Slashdot Mirror
FBI Failed To Notify 70+ US Officials Targeted By Russian Hackers (apnews.com)
An anonymous reader quotes the AP:
The FBI failed to notify scores of U.S. officials that Russian hackers were trying to break into their personal Gmail accounts despite having evidence for at least a year that the targets were in the Kremlin's crosshairs, The Associated Press has found. Nearly 80 interviews with Americans targeted by Fancy Bear, a Russian government-aligned cyberespionage group, turned up only two cases in which the FBI had provided a heads-up. Even senior policymakers discovered they were targets only when the AP told them, a situation some described as bizarre and dispiriting.
"It's utterly confounding," said Philip Reiner, a former senior director at the National Security Council, who was notified by the AP that he was targeted in 2015. "You've got to tell your people. You've got to protect your people." The FBI declined to answer most questions from AP about how it had responded to the spying campaign... A senior FBI official, who was not authorized to publicly discuss the hacking operation because of its sensitivity, declined to comment on timing but said that the bureau was overwhelmed by the sheer number of attempted hacks... A few more were contacted by the FBI after their emails were published in the torrent of leaks that coursed through last year's electoral contest. But to this day, some leak victims have not heard from the bureau at all.
Here's an interesting statistic from the AP's analysis. "Out of 312 U.S. military and government figures targeted by Fancy Bear, 131 clicked the links sent to them."
"It's utterly confounding," said Philip Reiner, a former senior director at the National Security Council, who was notified by the AP that he was targeted in 2015. "You've got to tell your people. You've got to protect your people." The FBI declined to answer most questions from AP about how it had responded to the spying campaign... A senior FBI official, who was not authorized to publicly discuss the hacking operation because of its sensitivity, declined to comment on timing but said that the bureau was overwhelmed by the sheer number of attempted hacks... A few more were contacted by the FBI after their emails were published in the torrent of leaks that coursed through last year's electoral contest. But to this day, some leak victims have not heard from the bureau at all.
Here's an interesting statistic from the AP's analysis. "Out of 312 U.S. military and government figures targeted by Fancy Bear, 131 clicked the links sent to them."
The FBI didn't want to compromise their ongoing operation. If they had notified the victims, even without disclosing that the hackers were thought to be from Russia, that would've probably caused some of the victims to tip off the fact that there was an FBI investigation into the mail hack.
They keep calling them hackers, but the mention of clicking on links seems to suggest that this was a phishing campaign, which tend to make things more embarrassing than scary.
This is my signature. There are many like it, but this one is mine.
"Three people familiar with the matter — including a current and a former government official — said the FBI has known for more than a year the details of Fancy Bear’s attempts to break into Gmail inboxes." By my calculations that would be the Obama Justice Department, James Comey, and Robert Mueller. AMIRIGHT?
What could possibly be their motivation for not notifying the targets?
“IT’S CURIOUS”
"I say we take off, nuke the site from orbit. It's the only way to be sure."
You're quite right. If they specifically target 325 named government officials, as in this case, with tailored emails, that's spear phishing and very much the kind of thing sophisticated professionals will do. Once they have access using the credentials of the deputy director of the NSA, they would then move laterally to own most of the NDA network.
Targets such as the director, deputy director, and top network / database administrators is gold. That's even better than arbitrary code execution on some random system with an unprivileged account, which is what Hollywood-style hacking normally results in. (Though if you can follow that up with privilege escalation on a critical system, that gets even more interesting).
Yes, indeed I do this for a living.
The real issue is that they are mixing personal life with military. That absolutely should NOT happen.
The west continues to drop our guard on classified information which is foolish, esp. since most of personal computers are running Windows. This makes it trivial to crack.
What is needed is to require that personal stuff either not be ran on military laptops, OR that it be over a VPN/remote display, OR that it simply be on a virtual system, with the personal being the client, not the other way around.
The west is not taking Russia and China serious in their work to undermine and destroy us. We need to stop that.
I prefer the "u" in honour as it seems to be missing these days.
From China or From Russia?
China is engaging America in an Economic war. Russia is currently back to fighting us elsewhere. And both are attacking us over the net (and yes, we are going after them, but they are smarter and are doing more to protect themselves).
China continues to dump on the west, manipulate their money and basically block real trade with the west, other than S. Korea and Japan (in this case, they want them nervous and willing to give up all rights to the various waters around them and more importantly access to minerals and resources such as fish).
And yes, China's gov. goal is to rule the world, or at least be the one at the top and in control. You declare that China is good for the west? Yet, all of their Asian neighbors say otherwise.
As to Russia, that is about 1 man wanting total control. Right now, Putin is a dictator who is playing the same game that china is, only with 1 person vs. a small group of rulers.
I prefer the "u" in honour as it seems to be missing these days.