点评详情
发布于:2018-2-10 02:33:11  访问:2 次 回复:0 篇
版主管理 | 推荐 | 删除 | 删除并扣分
Russia`s Hackers Took Only A Week To Pry Into Clinton Camp
WASHINGTON (AP) - Nineteen thousand lines of raw data associated with the theft of emails from Hillary Clinton campaign staffers show how the hackers managed the election-shaking operation.
Minute-by-minute logs gathered by the cybersecurity company Secureworks and recently shared with The Associated Press suggest it took the hackers just over a week of work to zero in forgot password on gmail and penetrate the personal Gmail account of campaign chairman John Podesta.
One outside expert who reviewed the data said it showed how even the well-defended Clinton campaign fell prey to phishing, a basic cyberespionage technique that uses bogus emails to harvest passwords.
FILE - In this Saturday, July 30, 2016 file photo, Democratic presidential candidate Hillary Clinton pauses while speaking at a rally in Pittsburgh during a bus tour through the rust belt. In 2016, after repeated attempts to break into various staffers` hillaryclinton.com email accounts, the hacking group known as Fancy Bear took a new tack, targeting top Clinton lieutenants at their personal Gmail addresses. (AP Photo/Andrew Harnik)
"They were the most security-aware campaign that I`m aware of," said Markus Jakobsson, the chief scientist at email security company Agari. "And yet this happened."
Hillaryclinton.com emails were locked down using two-factor authentication, a technique that uses a second passcode to keep accounts secure. Other measures included the automatic deletion of most messages after 30 days and phishing drills for staff. Security awareness even followed the campaigners into the bathroom, where someone put a picture of a toothbrush under the words: "You shouldn`t share your passwords either."
But hackers who began their break-in attempts on March 10, 2016, with random emails to obsolete hillaryclinton.com addresses quickly learned their way around the campaign`s address book, first targeting senior staffers at work before switching to their Gmail inboxes, some of which had not been protected with two-factor authentication.
On March 19 the hackers appear to have broken into Podesta`s personal inbox, setting the stage for weeks of embarrassing disclosures.
Overall, the AP documented well over 400 attempts to break into Clinton staffers and Democratic operatives between March and May of 2016 - an illustration of what Jakobsson said was a key principal behind most phishing attempts.
"If you try enough, sooner or later you`ll be lucky," he said.
___
WHO SENT THE PHISHING EMAILS?
The AP`s reporting has shown how the hackers who hit Podesta acted globally in close alignment with the Russian government`s interests - backing assessments made by U.S. intelligence agencies that Russian spies were responsible. Here`s a review of the evidence:
The hackers worked business hours, Moscow time
They created nearly all their links from 9 a.m. to 6 p.m., Moscow time, according to AP`s analysis of the data. They were busiest in the midday hours and took weekends off.
Russian rivals and global trouble spots dominate the targeted countries
At least 573 individuals or groups were targeted in the United States, which has been a focus of Russian spying since the Soviet era. Ukraine, where Russia is backing separatist rebels against the government in Kiev, came in second with 545 targets.
Other countries that were the focus of the operation were former Soviet state Georgia; Syria, where Russia has been backing the government in a bloody civil war; and Russia itself, where many government opponents were targeted. The AP has identified people in 116 countries whose accounts were targeted.
Weeks after the hack, a Trump adviser was told that emails were in Russian hands
In recently unsealed court documents, a former Trump campaign foreign policy adviser said he was told by a professor closely connected to the Russian government that the Kremlin had obtained thousands of emails with "dirt" about Clinton.
Experts who`ve examined the list say it`s Russia
"It doesn`t seem plausible that there is another country that would look to target the exact same set of people," said Secureworks senior security researcher Rafe Pilling.
___
This story has been corrected to show that the poster in the bathroom said "shouldn`t" not "wouldn`t."
This image shows a portion of a phishing email sent to a Hillary Clinton campaign official on March 19, 2016. An Associated Press investigation into the hackers who disrupted the 2016 U.S. presidential contest has found that they tried to compromise a far wider group of people than has previously been reported using malicious messages like this one. The investigation leaves little doubt that whoever masterminded the intrusions worked in close alignment with the Kremlin`s interests. The email address of the recipient has been redacted to protect their privacy. (AP Photo)
FILE - In this Wednesday, Nov. 9, 2016 file photo, John Podesta, Hillary Clinton campaign chairman, walks off the stage after announcing that Clinton will not be making an appearance at Jacob Javits Center in New York as the votes were still being counted. Data from the threat intelligence firm Secureworks shows a malicious link being generated by the hacking group Fancy Bear for Podesta on March 19, 2016 at 11:28 a.m. Moscow time; Documents subsequently published by WikiLeaks show that the rogue email arrived in his inbox six minutes later. The link was clicked twice. Podesta`s messages _ at least 50,000 of them _ were in the hackers` hands. (AP Photo/Matt Rourke)
This Friday, Sept. 29, 2017 photo shows the Kremlin in Moscow. The hackers who intervened in America`s 2016 presidential contest cast their net far wider than has previously been reported, The Associated Press has found. Data obtained from threat intelligence firm Secureworks provides the most explicit evidence yet that the hacking group known as Fancy Bear operates in close alignment with the Russian government`s interests. (AP Photo/Ivan Sekretarev)
A motorcycle is parked outside the THCServers.com company headquarters, outside Craiova, southern Romania, Wednesday, Oct. 4, 2017. This company based in a remote part of the eastern European country was used to register the website DCLeaks, which U.S. intelligence has accused of being a front for Russian spies. (AP Photo/Vadim Ghirda)
FILE - In this June 14, 2016 file photo, people stand outside the Democratic National Committee headquarters in Washington. Hackers tried to break into DNC inboxes in March 2016 and intensified their efforts in early April. (AP Photo/Paul Holston, File)
This image shows part of an archive capture from the Internet Archive`s "Wayback Machine" of the website DCLeaks.com on June 13, 2016. The Associated Press found powerful evidence of a direct link between Fancy Bear hackers and the interlocking leakers DCLeaks, WikiLeaks and Guccifer 2.0. All the Democrats whose private correspondence was published in the run-up to the 2016 U.S. election were targeted by Fancy Bear. (Wayback Machine/Internet Archive via AP)
共0篇回复 每页10篇 页次:1/1
共0篇回复 每页10篇 页次:1/1
我要回复
回复内容
验 证 码
看不清?更换一张
匿名发表 
当前位置
脚注信息
版权所有 Copyright(C)2016-2017 赣州玉肌微雕修疤堂 商客传媒 提供技术支持