-
Russian hackers utilized the well-known technique of spear-phishing, a species of phishing, to obtain the credentials of individuals within the DNC. The Russian hackers then used these credentials to access the email accounts of those individuals.
Wikipedia describes phishing and spear-phishing as follows:
-
Phishing is the attempt to obtain sensitive information such as usernames [and] passwords, ... often for malicious reasons, by disguising as a trustworthy entity in an electronic communication. Phishing is typically carried out by email spoofing or instant messaging, and it often directs users to enter personal information at a fake website whose look and feel are almost identical to the legitimate one. Communications purporting to be from social web sites, auction sites, banks, online payment processors or IT administrators are often used to lure victims. Phishing emails may contain links to websites that are infected with malware. ... Phishing attempts directed at specific individuals or companies have been termed spear phishing. Attackers may gather personal information about their target to increase their probability of success. This technique is, by far, the most successful on the internet today, accounting for 91% of attacks.
This technique has been well-known for years and cyber security experts have issued detailed warnings against it. For example, Symantec, the cyber security company, issued a white paper in 2012 in which it described the technique of spear-phishing as follows:
-
The more traditional technique is to send a “spear-phishing” email, containing an attachment, to the target. That attachment is a document containing an exploit which, when opened, then drops a Trojan onto the target computer. This works if the exploit is embeddable in a document. If not, then an alternative approach is to host the exploit on a Web server and then email the target with a link to that Web server. The link used is quite unique, it is not hosted on a common Web site, so it will only be encountered by the chosen target. When the target clicks on the link, the exploit is triggered and a back door is installed.
-
The DNC knew that phishing attacks were being launched against it and the FBI warned the DNC repeatedly in September and October of 2015 that their computer systems were being subjected to phishing attacks, but the DNC did little about it. As the New York Times reports:
-
In September of 2015, a call [from Special Agent Adrian Hawkins of the FBI] was transferred from the main DNC switchboard to the Help Desk [at the DNC; Yared Tamene, a tech support contractor at the DNC] was handed the phone by a Help Desk staff member who stated that the FBI was looking for the person in charge of technology at the DNC. [Yamene] took the call and learned that the FBI thinks the DNC has at least one compromised computer on its network and the FBI wanted to know if the DNC is aware, and, if so, what the DNC is doing about it. ... [Yamene] did say [to Agent Hawkins] that the DNC has, in the past, received phishing attack attempts. ... [W]hen Special Agent Hawkins called repeatedly in October, leaving voice mail messages for Mr. Tamene, urging him to call back, [Yamene] did not return his calls, as [he] had nothing to report.
-
Phishing attacks were also mounted against the RNC, but were thwarted by the RNC's security software. As WSJ reports:
-
Russian hackers tried to penetrate the computer networks of the Republican National Committee, using the same techniques that allowed them to infiltrate its Democratic counterpart, according to U.S. officials who have been briefed on the attempted intrusion. But the intruders failed to get past security defenses on the RNC’s computer networks, the officials said. ... Until now, few details had been disclosed about the nature of the targeting of Republican organizations, especially the flagship Republican National Committee, where hackers sent so-called phishing emails last spring to an email address there. Those emails were quarantined by a filter meant to detect spam as well as potentially malicious traffic that may carry viruses or trick recipients into divulging passwords, two officials said. ... RNC officials, concerned they too might have been compromised, called a private computer security firm, which in turn called the FBI and obtained information about what kinds of malicious emails to look for, the person said. Upon inspection, the RNC found that its electronic filters had blocked emails sent to a former employee matching the description they’d been warned about.
-
Stuxnet is a malicious computer worm believed to be a jointly built American-Israeli cyberweapon, although no organization or state has officially admitted responsibility. Anonymous US officials speaking to The Washington Post claimed the worm was developed during the Bush administration to sabotage Iran’s nuclear program with what would seem like a long series of unfortunate accidents. Stuxnet specifically targets programmable logic controllers (PLCs), which allow the automation of electromechanical processes such as those used to control machinery on factory assembly lines, amusement rides, or centrifuges for separating nuclear material. Exploiting four zero-day flaws, Stuxnet functions by targeting machines using the Microsoft Windows operating system and networks, then seeking out Siemens Step7 software. Stuxnet reportedly compromised Iranian PLCs, collecting information on industrial systems and causing the fast-spinning centrifuges to tear themselves apart. Stuxnet’s design and architecture are not domain-specific and it could be tailored as a platform for attacking modern SCADA and PLC systems (e.g., in automobile assembly lines[vague] or power plants), the majority of which reside in Europe, Japan and the US. Stuxnet reportedly ruined almost one fifth of Iran's nuclear centrifuges.
It is also a well-known fact that the NSA, on President Obama's watch, tapped the cellphone of German Prime Minister Angela Merkel and many of her ministers.
We may summarize as follows:
-
The existence of phishing attacks has been well known for years and cyber security experts have published detailed descriptions about how to recognize and thwart these attacks. Security personnel at the DNC knew in September 2015 that phishing attacks had already been launched against the DNC. Those same personnel were warned repeatedly by the FBI itself in September and October 2015 that phishing attacks were being mounted against the DNC. And yet, DNC personnel did not take these attacks and warnings seriously or inform their superiors that they were being subjected to these attacks. As a result, the leaders of the DNC were so naive and uninformed that they were duped by cyber exploits that they should have recognized immediately as obvious phishing attacks. And yet, we are asked to believe that these boobs, these cyber simpletons, basically the same ones who decided to set up an insecure email server in Hillary's basement, should have been elected in November and entrusted with our entire national security apparatus.
Instead of being outraged that cyber attacks were mounted by the Russians against the DNC -- attacks of the kind that every sophisticated government, including our own, mounts every day against other governments -- we should be deeply embarrassed that leaders of the Democratic Party were so naive and unsophisticated that they were fooled by the kind of simple cyber phishing exploit that most teenagers in Silicon Valley have learned to recognize and avoid on a daily basis. Even worse, President Obama's report describing the Russian hacking and his expulsion of Russian diplomats only serve to draw even more embarrassing attention to the cyber laughing-stocks who head up the Democratic Party. Obama doesn't seem to realize that his report only serves to show what buffoons the leaders of the Democratic Party are.
No comments:
Post a Comment