Slashdot Mirror

← Back to Stories (view on slashdot.org)

FBI and Homeland Security Detail Russian Hacking Campaign In New Report (theguardian.com)

Posted by BeauHD on from the day-late-and-a-dollar-short dept.

An anonymous reader quotes a report from The Guardian: The U.S. Department of Homeland Security (DHS) and FBI have released an analysis of the allegedly Russian government-sponsored hacking groups blamed for breaching several different parts of the Democratic party during the 2016 elections. The 13-page document, released on Thursday and meant for information technology professionals, came as Barack Obama announced sanctions against Russia for interfering in the 2016 elections. The report was criticized by security experts, who said it lacked depth and came too late. "The activity by [Russian intelligence services] is part of an ongoing campaign of cyber-enabled operations directed at the U.S. government and its citizens," wrote the authors of the government report. "This [joint analysis report] provides technical indicators related to many of these operations, recommended mitigations, suggested actions to take in response to the indicators provided, and information on how to report such incidents to the U.S. government." The government report follows several from the private sector, notably a lengthy section in a Microsoft report from 2015 on a hacking team referred to as "advanced persistent threat 28" (APT 28), which the company's internal nomenclature calls Strontium and others have called Fancy Bear. Also mentioned in the government document is another group called APT 29 or Cozy Bear. The Microsoft report contains a history of the groups' operation; a report by security analysts ThreatConnect describes the team's modus operandi; and competing firm CrowdStrike detailed the attack on the Democratic National Committee shortly before subsequent breaches of the Democratic Congressional Campaign Committee and the Hillary Clinton campaign were discovered.

2 of 404 comments (clear)

  1. Bigoted much? by Xenographic · · Score: 5, Informative

    This report was ripped to shreds yesterday.

    It's mostly OWASP copypasta with recommended mitigations and a few interesting tidbits.

    I'm also not clear on why this submission linked to a copy of the report. Best compare it with the original report in case there are any differences..

  2. Re:Its a talking point by T.E.D. · · Score: 5, Informative

    Please look at what they provided. There is literally no evidence given in the document, not even an attempt. They make up some names

    That's because you don't have both a security clearance and a need-to-know. Revealing *how* they figured out that different attacks came from the same group, and where that group is based, would allow such groups to figure out how to hide their tracks from the FBI better. That would obviously be injurious to the US and ....

    ...OH! I see what you are doing now. Nice try, Anonymous Comrade.