Google Says Iranian, Chinese Hackers Targeted Trump, Biden Campaigns (techcrunch.com) 28
Google security researchers say they've identified efforts by at least two nation state-backed hackers against the Trump and Biden presidential campaigns. From a report: Shane Huntley, director for Google's Threat Analysis Group, said in a tweet that hackers backed by China and Iran recently targeted the campaigns using malicious phishing emails. But, Huntley said, there are "no signs of compromise" and that the campaigns were both alerted to the attempts.
Before the 2016 Hullabaloo (Score:2)
Re:Before the 2016 Hullabaloo (Score:4, Interesting)
Re: (Score:2)
For the 2016 stories, you can find a lot of them on the list here [sharylattkisson.com].
Re: (Score:3, Insightful)
It just seems so odd that we're making a big deal over something that we didn't seem to care about at all that has probably been happening since at least the 2008 election, it not before that.
Odd? Not at all. Information about Cambridge Analytic came out (I think their PR department did it to boost business.) and the Obama Administration was leaning heavily on Russia to stop their bullshit.
I think it is wonderful that we are hearing about how foreign powers are using social media to misinform us and divid
Re: (Score:2)
> probably been happening since at least the 2008 election, it not before that.
When the newly minted Constitution was awaiting ratification by the states, some of its advocates produced a series of written arguments for it that were published as The Federalist.
No. 68 in this series (usually attributed to the prolific Alexander Hamilton) said, "The desire [of] foreign powers to gain an improper ascendant in our counsels" was a source of corruption and "one of the most deadly adversaries of republican gove
Re: (Score:1)
What foreign powers. They are just bullshiting up a couple of attacks from servers in China, Iran, Russia, where ever the fuck. Does it mean that state did it, hell, the attack could have originated from across the street of those caimpagns, just routed to servers they rent in Russia, China and Iran. The bug lie Google is pedling, is very subtle, you Russians are morons, the Chinese are morons and the Iranians are morons, they are so fucking stupid, so absolutely dumb as fuck, they use IP address ranges fro
Re: (Score:2)
Its not difficult to look up stewardship of IP addresses..
Re:Seeking enlightenment folks... (Score:5, Informative)
Its not difficult to look up stewardship of IP addresses..
It's also not particularly difficult to tell approximately where they are by their activities. The people messing with the 2016 election had an activity profile consistent with people working 9:00-17:00 in a location east of Moscow and they observed Russian public holidays. That by it self doesn't prove anything conclusively but if you also have tracing, signals intercepts, human intelligence (it is safe to assume Google cooperated with the US three letter agencies on this particular case), meta data somebody forgot to strip off of some files, the fact that the toolkits being used had previously been used mostly to hack Ukrainian State and military targets in a way that benefitted nobody except the Russian military and that these toolkits had never surfaced in the commission of purely economically motivated crime, etc... etc... All that taken together made it pretty obvious who the perpetrators were back in 2016. On top of this I'm pretty sure the CIA/NSA did no make public a bunch of other identifiers they used. One other thing you can do, since they've probably raided the compromised system anyway and the damage has been done, is to just leave the system accessible as if you still don't know they are there. Then you feed the intruders some juicy data that is completely made up but that they have no way of verifying and watching for chatter. Sooner or later some Russian/Chinese/Iranian potato head politician or general will get careless on an un-encrypted connection and BINGO you have your culprit.
Re: (Score:2)
I'm not so sure it is quiet that easy to identify hackers by the their tools anymore given that NSA and CIA have both had their tools/code stolen over the past few years. So you really have no idea who is using those tools these days or modified versions of those tools.
Re: (Score:2)
Its not difficult to look up stewardship of IP addresses..
But it could still be 3-letter moles in those countries, no?
Re: (Score:2)
Re: (Score:2)
Re: Seeking enlightenment folks... (Score:2)
State actors are often demonstratively using such vast resources that it can only be a nation-state or mega corp. If you then find a nexus of network activity, history of activity, linguistic or cultural quirks, etc. that all point toward Iran, for example, then you kind of know.
Re: (Score:2)
Re: Seeking enlightenment folks... (Score:2)
My rule of thumb is if McAfee, Kaspersky, and ESET all agree, it's true.
Alternate headline: (Score:3, Funny)
When does this become war? (Score:3, Interesting)
So, when do we consider country back hackers an attack on another country? In the past, this has been mostly cloak and dagger type stuff, but now this can really impact a country's economy, in this case presidential elections, basic health, or just anything that is online. A hacker can do this from the comfort of their office or home and cause major damage.
It's more a food for thought. What happens if Iran hacked and dropped our power grid? Would that be enough to drop some actual bombs on their country, or have the government declare war?
This is only going to get worse...
Re: When does this become war? (Score:2)
Our grid is large and irregular. It would be really hard - almost unimaginable - for Iran to take down our whole grid.
On the other hand, we have likely already infiltrated every major piece of infrastructure in Iran. We would retaliate by taking out their whole nation's infrastructure.
If we're feeling particularly vengeful, we'd make sure their power plants (nuclear and otherwise) went out with a bang.
So if they interfere enough (Score:2)
Can we get a candidate we would actually want to vote for?
Re: (Score:2)
Can we get a candidate we would actually want to vote for?
In general, the intent is the opposite: to make sure that none of the candidates are ones you would want to vote for.
Re: (Score:2)
So either they have been working for quite a while now already or they're wasting their time, which is it?
the Olympics of information warfare. (Score:1)
Recall that Leak of NSA tools used to disguise? (Score:1)
attacks as coming from other countries?
No doubt they did (Score:2)
As did many other nation states. So did the script kiddies, the bored hackers, the hacktivists and so on. That's what they do. Anybody running for president is going to go through this. Every single election. Same thing for any other major political figure. You would have to completely naive to think otherwise. Any major politician is going to have this occur from any number of actors.
This kind of thing is much more common than people realize. This is not news, this is business as usual. It isn't even newsw
Pathetic (Score:2)
If they want to do effective hacking they need to copy the CIA. At least one of those countries mentioned is renowned for their expertise in copying. You'd think they'd do a better job. If it were true, of course.