Slashdot Mirror

← Back to Stories (view on slashdot.org)

FBI Failed To Notify 70+ US Officials Targeted By Russian Hackers (apnews.com)

Posted by EditorDavid on from the you-may-already-have-won dept.

An anonymous reader quotes the AP: The FBI failed to notify scores of U.S. officials that Russian hackers were trying to break into their personal Gmail accounts despite having evidence for at least a year that the targets were in the Kremlin's crosshairs, The Associated Press has found. Nearly 80 interviews with Americans targeted by Fancy Bear, a Russian government-aligned cyberespionage group, turned up only two cases in which the FBI had provided a heads-up. Even senior policymakers discovered they were targets only when the AP told them, a situation some described as bizarre and dispiriting.

"It's utterly confounding," said Philip Reiner, a former senior director at the National Security Council, who was notified by the AP that he was targeted in 2015. "You've got to tell your people. You've got to protect your people." The FBI declined to answer most questions from AP about how it had responded to the spying campaign... A senior FBI official, who was not authorized to publicly discuss the hacking operation because of its sensitivity, declined to comment on timing but said that the bureau was overwhelmed by the sheer number of attempted hacks... A few more were contacted by the FBI after their emails were published in the torrent of leaks that coursed through last year's electoral contest. But to this day, some leak victims have not heard from the bureau at all.
Here's an interesting statistic from the AP's analysis. "Out of 312 U.S. military and government figures targeted by Fancy Bear, 131 clicked the links sent to them."

94 comments

  1. Any Else Tired of the Brady Bunch? by Anonymous Coward · · Score: 0

    RUSSIA! RUSSIA! RUSSIA!

    How about properly teaching basic cybersec hygiene.

    1. Re:Any Else Tired of the Brady Bunch? by WindBourne · · Score: 0

      So, which are you? Russian or Chinese?

      --
      I prefer the "u" in honour as it seems to be missing these days.
    2. Re:Any Else Tired of the Brady Bunch? by Anonymous Coward · · Score: 0, Troll

      RUSSIA! RUSSIA! RUSSIA!

      Yeah, I know. I've been posting the same thing for months. You just gotta remember that the democrats have nothing else to go on, no positive platform, nothing, only useless attacks that only fortify the other's base. They will not look in the mirror. So, take your pick, between evil, and stupid.

      You shouldn't have been modded down for saying what a lot of people already know. But, the Hillbots will prevail in keeping the narrative under their control...

    3. Re:Any Else Tired of the Brady Bunch? by Anonymous Coward · · Score: 1

      I don't know, I'm neither Democrat nor Republican nor US citizen nor would I care too much, but at least from the outside Republicans surely look more repulsive and retarded than Democrats right now. At least on Slashdot.

    4. Re:Any Else Tired of the Brady Bunch? by WindBourne · · Score: 1, Insightful

      And I am not Dem. Up until recently, I have been Libertarian. Now, I am GDI.
      As to the issue, I am spot on. Far too many Russians/Chinese are working to destroy America and these days, the GOP is helping them.

      --
      I prefer the "u" in honour as it seems to be missing these days.
    5. Re:Any Else Tired of the Brady Bunch? by ganjadude · · Score: 1

      how exactly are they doing so? please explain in detail. because so far all we have seen is some posts online by trolls....trolling!

      how does spreading FUD = trying to destroy america???

      --
      have you seen my sig? there are many others like it but none that are the same
    6. Re:Any Else Tired of the Brady Bunch? by Evangelical_Molester · · Score: 1

      Anonymous Coward can't threaten to be a cowardly traitor for politics and put his name on it, I guess?

    7. Re:Any Else Tired of the Brady Bunch? by WindBourne · · Score: 2

      From China or From Russia?
      China is engaging America in an Economic war. Russia is currently back to fighting us elsewhere. And both are attacking us over the net (and yes, we are going after them, but they are smarter and are doing more to protect themselves).
      China continues to dump on the west, manipulate their money and basically block real trade with the west, other than S. Korea and Japan (in this case, they want them nervous and willing to give up all rights to the various waters around them and more importantly access to minerals and resources such as fish).
      And yes, China's gov. goal is to rule the world, or at least be the one at the top and in control. You declare that China is good for the west? Yet, all of their Asian neighbors say otherwise.

      As to Russia, that is about 1 man wanting total control. Right now, Putin is a dictator who is playing the same game that china is, only with 1 person vs. a small group of rulers.

      --
      I prefer the "u" in honour as it seems to be missing these days.
    8. Re:Any Else Tired of the Brady Bunch? by Anonymous Coward · · Score: 0

      Lick my balls, Russian troll!

    9. Re:Any Else Tired of the Brady Bunch? by Dutch+Gun · · Score: 1

      Up until recently, I have been Libertarian. Now, I am GDI.

      I'm glad to hear you didn't fall in with that Brotherhood of Nod crowd.

      --
      Irony: Agile development has too much intertia to be abandoned now.
    10. Re:Any Else Tired of the Brady Bunch? by Anonymous Coward · · Score: 0

      Have you some to lick?

    11. Re:Any Else Tired of the Brady Bunch? by Anonymous Coward · · Score: 0

      Name one big influential country that doesn't want a say in setting the agenda? That's right you cant think of any, but it's only China that's 'bad' because of this.
      Who declared China is good for the west? Straw man anyone?
      What about all of America's actual wars, and all the fighting their mid east allies do with their blessing. America is one of if not the biggest arms exporter, supports terrorists/freedom fighters all over the globe. But China is the bad guy because they make cheap trinkets, and then 'force' you to buy them?

    12. Re:Any Else Tired of the Brady Bunch? by Anonymous Coward · · Score: 0

      look in the mirror.

    13. Re:Any Else Tired of the Brady Bunch? by sysrammer · · Score: 1

      Outstanding reply, Ivan! Kudos.

      --
      His ignorance covered the whole earth like a blanket, and there was hardly a hole in it anywhere. - Mark Twain
    14. Re:Any Else Tired of the Brady Bunch? by Anonymous Coward · · Score: 0

      China and especially Russian capabilities, both economic and military power, are still dwarfed by the US. China has a total of one operational aircraft carrier that the bought at a Russian yard sale. And one little item that never seems to make the headlines is that the US has allowed Chinese Navy representatives aboard a US carrier and study the flight operations. The state of California has a GDP larger than Russia. The state of California alone has more military power as well. And China is the most successful regime change operation in modern times. The US has worked hard to change China from a totalitarian communist dictatorship to a full blown capitalist economy where both the US and China reaped major dividends over the years. But people still overestimate the Chinese economy. Just look at the per-Capita metric instead of the GDP numbers if you want a more realistic picture of China's economic power. And what does it say when some of the wealthiest people in China store their cash and investments in the US? When they purchase US securities and bonds they are making a safe investment. If there was ever a war between the US and China I doubt the US is going to return Chinese investments, money or assets in the US.

    15. Re:Any Else Tired of the Brady Bunch? by Anonymous Coward · · Score: 0

      And kudos to you! For reaffirming exactly what I said! Not that it will change anything of course, I mean, look at you, but it makes me personally feel better, thanking goodness that I'm old, and will be making a quick exit. I am watching you people turn paradise into hell. That much is more than obvious.

    16. Re:Any Else Tired of the Brady Bunch? by Anonymous Coward · · Score: 0

      Hillbots have balls?! Why am I not surprised?

    17. Re:Any Else Tired of the Brady Bunch? by Anonymous Coward · · Score: 0

      Well, maybe that's because you're not aware that today's democrats sound exactly like the republicans from the 50s and 60s. I've seen all this shit before. And go to the democrat web sites. They are just as bad as the "freepers". It's all pure tribalism and animal instincts on both sides.

    18. Re:Any Else Tired of the Brady Bunch? by Anonymous Coward · · Score: 0

      Pretty quickly in an actual war, both sides will have zero aircraft carriers.
      GDP is pretty meaningless comparison if your 2x GDP costs twice as much to make or do anything useful.

    19. Re:Any Else Tired of the Brady Bunch? by Anonymous Coward · · Score: 0

      But China is the bad guy because they make cheap trinkets, and then 'force' you to buy them?

      Go watch news reports of Tiananmen Square in 1989. Follow the subsequent decades including getting Google to cave and design their search engine into a history eraser/whitewasher of the most epic proportion. That is why the Chinese government are bad guys and gals.

    20. Re:Any Else Tired of the Brady Bunch? by Anonymous Coward · · Score: 0

      Do you mean all the western fake news, that was later retracted, or the censored Chinese news. Who to believe. I know, let's all listen to you, you seem trustworthy.

    21. Re:Any Else Tired of the Brady Bunch? by Anonymous Coward · · Score: 0

      Well, maybe that's because you're not aware that today's democrats sound exactly like the republicans from the 50s and 60s. I've seen all this shit before. And go to the democrat web sites. They are just as bad as the "freepers". It's all pure tribalism and animal instincts on both sides.

      And your reply doesn't invalidate the AC you answered to -- Republicans look more repulsive and retarded than Democrats right now. Your post is just a validation of what the parent AC is talking about.

    22. Re: Any Else Tired of the Brady Bunch? by Anonymous Coward · · Score: 0

      Fuck you Chink.

      Your cuntry is a toxic chemical wastedump. You do nothing but pollute and shit wherever you go.

      Go back to Shindong and kys. Your cock is tiny and you stink. DIE CHINKY.

    23. Re:Any Else Tired of the Brady Bunch? by guacamole · · Score: 1

      If you have nothing intelligent to say, it's usually far better to stay quiet than expose yourself to be an ignorant moron who has nothing of value to say. You make your judgement of US politics based on Slashdot? Great!

    24. Re:Any Else Tired of the Brady Bunch? by Anonymous Coward · · Score: 0

      The Democrats sold our strategic uranium supplies to Russia. The last Democrat president bowed to foreign kings. President Trump is renogiating trade terms with China, for the benefit of the US. And somehow it's the GOP that is wrong? Who's the fucking shill now?

    25. Re:Any Else Tired of the Brady Bunch? by CrimsonAvenger · · Score: 1

      (and yes, we are going after them, but they are smarter and are doing more to protect themselves)

      And you know this how, exactly? I'm assuming you are compromising an investigation that you are privy to, in order to prove your importance in the grand scheme of things, correct?

      Or are you just assuming that because our security agencies don't brag about such things online, they're not capable of doing much online?

      --

      "I do not agree with what you say, but I will defend to the death your right to say it"
    26. Re:Any Else Tired of the Brady Bunch? by Anonymous Coward · · Score: 0

      The AC I answered to is just wrong on the face of it. My response was proper and correct. Republicans and democrats are equally repulsive and offensive. All their bickering does not belie their incestuous relationship. They are one. The emperor has no clothes. And your post is just a validation of your irrational denial. Why are you defending them?

    27. Re: Any Else Tired of the Brady Bunch? by Brockmire · · Score: 1

      How is that not a self answering question?

    28. Re: Any Else Tired of the Brady Bunch? by Anonymous Coward · · Score: 0

      You spew as much shit as you do CO2 ignorant American. (4x the world average, by the way. Twice China) Have fun with Trumps clean coal. The whole world is laughing at you.

    29. Re:Any Else Tired of the Brady Bunch? by Anonymous Coward · · Score: 0

      Grandparent is a known anti-China troll. But you can't counter that with made up Trump nonsense. the deficit with China is even worse under Trumps watch. Did you even read your own links for the other 2? Pure bullshit all.

    30. Re: Any Else Tired of the Brady Bunch? by WindBourne · · Score: 1

      Lol. I worked on Patriot act. In addition, I'm only speaking if what the intelligence world has said as well Snowden has released. I have said nothing that has in any way, or shape, compromised Nat sex or would get me into trouble. Now you, otoh, continue to back a traitor in office.

      --
      I prefer the "u" in honour as it seems to be missing these days.
    31. Re: Any Else Tired of the Brady Bunch? by Anonymous Coward · · Score: 0

      You worked on Patriot act, and the other guy is the traitor...

    32. Re: Any Else Tired of the Brady Bunch? by WindBourne · · Score: 1

      Patriot act was just fine. The problem is that ppl abused access to the data. Normally, NSA/cia/nro/etc have secured access to powerful tools. For whatever reason, they did not do so with Pat act. Sad.

      --
      I prefer the "u" in honour as it seems to be missing these days.
  2. Just a guess by Anonymous Coward · · Score: 5, Insightful

    The FBI didn't want to compromise their ongoing operation. If they had notified the victims, even without disclosing that the hackers were thought to be from Russia, that would've probably caused some of the victims to tip off the fact that there was an FBI investigation into the mail hack.

    1. Re:Just a guess by Anonymous Coward · · Score: 1

      Yeah. Much better to just let them break in. I like the way you think.

    2. Re:Just a guess by WindBourne · · Score: 1

      Depends on what information was there, vs compromising what the intel world knows about the Russian/Chinese crackers.
      Snowden was a traitor and gave both a lot of information. Now, we need to make sure that neither of these nations (along with a few other nations/groups) discover how we track them.

      --
      I prefer the "u" in honour as it seems to be missing these days.
    3. Re:Just a guess by Anonymous Coward · · Score: 0

      NSA already slipped in the backdoor and removed anything interesting in those accounts anyway. Everyone already knows how you track them, backdoors in everything and intentional bugs in relevant code. Use anything intel or windows and you may as well not bother with a password, they already know.

    4. Re:Just a guess by Anonymous Coward · · Score: 0

      Falls under "National Security" and "Collateral damage".
      The public by and large are test dummies for the institution that is your government.

    5. Re:Just a guess by Anonymous Coward · · Score: 0

      No No.
      The victims weren't important enough.
      Remember the Anthrax powder scares. Important ones told and got the shots, and scummy postal workers and opposition got naught.

      You would think RSA dongles are in all 2 factor logins - only they got hacked and are worryingly silent about what lessons they learned. Thankfully with Intel management coprocessor flaws, future attacks will go unnoticed,.

    6. Re:Just a guess by Anonymous Coward · · Score: 0

      And the result of the operation? Other than uncovering all the dirt and slime from Podesta and the Democrats?

    7. Re:Just a guess by Dread_ed · · Score: 1

      Close, but you miss the obvious. See, the FBI can't directly infiltrate these lawmaker's email accounts. Sure it's against the law, but you and I both know (ala Snowden and others) that something being against the law doesn't stop three letter agencies from doing it, especially when it comes to unlawfully acquiring information on Americans.

      In this case it's different, though. The information the FBI wants, in this case, is held by people who actually matter, not the people of the US, but the leaders of the US, the aristocrats, the ones with actual power and worth. These are the people you do not fuck with if you work for the government. They can and will end you.

      Sooooo, if you are in the FBI and you want to know all of the good dirt on a politician how do you get it? Welllllll, it is totally legal to intercept two way communications originating outside the US or containing a non-US termination point. If a hacker just happens to open that stream of communication from foreign soil and you just happen to be eavesdropping on them you might just get some actionable intel on your domestic lawmaker. Telling said lawmaker about the attempted hacks would seriously undermine your ability to legally spy on them, so there's no way the FBI would do that.

      What is even more dastardly would be the FBI setting up the phishing attack themselves and using foreign assets to carry it out. But that would never happen, right?

      --
      When the only tool you have is a claw hammer every problem starts to look like the back of someone's skull.
  3. Russian "hackers" by king+neckbeard · · Score: 2, Insightful

    They keep calling them hackers, but the mention of clicking on links seems to suggest that this was a phishing campaign, which tend to make things more embarrassing than scary.

    --
    This is my signature. There are many like it, but this one is mine.
    1. Re:Russian "hackers" by Anonymous Coward · · Score: 0, Flamebait

      You're suggesting that professional hacker teams don't use spear phishing because you're a moron.

    2. Re:Russian "hackers" by Evangelical_Molester · · Score: 1

      Spear phishing has compromised thousands of major organizations. You don't know what you're talking about if you think hacker groups won't use every means available. Stop running smokescreens thanks.

    3. Re:Russian "hackers" by Anonymous Coward · · Score: 0

      Worked on podesta. Password!

    4. Re:Russian "hackers" by Anonymous Coward · · Score: 1

      "more embarrassing than scary"
      that's just the first round.
      it's nice that you have some pointy words, but hacking you know not about.

    5. Re:Russian "hackers" by squiggleslash · · Score: 1

      You keep calling them trespassers, but they whistled nonchalantly when they passed by the security guards, while carrying FedEx boxes.

      You keep calling them muggers, but they used their finger to make it feel like a gun, when they told their victims to give them their money.

      You keep calling them murderers, but they gave people falsely labeled drugs hoping they'd take them and die.

      Hackers, using the popular definition of people who gain unauthorized access to computer systems, are not always cracking passwords or exploiting buffer overflows. Social engineering is a common tactic, even Kevin Mitnick used it.

      Is Mitnick not a hacker?

      --
      You are not alone. This is not normal. None of this is normal.
    6. Re:Russian "hackers" by Hal_Porter · · Score: 4, Funny

      Yup, and his IT guy didn't notice the bit.ly link for change password.

      https://wikileaks.org/podesta-...

      https://motherboard.vice.com/e...

      When we sent these out I was saying to Dmitry 'No one is going to be dumb enough to click on that. He'll call his IT guy and they'll tell him not to click it'. And he said to me 'Volodya, these Americans have heads full of post modernism and spirit cooking. Their precious bodily essences have been contaminated with soy milk. They'll fall for it, like traitor drinking polonium!'.

      And, Hail Great Leader Putin, it worked! KGB Deep Cover Agent Donaldovich Trumpovski was successfully installed as US President.

      No doubt he'll call off the confrontational 'Red Line' policies of the former accursed Imperialist administration in Syria any day now and allow our pilots to operate their unmolested.

      --
      echo -e 'global _start\n _start:\n mov eax, 2\n int 80h\n jmp _start' > a.asm; nasm a.asm -f elf; ld a.o -o a;
    7. Re:Russian "hackers" by fustakrakich · · Score: 2

      It's just a conveniently catchy Hollywood buzzword now. Try not to think about it. Hell, North Korea calls itself a "democratic republic". Words mean what people want them to.

      --
      “He’s not deformed, he’s just drunk!”
    8. Re:Russian "hackers" by Anonymous Coward · · Score: 0

      This is Fancy Bear, a known APT. You're a moron.

    9. Re:Russian "hackers" by king+neckbeard · · Score: 1, Interesting

      Yes. Technically, they are hackers, as all phishing would be. What I'm saying is that they are projecting the sophistication of someone like Mitnick onto attacks that are, at least as this stage, closer to Nigerian prince scammers. We've seen one of these emails thanks to the Podesta leaks, and it's only a little more sophisticated.

      The reason I'm concerned is because it's furthering the repeating narrative of "RUSSIAN HACKERZ OMG" to shut down discussion about anything else, inflate the threat, and turn the argument away from more relevant concerns, like how bad these military contractors are at basic OpSec. We had too much of that kind of distraction bullshit in the Bush era.

      --
      This is my signature. There are many like it, but this one is mine.
    10. Re: Russian "hackers" by Zero__Kelvin · · Score: 2

      In fact social engineering was Mitnick's primary tool. He had skills ... Don't get me wrong, but he also knew it is a he'll of a lot easier to call and ask for a password than it is to use technical means to get it. Indeed every person versed in security knows the weakest link is the human element.

      --
      Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
    11. Re:Russian "hackers" by Anonymous Coward · · Score: 0

      The reason I'm concerned is because it's furthering the repeating narrative of "RUSSIAN HACKERZ OMG" to shut down discussion about anything else,

      So we shoulod all stopt rtalking aboutr or doing anything about this because you're tired of it.

      Well just between you and me and the lamposts Boris, this is kind of really fucking important. And despite Americans being thought of as so fucking stupid that they can't think of more than one thing at a time, we can.

      Tired of the OMG Ruzzianz! Stuff? Then quit acting like a state paid Russian who wants this all to go away.

      Don't tell us to shut the fuck up about it, we'll take care of the OMG Ruzzianz, then we'll take care of other business that need cleaned up

      M'Kay Boris?

      People thought that your man Trump was going to drain the swamp. In sweet irony, he is. Only it's being done by Mueller.

    12. Re:Russian "hackers" by Antique+Geekmeister · · Score: 1

      According to Merriam Webster, one of the definitions of "hacker" is " a person who illegally gains access to and sometimes tampers with information in a computer system". I'm afraid that "spearfishing" would count as "hacking", especially with such a clear context.

    13. Re:Russian "hackers" by Anonymous Coward · · Score: 0

      You're a moron.

      For being grammatically correct, you should be modded up! Congratulations! You passed a big hurdle today. Here's your gold star..

    14. Re:Russian "hackers" by guacamole · · Score: 1

      The point is that spear phishing attack is basically the least common denominator in all black hat hacking. Even a high school drop out could execute this from his mom's basement, yet the media and the government present this as a highly sophisticated government operation.

      Likewise, the DNC hack. To this day we haven't been presented even once piece of credible evidence that it was Russians.

    15. Re:Russian "hackers" by Anonymous Coward · · Score: 0

      Well to be honest, when the IT team that Debbie Wasserman Schultz put in place for the Democrats are a bunch of thieves and liars, perhaps an IT guy who misses a bit.ly link for a password change isn't so unbelievable!

    16. Re:Russian "hackers" by Hal_Porter · · Score: 2

      Yeah, the Democrats basically outsourced their IT to a family of scam artists who were incompetent and probably blackmailing them.

      Still that was the Democrats in Congress. The Clinton campaign had a completely separate set of IT people who were dumb enough to not realise that a Google email containing a link to a bit.ly page that goes to myaccount.google.com-securitysettingspage.tk is a scam. My parents would have spotted that! You'd think the front runner for POTUS in the US would have ex NSA types working in IT who'd realise that a spearphishing attack on key personnel was almost a certainty.

      But then HRC always seemed to do everything in a half assed way, like that email server in the basement of Clinton's house in Chappaqua instead of in a data centre or the campaign headquartes

      I mean I get the purpose was to be able to delete emails if they in case they were subject to a subpoena, but it still seems like a really amateurish way to do things. The problem is once you start segregating your campaign's IT from the Establishment's infrastructure and legal reach, you also don't have Establishment people warning you about things like spearphishing attacks.

      So ironically an obsession with keeping HRC emails out of the hands of anyone but campaign insiders caused Podesta's to end up on Wikileaks. Then again maybe stopping them get subpoenaed might have kept her from prosecution or impeachment an alternative scenario. I'm not convinced though - I think she got away with the destruction of evidence because she lost the election and Trump quietly dropped his 'lock her up' rhetoric. If she'd have won, people like Trey Gowdy would have got her over that.

      --
      echo -e 'global _start\n _start:\n mov eax, 2\n int 80h\n jmp _start' > a.asm; nasm a.asm -f elf; ld a.o -o a;
    17. Re: Russian "hackers" by Brockmire · · Score: 1

      You have basic facts wrong. You have no credibility. The Podesta email was identified as a scam by two people (one of them being Podesta), the actual fucking fuck up was the IT guy making a typo that implied it was not a scam when Podesta asked him if it was legit. Typos are a different human error. Why you think the location of the server being in a datacenter vs a basement is a tell for how stupid you are. It comes down to who is administrating it, not it's fucking Internet pipe or power failure resiliency. We have known multiple breaches of secure white house email. We have no known breaches from Clinton's house email server.

    18. Re: Russian "hackers" by Hal_Porter · · Score: 1

      If I do a search for "How Podesta got hacked" every article I find says it was because he clicked that bit.ly link to the .tk address controlled by the spearfishers. And then typed his password into a page that looked like Google.

      E.g.

      https://www.vox.com/policy-and...

      To the IT team's credit, they did send along a legitimate Google link - not the original phishing email's bit.ly link - to change Podesta's password and instructed him to add two factor-authentication to his account for an added level of password security. But the legitimate Google link didn't seem to make it to Podesta, and instead he must have used the "poisoned link," giving his password to hackers and opening up his personal email to unwelcomed eyes.

      They didn't spot the bit.ly link or if they did they didn't mention. They did send a legitimate Google link, but they didn't point out the link in the original email - a bit.ly link that went to a .tk address - was obviously a phishing attempt. That's not a typo, it's a massive fuck up.

      Why you think the location of the server being in a datacenter vs a basement is a tell for how stupid you are. It comes down to who is administrating it, not it's fucking Internet pipe or power failure resiliency.

      Well if you've worked in a big organisation, you'd know that running your own server at home is verboten because people who run their own servers take shortcuts administering them and risk getting hacked. Organisations have policy on security and as soon as you run a server at home with your own admins you run the risk of screwing up because those admins don't know what that policy is. Plus of course you've got data the rest of the organisation doesn't have access to. You might not comply with laws. Though of course in HRC's case having private data and not complying with laws was the reason she did it.

      She had a server when she was at the State Department for example and some of the emails were 'born classified' according to Reuters.

      http://www.newsweek.com/questi...

      In the small fraction of emails made public so far, Reuters has found at least 30 email threads from 2009, representing scores of individual emails, that include what the State Department's own "Classified" stamps now identify as so-called 'foreign government information.' The U.S. government defines this as any information, written or spoken, provided in confidence to U.S. officials by their foreign counterparts.

      This sort of information, which the department says Clinton both sent and received in her emails, is the only kind that must be "presumed" classified, in part to protect national security and the integrity of diplomatic interactions, according to U.S. regulations examined by Reuters.

      "It's born classified," said J. William Leonard, a former director of the U.S. government's Information Security Oversight Office (ISOO). Leonard was director of ISOO, part of the White House's National Archives and Records Administration, from 2002 until 2008, and worked for both the Bill Clinton and George W. Bush administrations.

      "If a foreign minister just told the secretary of state something in confidence, by U.S. rules that is classified at the moment it's in U.S. channels and U.S. possession," he said in a telephone interview, adding that for the State Department to say otherwise was "blowing smoke."

      Reuters' findings may add to questions that Clinton has been facing over her adherence to rules concerning sensitive government information. Spokesmen for Clinton declined to answer questions, but Clinton and her staff maintain she did not mishandle any information.

      "I did not send classified material, and I did not receive any material th

      --
      echo -e 'global _start\n _start:\n mov eax, 2\n int 80h\n jmp _start' > a.asm; nasm a.asm -f elf; ld a.o -o a;
    19. Re: Russian "hackers" by Anonymous Coward · · Score: 0

      Except for all you guys insisting it's not the Russians.

  4. Let's do some math... by Bodhammer · · Score: 2, Insightful

    "Three people familiar with the matter — including a current and a former government official — said the FBI has known for more than a year the details of Fancy Bear’s attempts to break into Gmail inboxes." By my calculations that would be the Obama Justice Department, James Comey, and Robert Mueller. AMIRIGHT?

    What could possibly be their motivation for not notifying the targets?

    “IT’S CURIOUS”

    --
    "I say we take off, nuke the site from orbit. It's the only way to be sure."
    1. Re:Let's do some math... by Anonymous Coward · · Score: 0

      You're saying.... Obama wanted Clinton to lose?

  5. RUSSIA! RUSSIA! RUSSIA!!!! by Anonymous Coward · · Score: 0, Flamebait

    OMFG, President Ronald Reagan's "Evil Empire" has returned!!!!

    RUN FOR THE HILLS!!!

    Enough already.

  6. Yep. Targeted + phishing = professional by raymorris · · Score: 4, Insightful

    You're quite right. If they specifically target 325 named government officials, as in this case, with tailored emails, that's spear phishing and very much the kind of thing sophisticated professionals will do. Once they have access using the credentials of the deputy director of the NSA, they would then move laterally to own most of the NDA network.

    Targets such as the director, deputy director, and top network / database administrators is gold. That's even better than arbitrary code execution on some random system with an unprivileged account, which is what Hollywood-style hacking normally results in. (Though if you can follow that up with privilege escalation on a critical system, that gets even more interesting).

    Yes, indeed I do this for a living.

    1. Re:Yep. Targeted + phishing = professional by Anonymous Coward · · Score: 0

      You're right that spear phishing is widely used by skilled hackers, but state level compromises tend to be a lot more subtle, as we've learned from the TAO catalog. They got maybe a day of access out of Podesta and turned up dirty laundry.

      A more sophisticated attack would've looked like those routers compromised out of the box that survive wipes that give side-channel access essentially permanently that would still be in place.

    2. Re: Yep. Targeted + phishing = professional by Zero__Kelvin · · Score: 1

      You mischaracterize Hollywood style hacks for a living?

      --
      Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
    3. Re: Yep. Targeted + phishing = professional by guacamole · · Score: 1

      Apparently, he is a Slashdot armchair IT security specialist, for a living.

  7. Russia is just... by Anonymous Coward · · Score: 0

    Working on retasking its fishermen as phishermen as the profitability of the former wanes and the profitability of the latter waxes :)

  8. So Obama's reset with Russia was badly misguided? by Anonymous Coward · · Score: 0

    If Russia is so evil, how could Obama be so stupid?

    (Hillary was stupid all the way to the Uranium One bank....)

  9. the problem is NOT that they clicked the link by WindBourne · · Score: 2

    The real issue is that they are mixing personal life with military. That absolutely should NOT happen.
    The west continues to drop our guard on classified information which is foolish, esp. since most of personal computers are running Windows. This makes it trivial to crack.
    What is needed is to require that personal stuff either not be ran on military laptops, OR that it be over a VPN/remote display, OR that it simply be on a virtual system, with the personal being the client, not the other way around.

    The west is not taking Russia and China serious in their work to undermine and destroy us. We need to stop that.

    --
    I prefer the "u" in honour as it seems to be missing these days.
    1. Re:the problem is NOT that they clicked the link by RazorSharp · · Score: 2, Insightful

      The west is not taking Russia and China serious in their work to undermine and destroy us.

      Undermine, yes. Destroy? Hyperbole at its worst. Especially concerning the Chinese, who benefit so much from our relationship. I agree that we need to take foreign intelligence threats more seriously, but that doesn't mean we should return to Cold War mentalities where we dehumanize others, assuming that they want to see us reduced to a heap of rubble.

      --
      "From the depths of my skeptical and rationalist soul, I ask the Lord to protect me from California touchie-feeliedom."
    2. Re:the problem is NOT that they clicked the link by Anonymous Coward · · Score: 1

      A guy once told me that all he does at his civil service job (Port of San Diego) is sit and watch porn all day on his computer. You can't take the stupid out of gov't workers.

    3. Re:the problem is NOT that they clicked the link by WindBourne · · Score: 1

      I have no desire to return to the 70s/80s. I worked on biological and chemical weapon and shielding development back then. I will say that in the 80s, I opposed these because we KNEW that USSR was going away. In general, reagan kept it going, though to be fair, it is possible that he kept us out of a hot war by doing that.
      China's gov, like Russia's, is already in a cold war with the west, esp. with America. That does not mean that the citizens are. In fact, you will see that I regularly write against some of these ACs that knock both Chinese and Russian citizens. Most of these ppl just want to live life and have a good time doing it. The issue are the govs. Sadly, Trump is doing everything possible to destroy America. And to be fair, neither W, nor O, did anything to stop either China or Russia from harming America.

      --
      I prefer the "u" in honour as it seems to be missing these days.
    4. Re:the problem is NOT that they clicked the link by AHuxley · · Score: 1

      The US has a lot of US mil/navy contractors, ex, former mil workers under some type of investigation at this time.
      Both as FBI interviews in the form of two people making "offers" to past US contractors/gov/mil workers and constant key logging of many "secure" computers all over the US gov/mil.
      If a person is a US contractor and gets an interview with or is approached by two interesting people, its the FBI with an amazing offer of cash for US mil secrets/information..
      The first part of such investigations would be a computer investigation. The US gov is using very average consumer grade malware to investigate almost all of its past and still cleared mil contractors.

      Re "The west is not taking Russia and China serious in their work to undermine ..."
      A "Russia" or "China" has decades and skilled generations of human spies they trust that are in place all over the US/UK mil/gov.
      They are in place, trusted, safe and set policy, spending, get to direct billions in funding to junk mil/gov projects.
      A Soviet Union, Russia and China had no interest in the www, a network totally tracked by the NSA, GCHQ, 5 eyes, NATO in real time. Why risk the www junk when top ranking human spies walk US policy out the front door as part of their mil/gov jobs for decades?
      Other nations have filled the USA and 5 eye nations with human spies as how their own people think is easy to trust. Humans can be tested, trusted. Random secret US plain text computer data on an internet facing network could be a long term CIA trap left out in the wild. Data sets in plain text that have not CIA data but "real" secrets to every other part of the US mil/gov, in the open, in plain text...

      Someone is on the USA domestic gov/mil networks collecting data on mil and gov. Its not other nations, its just very skilled, long term US law enforcement network tracking all other US gov/mil staff who are now under investigation.
      "Russia" is the easy to use domestic investigative cover to keep US domestic law enforcement keylogers in place. If it was any other nations malware it would never be in the media as that would tell all other nations of US cyber detection methods. The NSA, GCHQ, FBI would be feeding other nations networks junk, be catching spies without telling the US media for many decades.
      If the US public is reading about US investigative methods in real time, its a simple domestic US law enforcement cover story.
      Its just US law enforcement using tools, staging servers they can keep in place looking at all ex and former gov/mil staff contractors.
      A lot of people with US security clearances having been selling, giving US secrets away to other nations "contractors" for cash, holidays, fun, pleasure.
      Other's have been helping their faith groups, cults by sharing US methods, secrets. "Dual" citizens more loyal to other nations than the USA.
      The FBI is tracking all the contractors with secrets to sell in real time using rather common malware.
      Was it really just another nations well understood "malware" that any good AV can now find or was it years of network access by the FBI?
      ... didn't expect a kind of federal investigation... to use creative methods, have a ready cover story for years in the US press and be all over gov/mil networks to hunt "Russian" malware.
      The US key loggers stayed in place under a wide spread international cover story for local staff and collected everything.

      --
      Domestic spying is now "Benign Information Gathering"
    5. Re:the problem is NOT that they clicked the link by Anonymous Coward · · Score: 0

      A guy once told me that all he does at his civil service job (Port of San Diego) is sit and watch porn all day on his computer. You can't take the stupid out of gov't workers.

      A guy once told me that all he does at his highly paid corporate job is read slashdot. You can't take the stupid out of corporate workers.

    6. Re:the problem is NOT that they clicked the link by Anonymous Coward · · Score: 0

      Nice google translate comrade

  10. Another part of the US gov? Doing law enforcement by AHuxley · · Score: 1, Interesting

    Why the halt on protecting the US from another nation if it was really another nation?
    Every day wasted is another day the another skilled nation could copy out all the plain text data... again.
    US investigators tried to wait and see with a real extraction effort and allowed a lot of US secrets to walk out in real time while under investigation...
    Methods would have changed by now so who is looking after US domestic collection and who wants easy to find malware code to stay in place?
    Some US investigation has a nice new hidden tool set that offers a Russian skill set and global staging server if detected by other parts of the US gov/mil/contractors?
    The ip range, time of day, code litter is just a cover for deep and long term US investigative skill sets.
    Any private sector person or 3rd party in the private sector has a look, it has to be "Russia" with an easy to find, media friendly "Bear"code litter?
    "CIA anti-forensics tool that makes Uncle Sam seem fluent in enemy tongues" (31 Mar 2017)
    https://www.theregister.co.uk/...
    Great cover for a long term FBI or other agency investigation.
    The question for people finding the code would be is it US parallel construction https://en.wikipedia.org/wiki/... or a real US court backed investigation?
    Who domestically is looking at your systems and has the legal power to keep the code in?
    When was the last time an investigation was hidden and results not shared, a domestic US version of Operation Socialist ?
    https://theintercept.com/2014/...
    Has the FBI gone back to its Magic Lantern (software) https://en.wikipedia.org/wiki/... and stayed in long term, deep in domestic computer and telco networks?
    Could this be the US version of incorruptible US law enforcement needing hidden tools set well apart form all other US courts, telcos, police, lawyers?
    Greek wiretapping case 2004–05 https://en.wikipedia.org/wiki/...–05
    The Italian SISMI-Telecom scandal https://en.wikipedia.org/wiki/...

    US law enforcement has set up a "Royal Ulster Constabulary Special Branch" that does not have to risk talking or sharing with any other part of US law enforcement and is getting results with mil/CIA grade computer systems?

    --
    Domestic spying is now "Benign Information Gathering"
  11. Re:So Obama's reset with Russia was badly misguide by Evangelical_Molester · · Score: 1

    Putin's personal chatbot, you need a real job.

  12. Need an excuse by sjames · · Score: 1, Insightful

    How would they get a high profile hack in the news to justify new sweeping spy powers if they stop the hackers too soon?

  13. Mod comment up. by asjk · · Score: 1

    No text

  14. Tip of the iceberg of stupidity. by thesupraman · · Score: 0

    Oh, its even more stupid than that.
    What the media/etc appear to be most worked up about is 'Russians' (with zero actual evidence of course) spreading INFORMATION.
    You know, leaking actual information, pointing at actual social problems, etc.

    Damn those pesky Russians for waving truths around in front of people.

    Of course, America would NEVER do anything like that, it prefers to actively arm 'terrorists' (other names used to be used, but I guess things have moved on) inside other countries to try and destabilize governments - obviously spreading information is much MUCH worse than this.

    I would FAR rather my children were shot by separatists armed, trained, and often organised by America than avoiding reading some Russian paid for Facebook posts, after all.

    FFS.

  15. does not compute by Anonymous Coward · · Score: 0

    In fact, you will see that I regularly write against some of these ACs that knock both Chinese and Russian citizens.

    Except anyone who knows more about China than you (not a high bar) is automatically a Chinese paid troll...

  16. Why the F*** are extra warnings necessary at all? by knorthern+knight · · Score: 1

    First day on the job for *ANY* governement official should include a briefing telling them that no matter how low-level or high-level they are, there *WILL* be third parties (governments/corporations/whatever) aiming to collect juicy stuff from any and all email accounts they and their families have. This includes personal and work accounts.

    And there should be training on how to recognize and avoid such compromises. Security 101, folks.

    --

    I'm not repeating myself
    I'm an X window user; I'm an ex-Windows user
  17. Re: Why the F*** are extra warnings necessary at a by Anonymous Coward · · Score: 1

    Yes, I'm sure that will stop security breaches completely. If only the so-called security professionals had thought of that.

  18. Re:So Obama's reset with Russia was badly misguide by Anonymous Coward · · Score: 0

    Nice username, want to bring it to the DNC?

    You'd fit right in.

  19. Oh, those 'evil' Russians... by Anonymous Coward · · Score: 0, Funny

    Because the Jewish media says so. Over and over and over again. So it MUST be true!
    It coultn't possibly have anything to do with Putin not doing what his Jewish 'masters' want him to, could it?

  20. I know who's guilty! by Anonymous Coward · · Score: 0

    I guess Trump must be somehow guilty of that, too. Yeah, somehow. And while we're at it, there must also be a way to blame Russians for the fact that FBI didn't notify the persons affected.

  21. Re:Another part of the US gov? Doing law enforceme by Dread_ed · · Score: 1

    So did we reach the same conclusion. The FBI made it look like the Russians in order to spy on Americans with plausible deniability?

    --
    When the only tool you have is a claw hammer every problem starts to look like the back of someone's skull.
  22. Re:Another part of the US gov? Doing law enforceme by AHuxley · · Score: 1

    Yes US version of Operation Socialist set up by the FBI to hunt all the US mil/gov/contractors/ex/former mil/gov/police people walking out/selling/giving away US secrets.
    If they find complex malware never seen before, the FBI has its malware talked about by experts globally. Investigations that needed to stay in place on gov/mil computers stop.

    Someone finds very average malware that everyone is talking about in the US media? Its reported as been the same as what has everyone found before. The only slight change is the reporting back to an FBI staging server.
    The contractors, mil, gov workers selling US secrets do not change their methods, do not escape, do not ask unexpected questions. They are happy its just "another nations" very average and well understood malware.
    The malware is not removed as it under FBI "investigation" and that could take months, many months. Months of domestic key logging going back to the FBI under the cover story of a slow news day and an international spy investigation.
    Too many people in the media got told US methods and cyber results. It if was a real GCHQ, CIA, NSA, FBI, MI5 investigation on a real "spy" network nothing would be public for decades.
    But for some strange reason the US gov is going out of its way to tell everyone about this strange code they can expect to find in every US gov computer and not to worry or do much about it... Just report it and let it stay in place ?

    Someone in the US gov is covering for and protecting strange code been discovered all over the US mil/gov and in systems used by trusted contractors.

    --
    Domestic spying is now "Benign Information Gathering"
  23. It makes sense now by Anonymous Coward · · Score: 0

    You don't hate China, you're just jealous that their totalitarianism is better than yours.