7/27/2016, "Democrats Ignored Cybersecurity Warnings Before Theft," Bloomberg, Michael Riley
"The Democratic National Committee was warned last fall that its computer network was susceptible to attacks but didn’t follow the security advice it was given, according to three people familiar with the matter.
The missed opportunity is another blow to party officials already embarrassed by the theft and public disclosure of e-mails that have disrupted their presidential nominating convention in Philadelphia and led their chairwoman to resign.
Computer security consultants hired by the DNC made dozens of recommendations after a two-month review, the people said. Following the advice, which would typically include having specialists hunt for intruders on the network, might have alerted party officials that hackers had been lurking in their network for weeks -- hackers who would stay for nearly a year.
Instead, officials didn’t discover the breach until April (2016). The theft ultimately led to the release of almost 20,000 internal e-mails through WikiLeaks last week on the eve of the convention.
The e-mails have devastated party leaders. Representative Debbie Wasserman Schultz, the DNC chairwoman, has agreed to resign at the end of this week’s convention. She was booed off the stage on opening day after the leaked e-mails showed that party officials tried to undermine the presidential campaign of Senator Bernie Sanders in favor of Hillary Clinton, who was formally nominated on Tuesday evening. Party officials are supposed to remain neutral on presidential nominations.
The Federal Bureau of Investigation is examining the attack, which law enforcement officials and private security experts say may be linked to the Russian government. President Barack Obama suggested on Tuesday that Russia might be trying to interfere with the presidential race. Russian officials deny any involvement in the hacking and say they’re not trying to influence the election.
Donald Trump, the Republican presidential nominee, said Wednesday that he didn’t think Russia was behind the attack. But he also said he hoped the Russians would get their hands on e-mails that [Hillary] Clinton exchanged using a private server while she was secretary of state, to expose any e-mails she might have deleted."...
[Ed. note: This is an article about the DNC and its actionable negligence which in any case doesn't answer the question of who gave the emails to Wikileaks. The author chooses to insert a Donald Trump/Russia quote irrelevant to the article's topic of DNC negligence. The author gently introduces the separate topic of Hillary's negligence when she was Sec. of State, and the 30,000 emails missing from her server. Gently, because the Bloomberg author fails to mention the number 30,000--not an easy number to miss, describing them as "e-mails that (Hillary) Clinton exchanged." "Exchanged?" If the author is trying to soft pedal or hide something, no need. There were never going to be consequences for the Deep State's candidate. Trump's full quote per NBC News, 7/27/16, while at his Doral Resort in Florida speaking from the podium:
"Russia, if you're listening, I hope you're able to find the 30,000 emails that are missing. I think you will probably be rewarded mightily by our press."
Trump's reference, "you will probably be rewarded mightily by our press" was particularly relevant at that time--late July 2016--because the media was in a frenzy pressuring officials to let them run with the narrative that Russia could be blamed for the DNC's embarrassment:
7/29/16, "Aspen Security Forum: Nothing definitive on Russia’s role in DNC hacking," Aspen Times, Rick Carroll
“Very, very little,” responded Elissa Slotkin, acting U.S. assistant secretary of defense for International Security Affairs.
“I know it is the topic de jour and I’m going to start off
So I’m not going to be able to get into specifics."...]
(continuing, Bloomberg): "The consultants briefed senior DNC leaders on the security problems they found, the people familiar with the matter said. It’s unclear whether Wasserman Schultz was present. Now, she is likely to face criticism over not only the content of the e-mails -- including one in which a party official proposes pushing stories in the news media questioning Sanders’s Jewish faith -- but also the failure to take steps to stop the theft in the first place.
“Shame on them. It looks like they just did the review to check a box but didn’t do anything with it,” said Ann Barron-DiCamillo, who was director of US-Cert, the primary agency protecting U.S. government networks, until last February. “If they had acted last fall, instead of those thousands of e-mails exposed it might have been much less.”
The assessment by Good Harbor Security Risk Management, headed by the former Clinton and Bush administration official Richard Clarke, occurred over two months beginning in September 2015, the people said. It included interviews with key staff members and a detailed review of the security measures in place on the organization’s network, they said.
Security Flaws
The review found problems ranging from an out-of-date firewall to a lack of advanced malware detection technology on individual computers, according to two of the people familiar with the matter.The firm recommended taking special precautions to protect any financial information related to donors and internal communications including e-mails, these people said.
The DNC paid $60,000 for the assessment, according to federal filings.
Mark Paustenbach, a spokesman for the DNC, declined to comment on the Good Harbor report. Emilian Papadopoulos, president of Washington-based Good Harbor, said he couldn’t comment on work done for a specific client.
Missed Warnings
The security review commissioned by the DNC was perhaps the most detailed of a series of missed warnings. Officials at both the Republican National Committee and the DNC received government briefings on espionage and hacking threats beginning last year, and then received a more specific briefing this spring, according to another person familiar with the matter.
Cyber-security assessments can be a mixed blessing. Legal experts say some general counsels advise organizations against doing such assessments if they don’t have the ability to quickly fix any problems the auditors find, because customers and shareholders could have cause to sue if an organization knowingly disregards such warnings.
Papadopoulos said a risk analysis by his firm is designed to “help an organization’s senior leadership answer the questions, ‘What are our unique and most significant cyber security risks, how are we doing managing them, and what should we improve?’”
The firm typically recommends that clients conduct a so-called breach assessment to determine whether hackers are already lurking in the network, Papadopoulos said. He wouldn’t confirm whether such a recommendation was among those delivered to the DNC.
“We give recommendations on governance, policies, technologies and crisis management,” he said. “For organizations that have not had a compromise assessment done, that is one of the things we often recommend.”
It isn’t certain a breach assessment would have spotted the hackers, according to Barron-DiCamillo, but it would have increased the chances. “"Why spend the money to have Good Harbor come in and do the recommendations and then not act on them?,” she asked."
================
Added: Highly anticipated 12/29/2016 US report supposedly "proving" Russia gave DNC emails to WikiLeaks fails to even mention Wikileaks. The report opens with a disclaimer that its accuracy isn't ensured:
The 12/29/2016 report the Department of Homeland Security and FBI released opens with a disclaimer that it provides no assurances that its information is accurate...."It doesn’t mention Wikileaks…not even once. In other words, the report does not allege that the Russians gave any Democratic Party or Podesta emails to Wikileaks."
................................
Per July 29, 2016 Aspen Times report on the Aspen Security Forum:
US government officials knew they'd be pressed by frenzied media about whether Russia could be blamed for the release of Democratic National Committee emails. It was “the issue on everybody’s mind,"..."the topic de jour,"..."What can you tell us"...“Very, very little,” responded Elissa Slotkin, acting U.S. assistant secretary of defense for International Security Affairs. “I know it is the topic de jour and I’m going to start off
7/29/16, "Aspen Security Forum: Nothing definitive on Russia’s role in DNC hacking," Aspen Times, Rick Carroll
"High-ranking officials at the Aspen Security Forum on Thursday shied away from saying Russia was behind the hack of Democratic National Committee emails.
“I don’t think we are quite ready yet to make a call on attribution,” James Clapper, director of National Intelligence, told Jim Sciutto, chief national security correspondent for CNN. “I mean, we all know there’s just a few usual suspects out there, but in terms of the process that we try to stick to, I don’t think we’re ready to make a public call on that.”
Journalists who moderated several discussions tried, with little success, to unearth new information from security pundits.
[Time correspondent:] “We are told that the federal government believes with a high degree of confidence that Russia is behind the theft of emails from the Democratic National Committee that were subsequently released by Wikileaks, causing disarray at the first day of the Democratic National Convention and forcing the resignation of the DNC’s leader, Debbie Wasserman Schultz,” said Massimo Calabresi, deputy Washington bureau chief and senior correspondent for Time magazine. “What can you tell us about the U.S. government’s assessment of the theft of those emails and Russia’s possible role in it?”
“Very, very little,” responded Elissa Slotkin, acting U.S. assistant secretary of defense for International Security Affairs. “I know it is the topic de jour and I’m going to start off disappointing the crowd.… So I’m not going to be able to get into specifics. The FBI is handling it. That’s their job.”...
At another discussion, Evan Perez, justice correspondent for CNN, got right to the point
and asked John Carlin, assistant attorney general for national Security, about “the issue on everybody’s mind — the hack into the DNC.”
Carlin very gamely but effectively ducked the issue. He said the U.S. government has identified Iran, North Korea, China and Russia as countries that undertake hacking.
Just like with terrorist attacks, prevention is success in cyber attacks. When prevention isn’t possible, one of the tools the government uses is identifying the country once evidence points to hacking.
“Some would call it name and shame, and that’s part of it,” he said.
He noted that the U.S. government named North Korea as an “involved” party within 28 days of the Sony Pictures hack in late 2014. The hacking group demanded that the studio pull the movie “The Interview,” a comedy about a plot to assassinate North Korean leader Kim Jung-un.
“We treated it as a national security event,” Carlin said. A foreign nation was attacking American’s liberties, such as freedom of speech, he said. North Korea denies responsibility.
Russia has never been targeted by the U.S. in a name-and-shame, but it shouldn’t be assumed that will never be the case, Carlin said.
Another panelist in the discussion, Vinny Sica, vice president of defense and intelligence space ground solutions for Lockheed Martin, said he realized (CNN's Evan) Perez was looking for a smoking gun in the DNC hacking. There has to be definitive evidence, he said.
“The bottom line is nothing should be assumed as safe," Sica said.
Put on by the Aspen Institute, the Security Forum runs through Sunday."
----------------------
Added:
Also in late July 2016, a report that Hillary campaign turned down March 2016 FBI assistance on cyber security:
7/28/16, "FBI warned Clinton campaign last spring of cyberattack," Michael Isikoff, Yahoo News
.....................
Added:
NASA's most secure files were hacked at least 13 times in 2011 alone. NASA computers weren't encrypted.
.............
No comments:
Post a Comment