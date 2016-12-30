FBI and Homeland Security Detail Russian Hacking Campaign In New Report (theguardian.com) 54
An anonymous reader quotes a report from The Guardian: The U.S. Department of Homeland Security (DHS) and FBI have released an analysis of the allegedly Russian government-sponsored hacking groups blamed for breaching several different parts of the Democratic party during the 2016 elections. The 13-page document, released on Thursday and meant for information technology professionals, came as Barack Obama announced sanctions against Russia for interfering in the 2016 elections. The report was criticized by security experts, who said it lacked depth and came too late. "The activity by [Russian intelligence services] is part of an ongoing campaign of cyber-enabled operations directed at the U.S. government and its citizens," wrote the authors of the government report. "This [joint analysis report] provides technical indicators related to many of these operations, recommended mitigations, suggested actions to take in response to the indicators provided, and information on how to report such incidents to the U.S. government." The government report follows several from the private sector, notably a lengthy section in a Microsoft report from 2015 on a hacking team referred to as "advanced persistent threat 28" (APT 28), which the company's internal nomenclature calls Strontium and others have called Fancy Bear. Also mentioned in the government document is another group called APT 29 or Cozy Bear. The Microsoft report contains a history of the groups' operation; a report by security analysts ThreatConnect describes the team's modus operandi; and competing firm CrowdStrike detailed the attack on the Democratic National Committee shortly before subsequent breaches of the Democratic Congressional Campaign Committee and the Hillary Clinton campaign were discovered.
This Calls for Swift Retribution (Score:4, Insightful)
Re: (Score:1)
Fuck off, Ivan.
Bigoted much? (Score:5, Informative)
This report was ripped to shreds [ycombinator.com] yesterday.
It's mostly OWASP copypasta with recommended mitigations and a few interesting tidbits.
I'm also not clear on why this submission linked to a copy of the report. Best compare it with the original report [us-cert.gov] in case there are any differences..
Only fitting I should encounter xenophobia... (Score:2)
Do note the same Guardian had to retract earlier statements [twitter.com].
Oh, they had to edit the ODNI statement [twitter.com] too.
Best keep watching for more revisionist history.
Re: (Score:2)
I guess you don't want to read past the first comment in your link. I don't see anything "ripped to shreds".
Re: (Score:2)
A lot of the technical comments got hit by a downvote brigade last night.
Read down to look at the people actually talking about tools & methods.
Simple solutions suggested - easy to harden (Score:2)
If the degree of "russian hacking" can be so easily foiled, it doesn't sound much like they were using master criminals or IT experts - just script-kiddie stuff that follows people around the internet every day. One would hope that if they have solid evidence that this originated ONLY from the russian intelligence services that they
the truth hurts (Score:1)
Re: (Score:2)
So they're doing what Trump has done all along? Calling women he's assaulted ugly, whining how he's made to look bad when his own words and deeds are reported, calling someone else corrupt when he himself is a corrupt con artist?
You mean the DNC is doing the exact same thing the Republicans are doing? How shocking!
Before the election: (Score:1)
"What... Trump says the election is rigged? Calm down folks, it's not like anyone could HACK us or anything, sheesh"
-after election-
"the russians!"
LOL I just read the report LOL LOL!!! (Score:1)
* too busy LMAO *
summary : pure bullshit
they do mention a yara signature linked to some group but thats about it,
The problem with lying all the time (Score:3)
is that, when you really need folks to believe you, it just doesn't happen.
Maybe if the US Government understood this fact, we might actually care what they have to say.
Its a talking point (Score:4, Insightful)
Please look at what they provided. There is literally no evidence given in the document, not even an attempt. They make up some names, put them in a diagram and say that is proof. They didn't even try.
This document is one of those DNC talking points that isn't valid. Now the DNC supporters will be screaming that the FBI released proof of the attack, but not one of them will even look at it to see that the document doesn't contain anything even attempting to prove it. Its just a placeholder to give DNC supporters talking points to use. Watch over the next week how many of them cite this document is unquestionable proof and will refuse to hear anyone question it.
"The FBI and DHS have shown proof that the Russians did it."
"Are you questioning the integrity of the FBI by saying the document is lying?"
Mark my words, you will hear the above non-stop now.
Re: (Score:2)
Thing is, we already know what nation state level hacking is. Has everyone just forgotten that we have the TAO program revelations from the NSA?
They're not emailing crappy ass phishing links to idiots or writing powershell scripts, they're using powerful signals intelligence tools like TEMPEST and custom, subverted hardware.
The fact that we fell for this just makes me wonder how much money the DNC has sent to 419 scammers.
Re: (Score:3)
Please look at what they provided. There is literally no evidence given in the document, not even an attempt. They make up some names, put them in a diagram and say that is proof. They didn't even try.
Yep. It's 13 pages of absolute garbage containing no proof of anything. If people need an example of propaganda and fake news though? That's the bullshit being pumped right there.
And since we're running dry on the news cycles right now, you're likely going to be spot on. The flappy heads in the media will push--and push hard that this is proof. You're also likely going to hear the various progressive groups trying to use it as an attempt that "Trump is illegitimate" or some other steaming pile of BS.
Re:Why should anyone trust the report? (Score:4, Informative)
Re: (Score:2)
Very true. It's absolutely shocking how half the country is ignoring a real threat to the US just because it is easier to blame the other half for not knowing how to loose. If someone (be it the Russian or not) can attack the DNC in this way, they - or anyone else with similar expertise - can also attack the GOP. and plenty of other organizations and can do much damage irrespective of which party is in power..
This, my friends is a sign of a country that will (continue to) spiral down in decline. It is no
Re: (Score:2)
I am really appalled at how many people don't take the Russian interference seriously and blame it on some kind of Democrat/Obama conspiracy. This has been happening in eastern European countries for decades and Russia has now been targeting also western Europe since the annexation of Crimea and the war in Ukraine. Russia is funding right-wing populist parties and helping them out with propaganda all across the western hemisphere in an attempt to discredit our democracies and our free press.
Don't believe it
Re: (Score:1)
Re: (Score:1)
Trump's doing a decent job of making himself look like a thundering idiot. Also, I'm not sure when it happened, but at least when I was a kid, the idea that "the Rooskies" might have interfered with a U.S. election would not be so casually dismissed by the party of Reagan.
Except that they're really not the party of Reagan any more, are they? I mean, I know why McConnell isn't rocking the boat. He got paid with his wife being offered a Cabinet position. And Ryan is too busy thinking of ways to shit on poor p
Wha? (Score:2)
The US intelligence hacking center is documented enough. I understand what it is and I'm not part of that community.
Let me state the publicly unknown... the equivalent of deep blue can diagnose the location of hackers. Yes is is 1% error prone.
Actually it's more proficient that deep blue and it can program it's own viruses in real time. But... just like people it can be wrong.
What people/companies need is meta alerts.. with details!!! for reanalysis.
Difficult when the conclusion is a hunch from a recursi
So where is this report? (Score:1)
Crap article. Doesn't seem to have any links to the actual report itself. Can anyone throw me a bone here?
Re: (Score:2, Informative)
Never mind, I'm a fucking idiot and was looking at the wrong article link.
palpable irony. (Score:3, Insightful)
If sanctions didnt work for Ukrane, they wont work here. Although they do an amazing job of allowing you to avoid the fact of the matter which is that Hillary Clinton was a turd of a candidate who rigged the parties primary, and enjoyed limited popularity outside major metropolitan areas. She never set foot in places like Wisconsin, took a gamble that LA was somehow bigger than all the midwest, and lost.
Re: (Score:2)
Sanctions have never worked, at any time they have been implemented. Sanctions as a politician's tool to say they did something without actually making a tough decision. Especially with 20 (make that 19 now) days left in his presidency, this move means nothing. It's all getting rolled back anyway. Too little, too late.
All this report does is confirm that the Russians didn't hack the election. They might have released a few E-Mails, but Hillary did her own part to make E-Mail a meaningful factor in the el
Re: (Score:1)
Not doing anything is often a tough decision. I wouldn't say sanctions accomplish nothing, however, even if you're right I would say sanctions are often used to get the public to accept that we've made the tough decision not to respond with physical aggression. It's often the right decision, and rarely popular.
They illegally acquired access to Podesta's emails and other DNC IP. Then they broadcast it to the world. Information is the most powerful commodity and control of it is critical. The point is no
Re:palpable irony. (Score:4, Insightful)
I've been hearing this argument a lot from Republicans lately. It's interesting that suddenly so many patriotic people on the Right are on a "blame America" tour. [Note: I'm not talking about you here, nimbius, I'm talking about the argument.]
This massive reversal of roles has me thinking that their outrage is less than genuine.
And yet, people on the Right are absolutely certain that sanctions work when it comes to Cuba, Iran, etc, and that Obama is unpatriotic for removing them. The hypocrisy all around is stunning.
Hey Obama and friends... (Score:1)
Did you borrow your foreign policy from the 80's?
DNC hacks - perks for the rich, perks for the poor, make the working class pay for it all.
This is why you lost the election.
Not that the incoming US President will... (Score:4, Insightful)
I bet the rest of the World can pause and find this amusing, since we Americans probably sought to influence more elections the last century than any nation... looking at you Central & South America.
I'm as bewildered as the next fellow as to how we ended up our newest Commander-in-Chief, but I also believe it's time he and the former administration started working together like big boys.
Re: (Score:2)
Well, it's easier to tip a working system between relatively equally matched candidates than it is an already rigged one.
talking about Russia but not Soros... (Score:3, Insightful)
An article talking about Russia trying to influence American politics, but not mentioning George Soros or foreign donations to the Clinton Foundation...
That is propaganda.
Summary of the "report" (Score:1)
Pages 1-3: overview of recent activities of some hacking groups
Page 4: list of these groups
Pages 5-12: suggested security measures (copied from "Cybersecurity for dummies"?)
Page 13: contacts
Again, no evidence of Russian involvement. Or anything that can be called a detailed analysis.
clintonemail.com - never "hacked" (Score:1)
Clinton Lost. (Score:2)
Full Stop. This was not "Trump Winning" or "Russia Hacking" it was the DNC being so completely out of touch with parts of the country they knew they would win than they still don't accept that they lost there. Michael Moore nailed it in 5 Reasons Trump Will Win [michaelmoore.com].
The whole election loss can come down to a few swing states. A few extra thousand voters one way or another in a state that is solid Red or Blue isn't what got Trump elected. (Just like Clinton getting massive numbers in California didn't win her the
A flimsy excuse for martial law (Score:2)
On Jan 19th, Obama says... Because we wuz hacked, the election results cannot be allowed to stand. And since Russia has shown that it can hack our elections, we can't trust any future American elections. Therefore I am suspending the electoral process, and proclaiming myself president-for-life