials that the Kremlin is actively working to manipulate public confidence in the country’s election system.
But sources tell BuzzFeed News that the White House — which has stayed silent despite mounting pressure to call out its Moscow adversaries — tried to delay the statement’s release. The public accusation was of such concern to the administration that White House Chief of Staff Denis McDonough was personally involved in the negotiations over releasing it, according to a congressional source.
Feinstein and Schiff, both Democrats, agreed to omit part of their original statement for security reasons, according to another congressional source. That request, which stemmed from concerns over classification, came from the CIA, a congressional source added Wednesday. [Continue reading…]
Reuters reports: The FBI is investigating suspected attempts to hack mobile phones used by Democratic Party officials as recently as the past month, four people with direct knowledge of the attack and the investigation told Reuters.
The revelation underscores the widening scope of the U.S. criminal inquiry into cyber attacks on Democratic Party organizations, including the presidential campaign of its candidate, former U.S. Secretary of State Hillary Clinton.
U.S. officials have said they believe those attacks were orchestrated by hackers backed by the Russian government, possibly to disrupt the Nov. 8 election in which Clinton faces Republican Party candidate Donald Trump. Russia has dismissed allegations it was involved in cyber attacks on the organizations.
The more recent attempted phone hacking also appears to have been conducted by Russian-backed hackers, two people with knowledge of the situation said. [Continue reading…]
The Telegraph reports: Germany is investigating a series of sophisticated computer hacking attacks on MPs and political parties amid fears Russia may be trying to influence the outcome of next year’s elections.
The offices of several MPs inside Germany’s parliament were targeted in the attacks, as well as regional offices of Angela Merkel’s Christian Democrats (CDU) and rival parties.
The German government agency in charge of cyber security believes the attacks originated from Russia and may be linked to the hacking of private emails from Hillary Clinton’s campaign team in the US earlier this year. [Continue reading…]