Clinton Campaign Confirm Mystery Hackers Accessed Data

Uploaded on 2016-08-04 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, INTELLIGENCE--International, FREE TO VIEW

Hillary Clinton’s presidential campaign confirmed that one of its data programs has been accessed by hackers, the latest development in what cybersecurity experts call a broad operation by Russian operatives to infiltrate US political organizations.

“An analytics data program maintained by the DNC, and used by our campaign and a number of other entities, was accessed as part of” a previously disclosed attack on the Democratic National Committee, campaign spokesman Nick Merrill said recently in an e-mailed statement.

“Our campaign computer system has been under review by outside cyber security experts. To date, they have found no evidence that our internal systems have been compromised.”

The FBI has begun a review of whether the Clinton campaign was hacked, according to a person familiar with the probe who asked not to be identified discussing an internal inquiry.

The campaign’s announcement came hours after the Democratic Congressional Campaign Committee, which raises funds to elect House Democrats, said that it, too, was “the target of a cybersecurity incident." Meredith Kelly, press secretary for the organization, said the DCCC was “cooperating with the federal law enforcement agencies with respect to their ongoing investigation."

Stolen E-Mails

The founder of the WikiLeaks recently confirmed that his group has more material on Hillary Clinton, and that he's looking to "publish it in batches" over the coming weeks.

When asked how damaging the information would be to Clinton, Julian Assange said, "it remains to be seen."

"It is significant material, it takes a lot of work to verify the accuracy," Assange explained. He said WikiLeaks is now in the process of trying to understand the material, and how to release it for "maximum exposure."

Assange also refused to say whether Russia was behind the original hack of the Democratic National Committee emails, and said as a journalist, he doesn't "reveal our sources." Last month's publishing of DNC emails created havoc in the Democratic Party last week, as the documents showed the DNC was eager to see Clinton defeat Bernie Sanders.

Attacks on Democratic organizations, including the DNC, have roiled the 2016 political campaigns. The disclosure by WikiLeaks of purloined party e-mails forced the head of the DNC to resign as Democrats gathered for their presidential convention. The breach has stirred allegations that Russia is seeking to meddle in the US election, an assertion Russian officials have repeatedly denied.

“Any of the allegations that circulate here in the US about Russia’s involvement are groundless," Yury Melnik, a spokesman for Russia’s embassy in Washington, said recently in a phone interview. "There’s no attempts whatsoever to meddle with the political process or the results of the election. The Russian government is ready and willing to work with the current administration and any future administration."

FBI Response

In a recent statement, the Federal Bureau of Investigation said it’s “aware of media reporting on cyber intrusions involving multiple political entities and is working to determine the accuracy, nature and scope of these matters.”

“The cyber threat environment continues to evolve as cyber actors target all sectors and their data,” the agency said. “The FBI takes seriously any allegations of intrusions, and we will continue to hold accountable those who pose a threat in cyberspace.”

The hackers who got into the analytics program used by the Clinton campaign had access to its server for about five days, according to a campaign aide who asked not to be identified. The program, one of many used to conduct voter analysis, doesn’t include Social Security or credit card numbers, the aide said.

“Analytics data program” is a broad term that could mean many things and a key question is whether the data was breached or the program itself compromised, Herbert Lin, a cyber research fellow at Stanford University, said by phone.

"If it’s data, it’s data on people who would have been likely targets for a campaign," Lin said. That might include details from their home addresses to their spending habits, he said.

Internet Traffic

The attack on the Democrats’ House campaign committee affected visitors who went to its website from June 19 to June 27, cybersecurity company FireEye. concluded, based on an analysis of internet traffic.

Those visitors were steered to a server controlled by a hacking group known as APT 28, said John Hultquist, FireEye’s manager of cyber espionage intelligence. Other cybersecurity researchers have said APT 28 is an arm of Russia’s military intelligence service GRU, he said.

The DCCC website was altered so that visitors seeking to make a donation were redirected to a server controlled by hackers linked to the Russian government, Hultquist has said. The cybersecurity company hasn’t been able to determine if the hackers intercepted the donations or succeeded in planting malware on the computers of those visitors, Hultquist said.

The attack on the DNC resulted in the theft of e-mail and internal reports, some of which have since been published by WikiLeaks. Russia is a leading suspect in that intrusion, according to a US official with knowledge of the probe who asked to not be identified because the inquiry is continuing. Private cybersecurity companies have said they traced the DNC attack to groups in Russia.

DNC Chair Debbie Wasserman Schultz was forced to resign after a firestorm over leaked e-mails that showed committee staffers favored Clinton and attempted to undermine Senator Bernie Sanders for the Democratic presidential nomination.

Electronic Voting

In response to speculation that Russia is attempting to influence the outcome of the US presidential race, and might even seek ways to tamper with electronic voting, Eric Schultz, a White House spokesman, said, "As we’ve seen in the past, Russia has tried to influence elections in Europe. We take seriously their past record on this. We also take seriously the integrity of our voting system."

Clinton adviser Jake Sullivan said that the nominee has been briefed on hacking of the DNC and has been told that the weight of expert opinion is that Russia was involved.

“She does not view this as a political issue, she views this as a national security issue," Sullivan told reporters gathered in Philadelphia for this week’s Democratic National Convention. Russia has a history of interfering in elections in other countries, he said. "Unlike Donald Trump, who praises Putin” and adopts his positions, “Secretary Clinton will stand up to Putin,” Sullivan concluded.

Trump, the Republican presidential nominee, this week urged Russia to make public “30,000 e-mails that are missing” from the private server that Clinton maintained when she was Secretary of State. He later said he was being “sarcastic.”

Russia Says Spies Planted Malware

Russian military networks and other critical infrastructure have also been hit by tailor-made malware, according to government officials. Networks at some 20 organizations in Russia, including scientific and military institutions, defense contractors, and public authorities, were found to be infected with the malware, the Russian Federal Security Service (FSB) said recently.

The range of infected sites suggests that the targets were deliberately selected as part of a cyber-espionage operation, the FSB said.

Analysis of the attack showed that filenames, parameters and infection methods used in the malware are similar to those involved in other high-profile cyber-espionage operations around the world. The software was adapted to the characteristics of each PC targeted, and delivered in a malicious email attachment, the FSB said. Once installed, it downloaded additional modules to perform tasks such as monitoring network traffic, capturing and transmitting screenshots and keystroke logs, or recording audio and video using the PC's microphone and webcam.

The FSB is working with ministries and other government agencies to identify all the victims of the malware, and to limit its effects, it said. Russia is said to be the source, not the target, of another government-related cyber-attack. 

Computerworld:     Information-Management:    WashingtonExaminer

Image: Pixabay 

 

« Russian Government Under Multiple Cyber Attack
EU Cyber Crime Commissioner is King »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

ForeScout Technologies

ForeScout Technologies

ForeScout delivers pervasive network security by allowing organisations to continuously monitor & mitigate security exposures & cyberattacks.

Research Institute in Trustworthy Industrial Control Systems (RITICS)

Research Institute in Trustworthy Industrial Control Systems (RITICS)

RITICS is one of three Research Institutes formed as part of the UK National Cyber Security Strategy.

Global Digital Forensics (GDF)

Global Digital Forensics (GDF)

GDF specialise in Digital Forensics and e-Discovery. Other services include Data Breach Response and Cyber Security.

Dubex

Dubex

Dubex is Denmark's leading business-oriented IT security specialist.

Institute for Cybersecurity & Privacy (ICSP) - University of Georgia

Institute for Cybersecurity & Privacy (ICSP) - University of Georgia

The goal of ICSP is to become a state hub for cybersecurity research and education, including multidisciplinary programs and research opportunities, outreach activities, and industry partnership.

Securitybulls

Securitybulls

Securitybulls is an information security firm offering an encyclopedic penetration testing & IT security assessment service for your organization.

Maven Security Consulting

Maven Security Consulting

Maven Security Consulting helps companies secure their information assets and digital infrastructure by providing a wide range of customized consulting and training services.

StartupXseed Ventures

StartupXseed Ventures

StartupXseed Ventures is a smart capital provider for Deep Tech, B2B, Early Stage Startups. We support, NextGen Tech Entrepreneurs, who have potential to deliver the outsized growth.

Strike Graph

Strike Graph

The Strike Graph GRC platform enables Security Audits & Certifications.

MazeBolt Technologies

MazeBolt Technologies

Israel-based MazeBolt is an innovation leader in cybersecurity, with over two decades of experience in pioneering DDoS protection solutions.

Hong Kong Broadband Network (HKBN)

Hong Kong Broadband Network (HKBN)

HKBN are a leading integrated telecom and technology solutions provider that offers a comprehensive range of premier ICT services to both the enterprise and residential markets.

Cymune

Cymune

At Cymune we help businesses to fight against cybercrime, protect patented data and diminish security risks.

Intertec Systems

Intertec Systems

Intertec Systems is an award-winning, global IT solutions and services provider that specializes in digital transformation, cybersecurity, sustainability, and cloud services.

ThreatER

ThreatER

ThreateER (formerly ThreatBlockr / Bandura Cyber) is a cybersecurity platform that provides active network defense by automating the discovery, enforcement, and analysis of cyber threats at scale.

Liverton Security

Liverton Security

Liverton Security is a New Zealand-owned cyber security provider offering consultancy and security-related products to government and commercial customers throughout New Zealand.

INTfinity Consulting

INTfinity Consulting

The INTfinity team brings together decades of professional experience in cybersecurity. We're here to apply that same experience and proficiency in defending your networks.