We all knew that the Democratic Party where under siege during the Election 2016. That can be known by the DC Leaks, WikiLeaks and Guccifer2.0. Then you have FancyBears who dropped knowledge on athletes who we’re allowed to use questionable substances while still being allowed to be competing in world cups and at the Olympics.
President Obama Executive Order of 29.12.2016:
““Section 1. (a) All property and interests in property that are in the United States, that hereafter come within the United States, or that are or hereafter come within the possession or control of any United States person of the following persons are blocked and may not be transferred, paid, exported, withdrawn, or otherwise dealt in: (i) the persons listed in the Annex to this order; (ii) any person determined by the Secretary of the Treasury, in consultation with the Attorney General and the Secretary of State, to be responsible for or complicit in, or to have engaged in, directly or indirectly, cyber-enabled activities originating from, or directed by persons located, in whole or in substantial part, outside the United States that are reasonably likely to result in, or have materially contributed to, a significant threat to the national security, foreign policy, or economic health or financial stability of the United States and that have the purpose or effect of: (A) harming, or otherwise significantly compromising the provision of services by, a computer or network of computers that support one or more entities in a critical infrastructure sector” (Obama, 2016).
We couldn’t know who all dropped knowledge and documents about Hillary Clinton and the Democratic National Party. Even if there we’re indications we couldn’t’ directly know who was behind the documents. That were on the pages that I have mentioned. Me myself has downloaded the hacked document and read through a bunch of e-mails released on WikiLeaks. It had to come from somewhere and somebody else had to hack or to do some whistleblowing this information. So that the public and me could collect and analyse the intelligence that the DNC themselves wanted to keep inside their own chambers.
We could now see how a major American party did their practices of fundraising and party works in general towards an election. Like we have never seen how a campaign manager has worked and travelled, how they have gotten fundraising for a bigger political foundation as the Clinton Foundation as now. That is because of the release of e-mails and documents on a scale we haven’t seen. Before those documents has landed in one pile at one journalist or one paper and they have released piece by piece or a cover story. The WikiLeaks drop of the DNC E-Mails of Podesta was not only interesting, but revealing how the internal works of the Democratic Party works.
Therefore the release of FBI, NCCIC and Department of Homeland Security documents shows how they did this and what technic they used to get into the DNC party or WADA to take out the documents that we’re released during the 2016. This shows the power in going into other people’s and organizations computers and computer systems to gain intelligence… That cannot be spared in the conversation as the knowledge of the DNC and other organization that has intelligence that the public could have interest of knowing.
Let’s take a brief look at what the State Security Organizations said now in December and before that in October on the matter!
“State Actors:
Most capable, active, and dangerous cyber adversaries
Advanced tradecraft and technical expertise
Indigenously developed exploitation tools
Well resourced
Social engineering (spear phishing), extensive research and target profiling, DDoSattacks” (U.S. Department of Homeland Security, P: 3, 2016).
“This document provides technical details regarding the tools and infrastructure used by the Russian civilian and military intelligence Services (RIS) to compromise and exploit networks and endpoints associated with the U.S. election, as well as a range of U.S. Government, political, and private sector entities. The U.S. Government is referring to this malicious cyber activity by RIS as GRIZZLY STEPPE” (…) “This activity by RIS is part of an ongoing campaign of cyber-enabled operations directed at the U.S. government and its citizens. These cyber operations have included spearphishing campaigns targeting government organizations, critical infrastructure entities, think tanks, universities, political organizations, and corporations leading to the theft of information. In foreign countries, RIS actors conducted damaging and/or disruptive cyber-attacks, including attacks on critical infrastructure networks. In some cases, RIS actors masqueraded as third parties, hiding behind false online personas designed to cause the victim to misattribute the source of the attack. This JAR provides technical indicators related to many of these operations, recommended mitigations, suggested actions to take in response to the indicators provided, and information on how to report such incidents to the U.S. Government” (TLP White, P: 1, 2016).
Spearfishing a Political Party:
“Once APT28 and APT29 have access to victims, both groups exfiltrate and analyze information to gain intelligence value. These groups use this information to craft highly targeted spearphishing campaigns. These actors set up operational infrastructure to obfuscate their source infrastructure, host domains and malware for targeting organizations, establish command and control nodes, and harvest credentials and other valuable information from their targets. In summer 2015, an APT29 spearphishing campaign directed emails containing a malicious link to over 1,000 recipients, including multiple U.S. Government victims. APT29 used legitimate domains, to include domains associated with U.S. organizations and educational institutions, to host malware and send spearphishing emails. In the course of that campaign, APT29 successfully compromised a U.S. political party. At least one targeted individual activated links to malware hosted on operational infrastructure of opened attachments containing malware. APT29 delivered malware to the political party’s systems, established persistence, escalated privileges, enumerated active directory accounts, and exfiltrated email from several accounts through encrypted connections back through operational infrastructure” (TLP White, P: 2-3, 2016).
“Phishing and Spearphishing
- Implement a Sender Policy Framework (SPF) record for your organization’s Domain Name System (DNS) zone file to minimize risks relating to the receipt of spoofed messages.
- Educate users to be suspicious of unsolicited phone calls, social media interactions, or email messages from individuals asking about employees or other internal information. If an unknown individual claims to be from a legitimate organization, try to verify his or her identity directly with the company.
- Do not provide personal information or information about your organization, including its structure or networks, unless you are certain of a person’s authority to have the information.
- Do not reveal personal or financial information in social media or email, and do not respond to solicitations for this information. This includes following links sent in email.
- Pay attention to the URL of a website. Malicious websites may look identical to a legitimate site, but the URL often includes a variation in spelling or a different domain than the valid website (e.g., .com vs. .net).
- If you are unsure whether an email request is legitimate, try to verify it by contacting the company directly. Do not use contact information provided on a website connected to the request; instead, check previous statements for contact information. Information about known phishing attacks is also available online from groups such as the Anti-Phishing Working Group (http://www.antiphishing.org).
- Take advantage of anti-phishing features offered by your email client and web browser.
- Patch all systems for critical vulnerabilities, prioritizing timely patching of software that processes Internet data, such as web browsers, browser plugins, and document readers” (TLP White, P: 13, 2016).
With this all in mind, we can see that the Russians allegedly interfered with one specific technic to gain intelligence from their American counterparts in this perspective the U.S. Democratic National Party. The DNC and their Presidential Candidate Hillary Clinton; so their effort to install and get a more Russian friendly candidate could be effective with release of certain details of her conducts and her history… that no other candidate has ever gotten more scrutiny as Clinton ever done.
We can surely remember the massive overload of e-mails, documents and also internal memo’s that could boggle political interested minds while Trump where harsh critic and also a right-wing migration biased uprising who couldn’t care less about his own moral defects, while addressing Clinton like the worst politician ever. That can be shown in history. These hacks and release of documents we’re surely important when considering how voters could be swayed away from voting the Democratic Party and their Candidate.
They did in the report site very many different hackers who even I know them and know about their works, without knowing their sources or methods of work. I only know of their pages where they drop the documentation and E-Mails, which showed internal facts I could only wish to see in the past. That I couldn’t have made articles and quick-journalism like pieces without! These hackers and these drops of intelligence we’re vital for me to know more about the DNC and Hillary Clinton. Trump told all his lies and deception in public. Clinton kept it cool, while the droppings of documents, memos and e-mails put it all online. She couldn’t hide the facts or the ways of her party since it was all out there!
I have never seen something similar and if it was done by the method told in the report, than the men or woman behind the hack is sophisticated and also smart. They knew how to get the users to lure their Intel and get it into their own servers. This by any means is a quick theft of sensitive information, which weakens the DNC and Clinton in the public eye. The Public Eye and public perception is vital to ever win an election. Peace.
Reference:
U.S. Department of Homeland Security – ‘Cyber Threats to the Homeland’ (October 2016)
NCCIC & FBI ‘TLP White’ – ‘GRIZZLY STEPPE – Russian Malicious Cyber Activity’ (29.12.2016)
Obama, Barrack – Executive Order – ‘TAKING ADDITIONAL STEPS TO ADDRESS THE NATIONAL EMERGENCY WITH RESPECT TO SIGNIFICANT MALICIOUS CYBER-ENABLED ACTIVITIES’ (29.12.2016)
MinBane 