Threat Intelligence, Threat Management

Clinton indicates hackers tied Russian intel

Amid speculation that Russia might be trying to influence the U.S. presidential election and shortly after a data analytics program used by the Clinton campaign was hacked, Democratic presidential nominee Hillary Clinton suggested that Russian intelligence was indeed behind a series of attacks and potentially in favor of her Republican rival, Donald Trump.

“We know that Russian intelligence service hacked into the DNC and we know that they arranged for a lot of those emails to be released and we know that Donald Trump has shown a very troubling willingness to back up [Russian President] Putin, to support Putin,” Clinton told “Fox News Sunday.”

Even as evidence mounts from investigations by information security firms, Russia has rebuffed the claims that it is involved in the hacks and subsequent release of Democratic National Committee (DNC) emails to WikiLeaks.

But Clinton told Fox that she believes “laying out the facts raises serious issues about Russian interference in our elections, in our democracy.” 

A CrowdStrike forensics investigation of a pair intrusions at the DNC pinned the hacks on the Russian APT groups Cozy Bear and Fancy Bear, known to be connected to Russian intelligence, company Co-founder and CTO Dimitri Alperovitch wrote in a June blog post .

And despite the emergence of a “hacker” self-named Guccifer 2.0 who claimed credit for the hacks and leaking emails to WikiLeaks, a digital trail traced by the ThreatConnect Research Team led to an Elite VPN service based in Russia being used to pass documents to the media and to the conclusion that Guccifer 2.0 is a persona for propagandists or public relations workers with ties to Russia. 

Likewise, a probe into a breach of Democratic Congressional Campaign Committee (DCCC) uncovered a fake website whose name closely mirrored that of a donation site affiliated with the DCCC, which is housed in the same office as the DNC, was registered and campaign donations were funneled to it.

The IP address for that site was similar to one used by one of the Russian hacking groups believed to be behind the DNC intrusions, the report cited sources as saying. 

Trump's loud praise of Putin has done little to quell speculation that the GOP nominee might indicate more favorable U.S. policies toward Russia and that somehow the hacks are intended to sway the election in his favor.

"For Trump to both encourage that and to praise Putin despite what appears to be a deliberate effort to try to affect the election I think raises national security issues,” Clinton said in the Fox interview.

The FBI clearly agrees and has launched its own investigation into the hacks.

Trump Campaign Manager Paul Manafort, who has ties to Victor Yanukovich, the Ukraine's pro-Putin former prime minister, denied to NBC News that the campaign had anything to do with removing language from the GOP platformed that called for arming Ukraine against Russian aggression,.as the Los Angeles Times had reported

And Trump, too, was quoted by NBC as saying of the removal of language that would arm Ukraine against Russin aggression, “I was not involved in that. I'd like to – I'd have to take a look at it. But I was not involved in that.”

The string of hacks pointed to large-scope issues and challenges, security pros said.

“Whether intentionally or not, these attackers are interfering in the presidential election,” Tim Erlin, Senior Director of IT Security and Risk Strategy for Tripwire, said in comments emailed to SCMagazine.com. “It can be difficult to accurately attribute cyber attacks to a specific group or country, and determining that multiple attacks came from the same attacker is doubly challenging.”

With much of the focus on the “embarrassment factor resulting from these hacks” overlooked “is a much more serious concern here - the invasion of privacy and massive exposure of the sensitive personal information of a large percentage of Americans,” Adam Levin, Chairman and Founder of IDT911 and author of "Swiped" said in comments emailed to SCMagazine.com. “The Clinton campaign possess extremely granular data on millions upon millions of citizens including their personal identifiers. Obviously they lack the necessary IT security to protect it.”

The same is likely true “with the Trump and pretty much every other campaign,” he said. “The fruits of these hacks can, and most likely will, be used for far more than just to score political points. It could be used to subvert an election. And, once it's value for political purposes is exhausted, it can also cause additional damage to Americans' lives when the information is sold on the black market to identity thieves."

After the scrutiny given Clinton's use of a private email server, her team likely had taken “additional security measures to protect conrfidential information,” Michael Patterson, CEO, Plixer noted in emailed comments to SCMagazine.com. “Clearly it wasn't enough.”

That's a wake-up call for all organizations and companies in both the private and public sectors. “We all need to remember that anything and everything that is connected to the Internet can be hacked,” Patterson said. “Some information just doesn't belong on the Internet.”

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.