Ride the Lightning

Russian Government Hackers Breach Democratic National Committee Network

June 15, 2016

The Washington Post reported yesterday that Russian government hackers had penetrated the network of the Democratic National Committee and gained access to the entire database of opposition research on GOP presidential candidate Donald Trump.

The intruders so thoroughly compromised the DNC's system they also were able to read all e-mail and chat traffic, said DNC officials and security experts brought in to investigate the breach.

A Russian Embassy spokesman said he had no knowledge of such intrusions. Reminds me of a scene from "The Hunt for Red October."

Some of the hackers had access to the DNC network for about a year, but all were expelled over the past weekend in a major computer clean-up campaign, the committee officials and experts said.

The DNC said that no financial, donor or personal information appears to have been accessed or taken, suggesting that the breach was traditional espionage, not the work of criminal hackers.

It appears that Russia is very interested in understanding Trump. As he is new on the political scene, foreign governments have undoubtedly been working overtime to catch up on their intelligence gathering to understand what sort of leader Trump might be.

"It's the job of every foreign intelligence service to collect intelligence against their adversaries," said Shawn Henry, president of CrowdStrike, the cyber firm called in to handle the DNC breach and a former head of the FBI's cyber division. He noted that it is extremely difficult for a civilian organization to protect itself from a skilled and determined state such as Russia.

DNC leaders were tipped to the hack in late April. Chief executive officer Amy Dacey got a call from her operations chief saying that their information technology team had noticed some unusual network activity. Never a call you want to get, but the DNC acted quickly.

CrowdStrike is not sure how the hackers got in. The firm suspects they may have targeted DNC employees with "spearphishing" e-mails but the firm said it had no hard evidence.

In the DNC's case, the hackers constantly switched tactics to maintain a stealthy presence inside the network and used built-in Windows tools so that they didn't have to resort to malicious code that might trigger alerts.

The fun part, of course, will be seeing what data might be released on the DNC's research. To put it mildly, Trump has a colorful past.

E-mail: Phone: 703-359-0700
Digital Forensics/Information Security/Information Technology
http://www.senseient.com
http://twitter.com/sharonnelsonesq
www.linkedin.com/in/sharondnelson