« Sam Stein, little Donny Deutsch and the wrath of Joe Scarborough | Main | A Coming Civil War in France? »

18 October 2016

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.

Herb

Because if they haven't, they wouldn't be doing their job?
https://www.google.com/amp/s/www.wired.com/2016/09/anti-doping-agency-attack-shows-russian-hackers-getting-bolder/amp/?client=ms-android-verizon

BabelFish

I believe the process involved a recently disemboweled chicken, which was then studied intently by properly trained and titled employees of the NSA.

Parj

and what does it change ?

shepherd

My experience is limited to working with Internet security companies (so take this with a grain of salt). But my impression has always been that it's fairly straightforward to track down the rough geographic location from which an attack originated.

The Twisted Genius

This report explains some of the evidence collected about the hack methodology and the hackers involved. If this much is available openly, I tend to believe the USG has more. I spent a decade doing this sort of thing and am very familiar with the Russian and Chinese methodology of cooperating with non-government hackers. It's a modern version of letters of marque.

https://www.secureworks.com/research/threat-group-4127-targets-hillary-clinton-presidential-campaign

The Twisted Genius

Here's another article describing the Russian hacking group that we call Fancy Bear. We don't know what they call themselves. That's how good they are.

https://www.buzzfeed.com/sheerafrenkel/meet-fancy-bear-the-russian-group-hacking-the-us-election?utm_term=.emZkP1vEw#.iuYqga89V

HawkOfMay

Three separate cyber security firms agree that the DNC e-mail hacks (both of them) was Russian in origin. Fidelis cybersecurity, Crowdstrike, and Mandiant. DNC, A cybersecurity watershed moment. Nothing I've read is truly a smoking gun but there are very strong associations.

You can read the posts yourself but here is a quick summary. The attacks are tied to two hackers, FANCY BEAR and COZY BEAR. Their attacks show state sponsored level tradecraft. Their history of previous hacks "closely mirrors the strategic interests of the Russian government, and may indicate affiliation with Главное Разведывательное Управление (Main Intelligence Department) or GRU..."


elev8

The word "explain" presupposes that there is a proof out there that only needs to be transported into your brain somehow. This random IT person begs to differ. Nobody has produced any such proof yet.
Basically this should be taken as a lesson on information technology. The Clinton camp doesn't seem to have learned anything since the days of the "Blue Ribbon"-campaign. They are stuck in the last millennium.

gowithit

I had heard report that a Russian official had remarked that the latest Wiki leak would be happening--prior to the actual release. This "seems" to indicate Russian involvement/knowledge.

TonyL

I agreed with elev8. There is no proof. It is quite easy for the hackers to make it look like the attacks orginated from Russian servers using the same tools that the Russian hackers use.

Frank

There is no proof. Only flimsy allegations from untrustworthy parties with nothing tangible to back them up.

AriusArmenian

From my forty years in the IT industry my conclusion is that US elites are demonizing Russia without any evidence.

It tells me that the next big target of the West is Russia. With the realignment of the neocons and Republican elites into the Hillary camp the stage is set for catastrophe in 2017.

jsn

Bill and Donald are both suspected of sexual abuse.
http://www.thedailybeast.com/articles/2016/06/30/the-billionaire-pedophile-who-could-bring-down-donald-trump-and-hillary-clinton.html
It looks an awful lot like Hillary's State was shilling for her Foundation.
http://nypost.com/2016/10/17/the-state-departments-shadow-government/
Putin is worse than sexual abuse or treason, so it had to be Putin.

eakens

If they're good enough to steal all of this information, are they not good enough to make others think they're Russian? What if they are homegrown?

Karl Boyken

The only case I am aware of where there has been anything definite presented to the public is the Shadow Brokers leak of NSA hacking tools. Originally, the leak was announced as a Russian hack of the NSA: http://www.theverge.com/2016/8/17/12519804/shadow-brokers-russia-nsa-hack-equation-group Then in October, Harold Thomas Martin was arrested for having NSA hacking tools on insecure private equipment: http://www.reuters.com/article/us-usa-cybersecurity-arrest-idUSKCN12520Y?il=0 There is speculation that Martin's computer was hacked, ostensibly by Russia, or, that Martin was a whistleblower, or someone out to make a buck. But again, there's no definitive proof.

I'm a retired IT guy, and I know how difficult it is to definitively attribute any online activity. Given the Obama administration's ongoing war on whistleblowers, its attempts to smear Snowden as a Russian or Chinese agent, and the Clinton campaign's attempts to tag anyone who speaks out against them as Putin stooges, I'm skeptical of all these claims of Russian involvement.

turcopolier

eakens

I see no reason why these WikiLeaks could not be collected by someone other than the Russians. pl

JohnsonR

Proof? The Borg don't need no stinking proof!

If they needed proof, large proportions of the American population wouldn't persistently believe so many outright fabrications and absurdities which just happen to conveniently promote the interventionist policy of the day, whether it's attacking Iraq, murdering Gaddafi or regime changing Syria.

Old Microbiologist

Well, the idiots emailed the passwords so it wouldn't take a genius to have hacked the DNC.

Old Microbiologist

Not being a gifted hacker, but fairly astute at securing my network from NSA attacks (determined by setting a trap using keywords), I personally use a two step VPN and TOR on top of that for anything I want to remain secure. My own network is protected using OPNSense with heavy intrusion detection. I can see the IPs of attackers as well as the routing, but it is pretty easy to spoof IP addresses but not the packets. A little labor is necessary to show it was an outsider but the best is to set a trap. Reference a web page in a keyword laced document known only to me and set up by me that logs the IP address of the person logging on. I give them a little "gotcha" message when they log on. I played with that a few years ago but got bored with it after they stopped playing. Now I like to email back and forth emails to separate accounts using PGP encryption knowing they must waste a great deal of CPU time breaking the encryption. If everyone did that it would shut them down. After all, only suspicious people encrypt emails so we must be guilty until proven innocent. They can't refuse the bait as it is all robotic. Lots of fun. I have nothing to hide but enjoy driving them nuts.

FourthAndLong

One thing's for sure: the MSM certainly went to great lengths to focus public attention on the sins of hacking rather than those of the egregious collusion revealed.

Old Microbiologist

If I were a hacker of any note, I would use all of these wonderful internet appliances running linux and create a network of cutouts by creating a vast botnet and have them do the hacking (you can attempt to penetrate millions of IP addresses then recirculate it all back through a second bot net and then to a repository to be accessed by a third set of bot nets. This is being done by nefarious characters to mine for bitcoins but it would be just as easy to set up a bot net for penetrations as well. The Linux devices are woefully insecure and are on a plethora of devices now. Also, it should be mentioned that nearly all hardware is made in China or using Chinese produced chips. Many have already been identified to have embedded code in them for back doors. Intel did the same thing here in the US for the NSA. So it could be China or the NSA as well. Perhaps there are people in the NSA who do not wish to see her elected? Anything is possible.

FourthAndLong

Bingo!

Seamus Padraig

But Assange has been publicly talking about an 'October surprise' for months. This was no secret.

The Beaver

+1

Surprisingly, the cyber security companies seem to follow the politics of DC.

When the US govt has an axe to grind against North Korea and "Holy Macaroni", Sony hack and Lazarus Group banks hack are the works of DPRK

Couple of yrs ago, it was the Chinese and their famous PLA Unit 61398.

These days it is the Russians.

However, no mention of the Ukranians thugs nor the goody two shoes from Herzlia who use servers in Bulgaria or Romania.

Old Microbiologist

No, they caught it when it was posted which was 30 minutes before Wikileaks announced it. They probably set up an alert set to report new posts so they could get a jump on reporting it. That is good news skills which apparently are now a lost art in the US where all news is given to reporters who seem to have forgotten how to be reporters at all.

The comments to this entry are closed.

My Photo

February 2021

Sun Mon Tue Wed Thu Fri Sat
  1 2 3 4 5 6
7 8 9 10 11 12 13
14 15 16 17 18 19 20
21 22 23 24 25 26 27
28            
Blog powered by Typepad