DNC staffers: FBI didn’t tell us for months about possible Russian hack

FBI told DNC to "look for signs of unusual activity" on network in fall of 2015.

Read the whole story

 

[theJonTech]

We've always been at war with Russia......

 

[DannibusX]

Hey DNC you should probably be on the lookout for a possible Chinese attack as well.

 

[Dilbert]

DannibusX[/url]":cjawzx8m]Hey DNC you should probably be on the lookout for a possible Chinese attack as well.

Yep. However, Russian hacks tend to be precise and stealthy. Chinese attacks tend to be large and loud. If they paid enough attention to find a Russian hack they probably didn't suffer a successful Chinese hack.

Russian hackers use a lockpick. Chinese hackers use a crowbar.

 

[Iphtashu Fitz]

MouseTheLuckyDog[/url]":1v00v6ye]Sigh. Another lame story trying to tie the Russians to Trump ignoring all the ties the Clintons have to China, Russia or anyone else that will pay them..

Um. Your comment is the first time I see Trump mentioned anywhere. How is this article trying to tie him to the Russians if he isn't even mentioned in the article?

 

[DClark]

MouseTheLuckyDog[/url]":1386pq8t]Sigh. Another lame story trying to tie the Russians to Trump ignoring all the ties the Clintons have to China, Russia or anyone else that will pay them..

Oh and ignoring all the nastiness in the DNC not just rigging the primaries, but also in dissing many of their own constituents.

And yet they stealthily tied it to Trump by not mentioning him at all in the article...

 

[AnarchyCorp.ORG]

Long-time security type here who occasionally interacts with various law enforcement in a professional capacity (by which I do not mean they're arresting me!)....

The FBI may not have provided specific details about the activity, but this is not necessarily the FBI's fault. The FBI is known to obtain information about odd activity from a number of different sources, including other (unnamed) federal agencies. This information may come with restrictions prohibiting the sharing of details. For example, the FBI may hear about specifics relating to an attack on a major research university in the U.S., but may only be permitted to tell that university that "an attack involving PHP happened between February and April."

As far as I'm concerned, the operational assumption these days is that, for systems connected to the Internet, you will be targeted. If you happen to have meaning in a political, financial, industrial, or infrastructure sense, you will be targeted sooner than later, and probably by at least one sophisticated attacker. While I'm not blaming the victims, the DNC should have realized that the early warnings they received were likely indicative of a serious underlying threat, then acted accordingly and immediately. If you're that big a target and the FBI tells you to "be on the lookout for strange activity on [your] network," you better damn well act.

 

[Kilroy420]

AnarchyCorp.ORG[/url]":39212gn0]Long-time security type here who occasionally interacts with various law enforcement in a professional capacity (by which I do not mean they're arresting me!)....

The FBI may not have provided specific details about the activity, but this is not necessarily the FBI's fault. The FBI is known to obtain information about odd activity from a number of different sources, including other (unnamed) federal agencies. This information may come with restrictions prohibiting the sharing of details. For example, the FBI may hear about specifics relating to an attack on a major research university in the U.S., but may only be permitted to tell that university that "an attack involving PHP happened between February and April."

As far as I'm concerned, the operational assumption these days is that, for systems connected to the Internet, you will be targeted. If you happen to have meaning in a political, financial, industrial, or infrastructure sense, you will be targeted sooner than later, and probably by at least one sophisticated attacker. While I'm not blaming the victims, the DNC should have realized that the early warnings they received were likely indicative of a serious underlying threat, then acted accordingly and immediately. If you're that big a target and the FBI tells you to "be on the lookout for strange activity on [your] network," you better damn well act.

Sounds reasonable and logical to me.

Even if the DNC heeded the warning from the FBI, I wonder if they could have fielded the expertise to truly defend themselves from the cyber-attackers. Network security is clearly a subject in which more attention, education, and training should be focused for the business, government, and higher-education levels.

EDIT:
No, installing McAfee, Kaspersky, or some other off the shelf security solution is going to keep out the script-kiddies and noobs. For professional security breakers, you need professional assistance and threat denial.

 

[ten91]

Kilroy420[/url]":rlv5nny9]

AnarchyCorp.ORG[/url]":rlv5nny9]Long-time security type here who occasionally interacts with various law enforcement in a professional capacity (by which I do not mean they're arresting me!)....

The FBI may not have provided specific details about the activity, but this is not necessarily the FBI's fault. The FBI is known to obtain information about odd activity from a number of different sources, including other (unnamed) federal agencies. This information may come with restrictions prohibiting the sharing of details. For example, the FBI may hear about specifics relating to an attack on a major research university in the U.S., but may only be permitted to tell that university that "an attack involving PHP happened between February and April."

As far as I'm concerned, the operational assumption these days is that, for systems connected to the Internet, you will be targeted. If you happen to have meaning in a political, financial, industrial, or infrastructure sense, you will be targeted sooner than later, and probably by at least one sophisticated attacker. While I'm not blaming the victims, the DNC should have realized that the early warnings they received were likely indicative of a serious underlying threat, then acted accordingly and immediately. If you're that big a target and the FBI tells you to "be on the lookout for strange activity on [your] network," you better damn well act.

Sounds reasonable and logical to me.

Even if the DNC heeded the warning from the FBI, I wonder if they could have fielded the expertise to truly defend themselves from the cyber-attackers. Network security is clearly a subject in which more attention, education, and training should be focused for the business, government, and higher-education levels.

EDIT:
No, installing McAfee, Kaspersky, or some other off the shelf security solution is going to keep out the script-kiddies and noobs. For professional security breakers, you need professional assistance and threat denial.

If you want everything protected, do it properly. Have no external access to your system and store all your files on punch cards. Then store those punch cards in a box and put the box(s) in the closet with your Christmas supplies. Even then I'd say it's only 99% secure.

 

[adamsc]

Kilroy420[/url]":2xipkzel]

AnarchyCorp.ORG[/url]":2xipkzel]Long-time security type here who occasionally interacts with various law enforcement in a professional capacity (by which I do not mean they're arresting me!)....

The FBI may not have provided specific details about the activity, but this is not necessarily the FBI's fault. The FBI is known to obtain information about odd activity from a number of different sources, including other (unnamed) federal agencies. This information may come with restrictions prohibiting the sharing of details. For example, the FBI may hear about specifics relating to an attack on a major research university in the U.S., but may only be permitted to tell that university that "an attack involving PHP happened between February and April."

As far as I'm concerned, the operational assumption these days is that, for systems connected to the Internet, you will be targeted. If you happen to have meaning in a political, financial, industrial, or infrastructure sense, you will be targeted sooner than later, and probably by at least one sophisticated attacker. While I'm not blaming the victims, the DNC should have realized that the early warnings they received were likely indicative of a serious underlying threat, then acted accordingly and immediately. If you're that big a target and the FBI tells you to "be on the lookout for strange activity on [your] network," you better damn well act.

Sounds reasonable and logical to me.

Even if the DNC heeded the warning from the FBI, I wonder if they could have fielded the expertise to truly defend themselves from the cyber-attackers. Network security is clearly a subject in which more attention, education, and training should be focused for the business, government, and higher-education levels.

EDIT:
No, installing McAfee, Kaspersky, or some other off the shelf security solution is going to keep out the script-kiddies and noobs. For professional security breakers, you need professional assistance and threat denial.

That's big problem: many non-tech organizations are used to thinking of most of their IT spending similar to how they think of office supplies or basic physical security. They might have some app developers working on something which supports their core business but nothing like enough skill or staffing to handle more than a drive-by PHP exploit. At the simplest levels, how many are even on top of software updates and 24x7 monitoring?

 

[rabish12]

adamsc[/url]":3mo8chdf]

Kilroy420[/url]":3mo8chdf]

AnarchyCorp.ORG[/url]":3mo8chdf]Long-time security type here who occasionally interacts with various law enforcement in a professional capacity (by which I do not mean they're arresting me!)....

The FBI may not have provided specific details about the activity, but this is not necessarily the FBI's fault. The FBI is known to obtain information about odd activity from a number of different sources, including other (unnamed) federal agencies. This information may come with restrictions prohibiting the sharing of details. For example, the FBI may hear about specifics relating to an attack on a major research university in the U.S., but may only be permitted to tell that university that "an attack involving PHP happened between February and April."

As far as I'm concerned, the operational assumption these days is that, for systems connected to the Internet, you will be targeted. If you happen to have meaning in a political, financial, industrial, or infrastructure sense, you will be targeted sooner than later, and probably by at least one sophisticated attacker. While I'm not blaming the victims, the DNC should have realized that the early warnings they received were likely indicative of a serious underlying threat, then acted accordingly and immediately. If you're that big a target and the FBI tells you to "be on the lookout for strange activity on [your] network," you better damn well act.

Sounds reasonable and logical to me.

Even if the DNC heeded the warning from the FBI, I wonder if they could have fielded the expertise to truly defend themselves from the cyber-attackers. Network security is clearly a subject in which more attention, education, and training should be focused for the business, government, and higher-education levels.

EDIT:
No, installing McAfee, Kaspersky, or some other off the shelf security solution is going to keep out the script-kiddies and noobs. For professional security breakers, you need professional assistance and threat denial.

That's big problem: many non-tech organizations are used to thinking of most of their IT spending similar to how they think of office supplies or basic physical infrastructure. They might have some app developers working on something which supports their core business but nothing like enough skill or staffing to handle more than a drive-by PHP exploit. At the simplest levels, how many are even on top of software updates and 24x7 monitoring?

I'd argue that they don't even give their IT spending (or at least, their digital security spending) the same level of attention that they do for their office supplies. At least when they go to buy pens, they'll generally make some effort to make sure that the pens work.

 

[myboyelroy]

MouseTheLuckyDog[/url]":xsje7m8l]
Oh and ignoring all the nastiness in the DNC not just rigging the primaries, but also in dissing many of their own constituents.

I don't think the world is ignoring the content of the emails. A ton of articles have been written about the Democratic Party's in fighting. A number of DNC officials are stepping down (including the CEO yesterday I believe).

In your world what does paying attention to the content look like? It's a private organization and the content points to them having a bias for one candidate. That's not jail-able so a bunch of people losing jobs is really the best we're going to get.

 

[Rockchurch]

BlackTaxi2d[/url]":1na955c8]mate you know youre posting this on a highly l̶i̶b̶e̶r̶a̶l̶ literate site.

FTFY

 

[mltdwn]

What I don't understand is why the DNC didn't do regular Pen and security tests and examinations of their systems. I mean where I work we do them every quarter, and they range from tryign to hack the system, to trying to get into secure areas without proper ID, to trying to social engineer people to give you their info, simulate phishing, etc.

This isn't rocket science anymore and is fairly standard in the IT industry.

 

[perrosdelaguerra]

mltdwn[/url]":1d6xwpci]What I don't understand is why the DNC didn't do regular Pen and security tests and examinations of their systems. I mean where I work we do them every quarter, and they range from tryign to hack the system, to trying to get into secure areas without proper ID, to trying to social engineer people to give you their info, simulate phishing, etc.

This isn't rocket science anymore and is fairly standard in the IT industry.

Politicians, and the organizations that support them, don't seem to be very IT-savvy. Until this DNC hack happened, I would wager that if there was a debate over spending $10,000 on IT security or running more ads in a battleground state, they'd choose the latter because it's what they know best. Now, maybe IT security might get a second thought.

 

[ars diavoli]

AnarchyCorp.ORG[/url]":3fuad5m1]Long-time security type here who occasionally interacts with various law enforcement in a professional capacity (by which I do not mean they're arresting me!)....

The FBI may not have provided specific details about the activity, but this is not necessarily the FBI's fault. The FBI is known to obtain information about odd activity from a number of different sources, including other (unnamed) federal agencies. This information may come with restrictions prohibiting the sharing of details. For example, the FBI may hear about specifics relating to an attack on a major research university in the U.S., but may only be permitted to tell that university that "an attack involving PHP happened between February and April."

As far as I'm concerned, the operational assumption these days is that, for systems connected to the Internet, you will be targeted. If you happen to have meaning in a political, financial, industrial, or infrastructure sense, you will be targeted sooner than later, and probably by at least one sophisticated attacker. While I'm not blaming the victims, the DNC should have realized that the early warnings they received were likely indicative of a serious underlying threat, then acted accordingly and immediately. If you're that big a target and the FBI tells you to "be on the lookout for strange activity on [your] network," you better damn well act.

tldr: A private organisation is responsible for its own network security. An FBI "heads up" is more than most of us get.

 

[CraigJ ✅]

Iphtashu Fitz[/url]":13hicpzr]

MouseTheLuckyDog[/url]":13hicpzr]Sigh. Another lame story trying to tie the Russians to Trump ignoring all the ties the Clintons have to China, Russia or anyone else that will pay them..

Um. Your comment is the first time I see Trump mentioned anywhere. How is this article trying to tie him to the Russians if he isn't even mentioned in the article?

Trump supporters live in an augmented reality where Trumps appear in places where they don't really exist. Only they just tell you to "believe me!" - you can't collect them for points.

 

[Rosyna]

CraigJ[/url]":d89ambvn]

Iphtashu Fitz[/url]":d89ambvn]

MouseTheLuckyDog[/url]":d89ambvn]Sigh. Another lame story trying to tie the Russians to Trump ignoring all the ties the Clintons have to China, Russia or anyone else that will pay them..

Um. Your comment is the first time I see Trump mentioned anywhere. How is this article trying to tie him to the Russians if he isn't even mentioned in the article?

Trump supporters live in an augmented reality where Trumps appear in places where they don't really exist. Only they just tell you to "believe me!" - you can't collect them for points.

Well, folks, Trump has turned this election into a laugher, and that's with two F's.

 

[ten91]

CraigJ[/url]":11t90dzj]

Iphtashu Fitz[/url]":11t90dzj]

MouseTheLuckyDog[/url]":11t90dzj]Sigh. Another lame story trying to tie the Russians to Trump ignoring all the ties the Clintons have to China, Russia or anyone else that will pay them..

Um. Your comment is the first time I see Trump mentioned anywhere. How is this article trying to tie him to the Russians if he isn't even mentioned in the article?

Trump supporters live in an augmented reality where Trumps appear in places where they don't really exist. Only they just tell you to "believe me!" - you can't collect them for points.

I'm not even a supporter and Trump appeared to me in the wood I was using to repair my privacy fence. Now it's huge and the city is threatening to fine me for having my fence 2x taller than ordinance allows.

 

[CraigJ ✅]

BlackTaxi2d[/url]":2dkq2f35]

MouseTheLuckyDog[/url]":2dkq2f35]Sigh. Another lame story trying to tie the Russians to Trump ignoring all the ties the Clintons have to China, Russia or anyone else that will pay them..

Oh and ignoring all the nastiness in the DNC not just rigging the primaries, but also in dissing many of their own constituents.

mate you know youre posting this on a highly liberal site. downvotes and disregard of the actual email contents. my bets are on the emails coming from some disgruntled Bernie supporter from the NSA tbh

And by "liberal" you mean "fact based" right? Only someone deeply political would view actual straightforward facts as bias.

 

[CraigJ ✅]

ten91[/url]":1r5jaixq]

CraigJ[/url]":1r5jaixq]

Iphtashu Fitz[/url]":1r5jaixq]

MouseTheLuckyDog[/url]":1r5jaixq]Sigh. Another lame story trying to tie the Russians to Trump ignoring all the ties the Clintons have to China, Russia or anyone else that will pay them..

Um. Your comment is the first time I see Trump mentioned anywhere. How is this article trying to tie him to the Russians if he isn't even mentioned in the article?

Trump supporters live in an augmented reality where Trumps appear in places where they don't really exist. Only they just tell you to "believe me!" - you can't collect them for points.

I'm not even a supporter and Trump appeared to me in the wood I was using to repair my privacy fence. Now it's huge and the city is threatening to fine me for having my fence 2x taller than ordinance allows.

So make your neighbors pay for it. Problem solved! You're welcome.

 

[danstl]

MFA.. why is it so hard for organizations to setup MFA. From my understanding it appears that these "hacks" (social engineering... ) may have started from a compromised personal yahoo account. From there the attack spreads quite simply because people inherently trust the information / links coming from a "known" account (as long as its not asking for money..). From here some non-sophisticated phishing attacks could have easily compromised more accounts all without a single bit of "hacking" I mean we are talking about doing a web scrape of an existing login portal and logging the data submitted (kiddie stuff).

From here once you have some access to these systems it was game over...

What I don't understand is why not EVERY one of these systems implemented with MFA. I mean people use it for Facebook! But not for their DNC accounts?!

 

[skyywise]

A consideration as to "Why wasn't this set up better in the first place?" The DNC follows the ebb and flow of Presidential campaigns. Yes, there are mid-term elections they work on, but by and large the DNC is relatively a skeleton crew for the years between Presidential campaigns. Then every 3 years they get a surge of personnel in, and then personnel from the campaign of the nominee, and they are building from the ground up, each time, for the current campaign, focused on electing their nominee and not the underlying IT.

And on many levels, they should build from the ground up each time, because the infrastructure, practices, and tactics from 4 years prior will outdated for the current campaign. Double-edged swords being what they are, however, this also means that there is (1) a void of institutional knowledge and (2) little maintenance of best practices during the lulls of not-election years. To be fair, there aren't many employees who want to be in stand-by mode for 2.5-3 years - smart and ambitious people in all areas move on from the campaign and national committee.

The lesson for all political campaigns, moving forward, is that the party committees need to maintain vigilance at all times, and the traditional ebb and flow of substantive electoral work (with related funding and attention) cannot apply to the constant underlying IT infrastructure maintenance of a high-profile target.

 

[Rrr7]

danstl[/url]":1ze82j9p]MFA.. why is it so hard for organizations to setup MFA. From my understanding it appears that these "hacks" (social engineering... ) may have started from a compromised personal yahoo account. From there the attack spreads quite simply because people inherently trust the information / links coming from a "known" account (as long as its not asking for money..). From here some non-sophisticated phishing attacks could have easily compromised more accounts all without a single bit of "hacking" I mean we are talking about doing a web scrape of an existing login portal and logging the data submitted (kiddie stuff).

From here once you have some access to these systems it was game over...

What I don't understand is why not EVERY one of these systems implemented with MFA. I mean people use it for Facebook! But not for their DNC accounts?!

Yahoo email.. /facepalm
It's beyond me why people still use that spam-machine garbage..
I've had multiple instances of having to scrape friends & family's PCs of malware they got from Yahoo mail, until I developed a 'quick troubleshooting' method: "do you use Yahoo services? If you do, don't come to me until you got rid of them for good"

 

[CanadianLibertarian]

Yahoo email.. /facepalm
It's beyond me why people still use that spam-machine garbage..
I've had multiple instances of having to scrape friends & family's PCs of malware they got from Yahoo mail, until I developed a 'quick troubleshooting' method: "do you use Yahoo services? If you do, don't come to me until you got rid of them for good"

I didn't realize targeting phishing attacks were related to the e-mail provider... The DNC was targeted by state-sponsored hackers. Their people could've used any e-mail provider and would've received the same attacks.

More generally, spam is usually generated by providing your e-mail address to people who collect and share it with other organizations and by having your e-mail searchable from web crawlers. I get spammed to death because my e-mail address is on all kinds of communications that are now easily found on Google. I suspect e-mails also get poached from infected people's machines.

I suspect the bias in your anecdote is that people who use Yahoo tend to be more likely to provide their e-mail addresses to sketchy websites.

 

[mr_nobody]

"Part of the reason why the attack may have persisted for so long was that the DNC may not have had much in the way of a security team to begin with."

If I had a nickel for every time I've had security discussions with IT teams that don't have 'much in the way of a security team' I'd have a lot of nickels.

 

[wangstramedeous]

theJonTech[/url]":1kp491ap]We've always been at war with Russia......

...possibly Russian-sponsored intrusion into the network of the Democratic National Committee

...potential state-sponsored attack

purportedly associated with Russian intelligence agencies

https://www.washingtonpost.com/world/na ... story.html :

“We have not drawn any evidentiary connection to any Russian intelligence service and WikiLeaks — none,” said one U.S. official. Doing so will be a challenge, in part because the material may not have been passed electronically.

If they are truly behind the email dump, he said, “they’re taking their game to another level.”

Nah scratch that, lets get on with the 2 minutes of hate.

 

[photochemsyn]

the alleged "Fancy Bear" and "Cozy Bear" threat groups, purportedly associated with Russian intelligence agencies

This is really the problem with the story; alleged and purportedly sound like nothing so much as a PR move by the DNC aimed at deflecting attention away from the content of the emails.

Furthermore, the whole conspiracy theory notion, i.e. that Putin is backing Trump so that he will defund NATO and open eastern Europe up to a tank invasion that will restore the old Soviet Union (yes, this line has been widely promoted in various media outlets), is just a lot of nonsense.

Just as with the Panama Papers hack (which embarrassed Putin, and which Russian media tried to blame on the NSA) we really don't know who was behind it.

 

[taswyn]

ten91[/url]":2vptxur4]

Kilroy420[/url]":2vptxur4]

AnarchyCorp.ORG[/url]":2vptxur4]Long-time security type here who occasionally interacts with various law enforcement in a professional capacity (by which I do not mean they're arresting me!)....

The FBI may not have provided specific details about the activity, but this is not necessarily the FBI's fault. The FBI is known to obtain information about odd activity from a number of different sources, including other (unnamed) federal agencies. This information may come with restrictions prohibiting the sharing of details. For example, the FBI may hear about specifics relating to an attack on a major research university in the U.S., but may only be permitted to tell that university that "an attack involving PHP happened between February and April."

As far as I'm concerned, the operational assumption these days is that, for systems connected to the Internet, you will be targeted. If you happen to have meaning in a political, financial, industrial, or infrastructure sense, you will be targeted sooner than later, and probably by at least one sophisticated attacker. While I'm not blaming the victims, the DNC should have realized that the early warnings they received were likely indicative of a serious underlying threat, then acted accordingly and immediately. If you're that big a target and the FBI tells you to "be on the lookout for strange activity on [your] network," you better damn well act.

Sounds reasonable and logical to me.

Even if the DNC heeded the warning from the FBI, I wonder if they could have fielded the expertise to truly defend themselves from the cyber-attackers. Network security is clearly a subject in which more attention, education, and training should be focused for the business, government, and higher-education levels.

EDIT:
No, installing McAfee, Kaspersky, or some other off the shelf security solution is going to keep out the script-kiddies and noobs. For professional security breakers, you need professional assistance and threat denial.

If you want everything protected, do it properly. Have no external access to your system and store all your files on punch cards. Then store those punch cards in a box and put the box(s) in the closet with your Christmas supplies. Even then I'd say it's only 99% secure.

"Hey, just wanted to let you know, one of our newer staffers had this AWESOME idea for a 'Christmas in May' for the office, so she's going to be in and out of the Christmas supplies looking for what might work for that!"

Most organizations, especially the types of more relatively ad-hoc organizations that represent a political campaign, simply aren't trained or equipped to deal with state level espionage actions. It's hard enough to convince dedicated players (e.g. any long term, stable corporation/institution with > 100 employees) that the spending on information security should be equal to the value of their data and the various costs of a breach if one were to occur, and not instead related just to what they spend on basic IT infrastructure.

On a campaign budget, it's nearly all being spent on messaging, and a lot of the other IT is going to be shoestring and fairly literally strung together, from what I've seen, at least at the state levels. I expect the national levels are better, but not by orders of magnitude.

photochemsyn[/url]":2vptxur4]

the alleged "Fancy Bear" and "Cozy Bear" threat groups, purportedly associated with Russian intelligence agencies

This is really the problem with the story; alleged and purportedly sound like nothing so much as a PR move by the DNC aimed at deflecting attention away from the content of the emails.

Furthermore, the whole conspiracy theory notion, i.e. that Putin is backing Trump so that he will defund NATO and open eastern Europe up to a tank invasion that will restore the old Soviet Union (yes, this line has been widely promoted in various media outlets), is just a lot of nonsense.

Just as with the Panama Papers hack (which embarrassed Putin, and which Russian media tried to blame on the NSA) we really don't know who was behind it.

Umm, what content? Nothing in the emails was actually surprising. There was some improper shit said by some people, evidencing degrees of bias among some staff, but none of it served as evidence that anything improper much less illegal was actually done. And, again, none of it was surprising. Sad, but not surprising. Honestly, the actual surprise was that it wasn't worse. Personally I expected to see worse.

So I could counter with:

This is really the problem: all of the Republican jumping around and quibbling about 'allegedly' and 'purportedly' and how it might not be a Russian sound like an attempt to distract from the overall lack of salacious content in the emails.

Hmm, see how that looks?

Meanwhile, jumping all over "see you just admitted it might not be the Russians!" just sounds like an attempt to deflect from why we should or shouldn't be concerned if it were definitely a Russian state sponsored attack.

Seriously.

This is the type of thing where you shrug and say "yeah, seems like it was probably the Russians from what the evidence says. We're against that type of thing too."

But, you know, someone had to stick his big foot in it, so now you're all making it worse with this attempted distancing that only draws attention back to that.

Seriously: just admit it's concerning and that any attempt by foreign powers to interfere with our electoral process will not be tolerated.

That's all you need to say, regardless of political affiliation, to come out looking good in this. Stop using the playbook that a certain party's nominee seems to be pulling from.

 

[ColtWanger]

rabish12[/url]":1gion7a4]

adamsc[/url]":1gion7a4]

Kilroy420[/url]":1gion7a4]

AnarchyCorp.ORG[/url]":1gion7a4]Long-time security type here who occasionally interacts with various law enforcement in a professional capacity (by which I do not mean they're arresting me!)....

The FBI may not have provided specific details about the activity, but this is not necessarily the FBI's fault. The FBI is known to obtain information about odd activity from a number of different sources, including other (unnamed) federal agencies. This information may come with restrictions prohibiting the sharing of details. For example, the FBI may hear about specifics relating to an attack on a major research university in the U.S., but may only be permitted to tell that university that "an attack involving PHP happened between February and April."

As far as I'm concerned, the operational assumption these days is that, for systems connected to the Internet, you will be targeted. If you happen to have meaning in a political, financial, industrial, or infrastructure sense, you will be targeted sooner than later, and probably by at least one sophisticated attacker. While I'm not blaming the victims, the DNC should have realized that the early warnings they received were likely indicative of a serious underlying threat, then acted accordingly and immediately. If you're that big a target and the FBI tells you to "be on the lookout for strange activity on [your] network," you better damn well act.

Sounds reasonable and logical to me.

Even if the DNC heeded the warning from the FBI, I wonder if they could have fielded the expertise to truly defend themselves from the cyber-attackers. Network security is clearly a subject in which more attention, education, and training should be focused for the business, government, and higher-education levels.

EDIT:
No, installing McAfee, Kaspersky, or some other off the shelf security solution is going to keep out the script-kiddies and noobs. For professional security breakers, you need professional assistance and threat denial.

That's big problem: many non-tech organizations are used to thinking of most of their IT spending similar to how they think of office supplies or basic physical infrastructure. They might have some app developers working on something which supports their core business but nothing like enough skill or staffing to handle more than a drive-by PHP exploit. At the simplest levels, how many are even on top of software updates and 24x7 monitoring?

I'd argue that they don't even give their IT spending (or at least, their digital security spending) the same level of attention that they do for their office supplies. At least when they go to buy pens, they'll generally make some effort to make sure that the pens work.

This is what we in the office supply industry call "pen testing"

 

[IrishMonkee]

AnarchyCorp.ORG[/url]":3480i5sx]Long-time security type here who occasionally interacts with various law enforcement in a professional capacity (by which I do not mean they're arresting me!)....

The FBI may not have provided specific details about the activity, but this is not necessarily the FBI's fault....

Ya gotta be fucking joking. The FBI is known to watch an attack play out so that they can gather more intel before they do anything. Not even their own FBI colleagues are immune to this kind of treatment. If ya need an example, look no further to when Anonymous got access to live FBI conference call and others within the FBI knew security had been breached and the call was being actively eavesdropped on because of their snitch, but didn't lift a finger to stop it. FBI is Fucking Bull shIt!

 

[sgn_tkr]

photochemsyn[/url]":r3q8g3lw]

the alleged "Fancy Bear" and "Cozy Bear" threat groups, purportedly associated with Russian intelligence agencies

This is really the problem with the story; alleged and purportedly sound like nothing so much as a PR move by the DNC aimed at deflecting attention away from the content of the emails.

Furthermore, the whole conspiracy theory notion, i.e. that Putin is backing Trump so that he will defund NATO and open eastern Europe up to a tank invasion that will restore the old Soviet Union (yes, this line has been widely promoted in various media outlets), is just a lot of nonsense.

Just as with the Panama Papers hack (which embarrassed Putin, and which Russian media tried to blame on the NSA) we really don't know who was behind it.

First comment : " We've always been at war with Russia...... "
There are apparently hillbillies out there who do want war.
While tgere are candidates pleading for an accalmy of the relations with Russia and China, they'll call them warmongers and elect Clintons and Bushes until they get enough of it.

 

[perrosdelaguerra]

ColtWanger[/url]":1b1elwje]This is what we in the office supply industry call "pen testing"

I feel like this post deserves more than just a +1.

 

[Rhonin]

DannibusX[/url]":11pa53yl]Hey DNC you should probably be on the lookout for a possible Chinese attack as well.

Just hasn't found it yet....

 

[Darkness1231]

To be fair, the FBI has yet to convince anyone that they are the go to source for IT information or security issues in general.

Deniability, yep - they got that down solid.

 

[seanmgallagher]

Iphtashu Fitz[/url]":svwb23gn]

MouseTheLuckyDog[/url]":svwb23gn]Sigh. Another lame story trying to tie the Russians to Trump ignoring all the ties the Clintons have to China, Russia or anyone else that will pay them..

Um. Your comment is the first time I see Trump mentioned anywhere. How is this article trying to tie him to the Russians if he isn't even mentioned in the article?

I also say alleged, purported, etc. It could have been Martians that hacked the DNC, for all I know.

 

[seanmgallagher]

Long-time security type here who occasionally interacts with various law enforcement in a professional capacity (by which I do not mean they're arresting me!)....

The FBI may not have provided specific details about the activity, but this is not necessarily the FBI's fault. The FBI is known to obtain information about odd activity from a number of different sources, including other (unnamed) federal agencies. This information may come with restrictions prohibiting the sharing of details. For example, the FBI may hear about specifics relating to an attack on a major research university in the U.S., but may only be permitted to tell that university that "an attack involving PHP happened between February and April."

As far as I'm concerned, the operational assumption these days is that, for systems connected to the Internet, you will be targeted. If you happen to have meaning in a political, financial, industrial, or infrastructure sense, you will be targeted sooner than later, and probably by at least one sophisticated attacker. While I'm not blaming the victims, the DNC should have realized that the early warnings they received were likely indicative of a serious underlying threat, then acted accordingly and immediately. If you're that big a target and the FBI tells you to "be on the lookout for strange activity on [your] network," you better damn well act.

Precisely. The FBI is not obliged to tell anyone more than, "hey, you should keep an eye out" if they lack direct evidence of an incursion. A more op:ed headline for this story would have been, "DNC staffers complain that FBI told them months in advance of hack but didn't tell them enough to make them really worry."

 

[Quiet Desperation]

perrosdelaguerra[/url]":14qd8fqm]

mltdwn[/url]":14qd8fqm]What I don't understand is why the DNC didn't do regular Pen and security tests and examinations of their systems. I mean where I work we do them every quarter, and they range from tryign to hack the system, to trying to get into secure areas without proper ID, to trying to social engineer people to give you their info, simulate phishing, etc.

This isn't rocket science anymore and is fairly standard in the IT industry.

Politicians, and the organizations that support them, don't seem to be very IT-savvy. Until this DNC hack happened, I would wager that if there was a debate over spending $10,000 on IT security or running more ads in a battleground state, they'd choose the latter because it's what they know best. Now, maybe IT security might get a second thought.

Why do they have to worry? Either candidate could be revealed in full 3D video to be personally running HYDRA, and the Party leg humpers wouldn't care.

(Both sides reading this are thinking, uh huh, that's that *other* side, all right)