The Mueller report, the redacted version can be downloaded here, provides some insight on the cyber issues that allowed Russian actors to gain access to the Democratic National Committee, Hillary Clinton’s campaign and several state’s resources in an attempt to interfere with the 2016 election results.
Many of the facts were released previously, but the report does give more information on how they suspect the access was gained. The use of botnets is mentioned, but the context is heavily redacted and little information is available. The assumption is this information is still being used to investigate the details.
There is a great deal of discussion, however, on how the Russian agents did hack into the computers and networks. A Russia probe will be coming out in a matter of “weeks,” according to Attorney General William Barr. The main goal is to point out that the St. Petersburg based IRA’s ( Internet Research Agency) involvement in social media campaigns. The IRA spent a great deal of money posting ads on mediums like Facebook, to “sow discord in the U.S.”. The report claims, “first through a generalized program” and then a “targeted operation that by early 2016 favored candidate Trump and disparaged candidate Clinton.”
The report states, “the Russian government employed a second form of interference: cyber intrusions (hacking) and releases of hacked materials damaging to the Clinton campaign.” Unfortunately, the parts of the report which discuss the social media and hacking activities are mostly redacted. It did note, however, that mainstream media planted tweets by the IRA.
The hacking involved malware, spearphishing, and bitcoin mining. The spearphishing was used to gain access to the Clinton’s campaign chairman’s, John Podesta, email. This led to planting malware on the DNC (Democratic National Convention) computers. The actors targeted state boards of elections, secretaries of state, and election equipment vendors. As for the Trump campaign, information on hacked materials is heavily redacted.
Trump staffers were using encrypted messaging that did not retain data or communication records. This best practice is presented as impeding the Mueller team for verifying statements from witnesses.
The poor security used by the Clinton campaign, the DNC, and various states, including Illinois and Florida, is a disconcerting truth. That unsettled feeling is the realization that users are – and always will be – the weakest link in any security system. Hackers know this and therefore prey on unsuspecting users – most often being very high profile or connected to people that are. That is why techniques like spear phishing – the hack that was used against the DNC – is so effective. Unlike other techniques which require more of a shot-gun approach, spear phishing is very targeted. Although the hit rate might be lower, the rewards are much larger. In a successful spear phishing campaign, once usernames and passwords are captured – typically by phony websites, where victims will enter their credentials and unwittingly give hackers their usernames and passwords – the hackers use these credentials to gain access to email, social and other web-based sites.
“This is where our solution could have prevented this access” stated President of Cymatic Security Paul Storm. “Cymatic is able to reduce the risk from spear phishing and stop unwanted access to web-based applications by transparently adding an extra layer of security. Even if you get tricked and you go to some faked site and type in your password, it will be useless to the hacker.”
Cymatic also helps individuals become more aware of their security hygiene. Via Cymatic’s chatbot, users – in realtime – can be notified of the potential attack, stopping it before it takes place.
With the 2020 election just around the corner, serious steps and improvements in cyber security protection must be employed to prevent tampering and regain the trust of the American voters. Our elections should not have foreign actors manipulating outcomes and swaying public opinion.