Why are we learning this now? It is a dereliction of duty to advise the American electorate, campaign operators and all later political candidates, regardless of the kind of race. Further, should we be blaming Obama on this and did he invite the FBI to investigate? If so, the matters of phishing operations and Russia should have been a clarion call.
Further, why would Obama and Hillary even consider ‘resetting’ relations with Russia? Oh yeah……’cut it out Vladimir’..remember that?
Okay read on….the anger mounts.
Jeff Stein: Russian hackers targeted the 2008 Barack Obama campaign and U.S. government officials as far back as 2007 and have continued to attack them since they left their government jobs, according to a new report scheduled for release Friday.
The targets included several of the 2008 Obama campaign field managers, as well as the president’s closest White House aides and senior officials in the Defense, State and Energy Departments, the report says.
It names several officials by title, but not by name, including “several officials involved in Russian policy, including a U.S. ambassador to Russia,” according to a draft version of the report, authored by Area 1 Security, a Redwood City, California, company founded by former National Security Agency veterans.
“They’re still getting fresh attacks,” the company says.
The attacks on their email accounts have continued as the officials migrated to think tanks, universities and private industry, the company says. The favored weapon of the Russians and other hackers is the so-called “phishing” email, in which the recipient is invited to click on a innocent-looking link, which opens a door to the attackers.
China can’t be excluded as a perpetrator in those attacks, Area 1 Security’s report says, but its new data “show that Russia tried to hack several members of the Obama campaign and could have done so at the same time as someone that achieved massive data exfiltration.”
Blake Darché, a former NSA technical analyst who co-founded Area 1 Security, tells Newsweek that “state-sponsored Russian hackers have been targeting United States officials and politicians since at least 2007 through phishing attacks.” Russian hackers reportedly breached the Joint Chiefs of Staff email system in 2015.
The company says one of the Russian targets was a “deputy campaign manager” in the 2008 Obama campaign, but was otherwise unidentified in its report. There were a number of them over a period of time. One was Steve Hildebrand. Reached in Sioux Falls, South Dakota, where he now runs a specialty bakery and coffee shop, Hildebrand says he was “not aware” that he might have been a Russian target and didn’t remember being warned about cyberattacks of any kind during the campaign. Another senior 2008 campaign aide (and later White House National Security Council spokesman), Tommy Vietor, tells Newsweek he had “no knowledge” of Russian hacking at the time.
Besides top officials in the Energy, Defense and State departments, the Area 1 Security report cites a half-dozen positions in the Obama White House that were targeted from 2008 through 2016, including the president’s deputy assistant, special assistant, the special assistant to the political director, advance team leaders for first lady Michelle Obama, and the White House deputy counsel. None of them could immediately be reached for comment.
Among the State Department targets named by Area 1 Security were three top offices dealing with Russia and Europe. Evelyn Farkas, who served as the Obama administration’s deputy assistant secretary of defense for Russia/Ukraine/Eurasia from 2012 to 2015, says she could not discuss matters that remain classified, but says “the biggest impact” she remembered offhand was the Russian hack of the Joint Chiefs.
Among the three top, unnamed targets at the Energy Department was the director of the Office of Nuclear Threat Science, which is responsible for overseeing the U.S. Nuclear Counterterrorism Program.
The Area 1 Security report names the “Dukes,” also known as “Cozy Bear” and APT-29, for the Obama attacks, the same Russian actors named in the 2015 and 2016 hacking of the Democratic National Committee (DNC) and the State Department.
In an interview, Darché calls the Dukes a front for Russia’s “premier intelligence-gathering arm,” which would be the SVR, or External Intelligence Service, the Kremlin equivalent to the CIA, although he declined to specifically name it. As opposed to the DNC hacks launched to steal and publicize information damaging to the campaign of Hillary Clinton, he says, the Russian offensives that Area 1 Security uncovered were clandestine “intelligence gathering operations” designed to secretly penetrate a wide variety of institutions and industry.
Oren Falkowitz, a former analyst at the National Security Agency who co-founded Area 1 Security, says he launched the company to stop phishing attacks, which until then was thought to be impossible because so many employees continue to click on risky links in emails. The key to the company’s success was persuading clients to let it monitor its servers, he told The New York Times in a 2016 interview.
In Friday’s report, Area 1 Security says it uses a “vast active sensor network” to detect and trace phishing attacks. It says it could imagine the Dukes “operating a giant spreadsheet where new targets are added, but never leave.” It “moves quickly, compromising a server or service to send out phishing emails from it, and then leaves, never returning to check for bounced email messages to cull from its list.”
Most ex-officials don’t realize they are carrying “the blemish of being a Russian target into their new workplace,” the Area 1 Security report says. As a result, “they give the Dukes beachheads in companies and organizations they never even planned on or imagined hacking,” such as Washington think tanks, defense contractors, lobbyist offices, financial institutions and pharmaceutical companies stocked with high ranking former political, military and intelligence officials.
Russia is “notoriously persistent in pursuing targets,” the report says. “It’s a lesson on why every organization needs great security.”
FireEye CEO Kevin Mandia said Thursday that strengthening U.S. cybersecurity defenses begins with protecting the country’s own systems first, and he is hopeful the Trump administration will implement a strategy to defend from cyber threats, during an interview on FOX Business’ “Countdown to the Closing Bell.”
“You gotta protect critical infrastructure and under times of duress, you have to be able to have shields up as a nation, and I think this order is going to move toward that,” he said, referring to the executive order President Trump signed Thursday, aimed at strengthening the America’s infrastructure to help prevent cyberattacks.
Cyber hacking has been in the forefront of an FBI investigation over Russia’s alleged involvement in the 2016 presidential election. Mandia said he believes acting FBI Director Andrew McCabe will continue the investigation into these claims.
“When you awake the sleeping giant, they get the job done and I think the FBI, whenever they apply the resources at their disposal and their capability, they can get the job done as they see fit,” he said.
Mandia believes the Russians are at work in election hacking and thinks it will continue to happen.
“The tool in every emerging nation’s tool box now [is] a cyber component,” he said.
The FireEye CEO added that the risks from cyberattacks can’t be eliminated because persistent hackers are exploiting human trust and not exploiting systems.