Slashdot Mirror

← Back to Stories (view on slashdot.org)

FBI and Homeland Security Detail Russian Hacking Campaign In New Report (theguardian.com)

Posted by BeauHD on from the day-late-and-a-dollar-short dept.

An anonymous reader quotes a report from The Guardian: The U.S. Department of Homeland Security (DHS) and FBI have released an analysis of the allegedly Russian government-sponsored hacking groups blamed for breaching several different parts of the Democratic party during the 2016 elections. The 13-page document, released on Thursday and meant for information technology professionals, came as Barack Obama announced sanctions against Russia for interfering in the 2016 elections. The report was criticized by security experts, who said it lacked depth and came too late. "The activity by [Russian intelligence services] is part of an ongoing campaign of cyber-enabled operations directed at the U.S. government and its citizens," wrote the authors of the government report. "This [joint analysis report] provides technical indicators related to many of these operations, recommended mitigations, suggested actions to take in response to the indicators provided, and information on how to report such incidents to the U.S. government." The government report follows several from the private sector, notably a lengthy section in a Microsoft report from 2015 on a hacking team referred to as "advanced persistent threat 28" (APT 28), which the company's internal nomenclature calls Strontium and others have called Fancy Bear. Also mentioned in the government document is another group called APT 29 or Cozy Bear. The Microsoft report contains a history of the groups' operation; a report by security analysts ThreatConnect describes the team's modus operandi; and competing firm CrowdStrike detailed the attack on the Democratic National Committee shortly before subsequent breaches of the Democratic Congressional Campaign Committee and the Hillary Clinton campaign were discovered.

8 of 404 comments (clear)

  1. palpable irony. by nimbius · · Score: 5, Insightful

    that we, the united states, have worked to skew elections and overthrow governments for nearly fifty years as though it were nothing more than another element of common foreign policy. However, whenever a foreign nation tries to influence our elections, its somehow a capital offence the world must take seriously.

    If sanctions didnt work for Ukrane, they wont work here. Although they do an amazing job of allowing you to avoid the fact of the matter which is that Hillary Clinton was a turd of a candidate who rigged the parties primary, and enjoyed limited popularity outside major metropolitan areas. She never set foot in places like Wisconsin, took a gamble that LA was somehow bigger than all the midwest, and lost.

    --
    Good people go to bed earlier.
  2. Bigoted much? by Xenographic · · Score: 5, Informative

    This report was ripped to shreds yesterday.

    It's mostly OWASP copypasta with recommended mitigations and a few interesting tidbits.

    I'm also not clear on why this submission linked to a copy of the report. Best compare it with the original report in case there are any differences..

    1. Re:Bigoted much? by msauve · · Score: 5, Interesting

      Just read the report. It's a stinking pile of BS. Nowhere does it even attempt to provide evidence which would link Russia to the DNC hacks. It makes a claim of "technical details regarding the tools and infrastructure used [by Russia]...", outlines some script kiddie type stuff, but provides absolutely NO information or specifics which would link the DNC hack to Russia. The vast majority of the small 13 page "report" is boilerplate security stuff, not specific in any way to either the DNC hack or Russia.

      --
      "National Security is the chief cause of national insecurity." - Celine's First Law
    2. Re:Bigoted much? by Xenographic · · Score: 5, Insightful

      The burden of proof is on the one making allegations of Russian hacking. We know what nation state level hacking looks like thanks, ironically, to Snowden. We know the NSA can intercept your new router in the mail and install a durable backdoor on it that will survive everything you do to it. We know the NSA has TEMPEST vans that can snoop on your screen and keyboard.

      The idea that a nation state is left to rely upon low level phishing scams seems laughable at best. Just look to past examples to see that they had better stuff than this.

      Here are a few past examples of real hacking. Note how much more sophisticated these attacks were:

      * Theremin's bug
      * MI6 spies on Russia with fake rock

      Please tell me again why Russia has fallen back to kiddie level phishing scams? Remember, the burden of proof is on the people saying "it's Russia" and I'm not going to let anyone shift that.

      When some people tell me that Russel's teapot is in orbit and others say it's not, I'm going to wait for evidence. I can't just average them out and conclude that a teacup or possibly a saucer is up there flying around, if not a whole teapot.

  3. Re:Why should anyone trust the report? by allcoolnameswheretak · · Score: 5, Interesting

    I am really appalled at how many people don't take the Russian interference seriously and blame it on some kind of Democrat/Obama conspiracy. This has been happening in eastern European countries for decades and Russia has now been targeting also western Europe since the annexation of Crimea and the war in Ukraine. Russia is funding right-wing populist parties and helping them out with propaganda all across the western hemisphere in an attempt to discredit our democracies and our free press.

    Don't believe it? Google "russia populist funding". Here are the top three links:
    http://www.telegraph.co.uk/new...
    http://www.independent.co.uk/n...
    http://www.economist.com/news/...

    It's really scary how much success they are having in sowing distrust in our institutions and our free press. Every time I read someone here decrying some mayor western news outlet as "Fake News" I am reminded of the effectiveness of Putins troll army.

  4. Yes but how did hack lead to Trump win? by poity · · Score: 5, Interesting

    What happened that we truly know of:
      1. In the summer of 2015, someone (evidence points to Russian) spear-phished passwords from unsavvy staffers on the DNC email server
      2. Almost a year later, Wikileaks publishes a dump of DNC emails. It is assumed by many to have come from the previous infiltration, though there are other ways Wikileaks could have obtained the data, and no definitive link connecting the two events have so far been presented.
      3. Through the email dump, the American public is able to see the DNC's inner workings, including:
        - party officials colluding to hinder Bernie Sanders
        - party insider helping the Clinton campaign to cheat during debate
        - astroturf campaign to create illusion of spontaneous public protest against opponent
        - journalists coordinating with party officials to ensure party messaging is on track
    4. Some voters may have reconsidered their voting decisions, or even the decision to participate in this cycle, due to the above information.
    5. Critical states of Wisconsin, Michigan, and Pennsylvania which were assumed to be safe states for Clinton (and who as a result did not campaign aggressively there), instead fall to Trump during the general election, ensuring a GOP win.

    What the press & defeated party instead want you to think:
      1. Russia hacked America
      2. Trump is now the President
      3. "... we're not saying Trump administration is a creation of the Russian state... *wink wink nudge nudge* but the Trump administration is obviously a creation and stupid dumb puppet of the Russian state... for realz tho... also, don't listen to fake news"

    There is an immense effort right now to make us take mental shortcuts, to skip certain events in our memories, to forget that certain misdeeds were done not by Russians but by Americans.

    --
    your thin skin doesn't make me a troll
  5. Re:Its a talking point by T.E.D. · · Score: 5, Informative

    Please look at what they provided. There is literally no evidence given in the document, not even an attempt. They make up some names

    That's because you don't have both a security clearance and a need-to-know. Revealing *how* they figured out that different attacks came from the same group, and where that group is based, would allow such groups to figure out how to hide their tracks from the FBI better. That would obviously be injurious to the US and ....

    ...OH! I see what you are doing now. Nice try, Anonymous Comrade.

  6. Re:Why should anyone trust the report? by Fire_Wraith · · Score: 5, Insightful

    It shows just how massive the partisan divide is. It seems to have completely slipped peoples' minds that "breaking into the DNC to look for dirt to use against the Democratic Presidential Candidate" is EXACTLY what started a little controversy called "Watergate." But, because it's politically advantageous, a number of people seem to be dead set on ignoring or dismissing any evidence about what happened this time.

    Let's be _absolutely_ clear: This isn't about sour grapes because the Democrats lost. This isn't about attacking Trump (though he and his supporters treat it as such, which is disturbing in its own way). This _is_ about what happens next time, because if you establish a precedent that it's basically okay for foreign governments to hack and dox political campaigns in the USA, they're going to keep doing it. Worse, others like China or Iran might just decide to join in. Worse still, candidates might preemptively cozy up to Russia or whomever in hopes of getting assistance against their opponent(s).