Did the Russians “hack” the election? A look at the established

>The FBI warned the DNC of a potential ongoing breach of their network in November of 2015. But the first hard evidence of an attack detected by a non-government agency was a spear-phishing campaign being tracked by Dell SecureWorks. That campaign began to target the DNC, the Clinton campaign, and others in the middle of March 2016, and it ran through mid-April.

>This campaign was linked to a "threat group" (designated variously as APT28, Sofacy, Strontium, Pawn Storm, and Fancy Bear) that had previously been tied to spear-phishing attacks on military, government, and non-governmental organizations.

>"[SecureWorks] researchers assess with moderate confidence that the group is operating from the Russian Federation and is gathering intelligence on behalf of the Russian government," the report from SecureWorks concluded.

>The DNC's information technology team first alerted party officials that there was a potential security problem in late March, but the DNC didn't bring in outside help until May. This is when CrowdStrike's incident response team was brought in. CrowdStrike identified two separate ongoing breaches, as detailed in a June 15, 2016 blog post by CrowdStrike CTO Dmitri Alperovitch. The findings were based both on malware samples found and a monitoring of the breach while it was in progress.

>One of those attacks, based on the malware and command and control traffic, was attributed to Fancy Bear. The malware deployed by Fancy Bear was a combination of an agent disguised as a Windows driver file (named twain_64.dll) in combination with a network tunneling tool that allowed remote control connections.
...

>The other breach, which may have been the breach hinted at by the FBI, was a long-running intrusion by a group previously identified as APT29, also known as The Dukes or Cozy Bear. Cozy Bear ran SeaDaddy (also known as SeaDuke, a backdoor developed in Python and compiled as a Windows executable) as well as a one-line Windows PowerShell command that exploited Microsoft's Windows Management Instrumentation (WMI) system. The exploit allowed attackers to persist in WMI's database and execute based on a schedule. Researchers at Fidelis who were given access to malware samples from the hack confirmed that attribution.

>In addition to targeting the DNC and the Clinton campaign's Google Apps accounts, the spear-phishing messages connected to the campaign discovered by SecureWorks also went after a number of personal Gmail accounts. It was later discovered that the campaign had compromised the Gmail accounts of Clinton campaign chair John Podesta, former Secretary of State Colin Powell, and a number of other individuals connected to the Clinton campaign and the White House. Many of those e-mails ended up on DC Leaks. The Wikileaks posting of the Podesta e-mails include an e-mail containing the link used to deliver the malware.

>After Crowdstrike and the DNC revealed the hacks and attributed them to Russian intelligence-connected groups, some of the files taken from the DNC were posted on a website by someone using the name Guccifer 2.0. While the individual claimed to be Romanian, documents in the initial dump from the DNC by Guccifer 2.0 were found to have been edited using a Russian-language version of Word and by someone using a computer named for Felix Dzerzhinsky, founder of the Soviet secret police. (The documents are linked in this article by Ars' Dan Goodin.)
...

>In addition to publishing on his or her own WordPress site, Guccifer used the DC Leaks site to provide an early look at new documents to The Smoking Gun using administrative access. The Smoking Gun contacted one of the victims of the breach and confirmed he had been targeted using the same spear-phishing attack used against Podesta.

>The DC Leaks site also contains a small number of e-mails from state Republican party operatives. Thus far, no national GOP e-mails have been released. (The New York Times reports that intelligence officials claim the Republican National Committee was also penetrated by attackers, but its e-mails were never published.)
Attribution and motive

>There are several factors used to attribute these hacks to someone working on behalf of Russian intelligence. In the case of Fancy Bear, attribution is based on details from a number of assessments by security researchers. These include:

>Focus of purpose. The methods and malware families used in these campaigns are specifically built for espionage.

>The targets. A list of previous targets of Fancy Bear malware include:

>Individuals in Russia and the former Soviet states who may be of intelligence interest
>Current and former members of NATO states' government and military
>Western defense contractors and suppliers
>Journalists and authors

>Fancy Bear malware was also used in the spear-phishing attack on the International Olympic Committee to gain access to the World Anti Doping Agency's systems. This allowed the group to discredit athletes after many Russian athletes were banned from this year's Summer Games.

>Long-term investment. The code in malware and tools is regularly and professionally updated and maintained—while maintaining a platform approach. The investment suggests an operation funded to provide long-term data espionage and information warfare capabilities.
...

>Language and location. Artifacts in the code indicate it was written by Russian speakers in the same time zone as Moscow and St. Petersburg, according to a FireEye report.

>These don't necessarily point to Fancy Bear being directly operated by Russian intelligence. Other information operations out of Russia (including the "troll factory" operated out of St. Petersburg to spread disinformation and intimidate people) have had tenuous connections to the government.

>Scott DePasquale and Michael Daly of the Atlantic Council suggested in an October Politico article that the DNC hack and other information operations surrounding the US presidential campaign may have been the work of "cyber mercenaries"—in essence, outsourcing outfits working as contractors for Russian intelligence. There is also an extremely remote possibility that all of this has been some sort of "false flag" operation by someone else with extremely deep pockets and a political agenda.

>WikiLeaks' Julian Assange has insisted that the Russian government is not the source of the Podesta and DNC e-mails. That may well be true, and it can still be true even if the Russian government had a hand in directing or funding the operation. But that is all speculation—the only way that the full scope of Russia's involvement in the hacking campaign and other aspects of the information campaign against Clinton (and for Trump) will be known is if the Obama administration publishes conclusive evidence in a form that can be independently analyzed.

Pretty in-depth analysis from Ars.

Reading it gives me flashbacks to the recent Russia occupation of Crimea, where early reports stated "this certainly looks like Russia is invading Crimea, but we don't know for sure!" while the Russian government's official stance was denial, and time eventually brought forth the truth that it was, in fact, a Russian military-backed occupation.

It'll be interesting if this story develops further, though I doubt it'll have any impact on Trump's inauguration. I was ready to believe any number of things would tank him, but he is truly "teflon" as the saying goes. Nothing sticks.

>>91341
>WikiLeaks' Julian Assange has insisted that the Russian government is not the source of the Podesta and DNC e-mails.
I don't understand how Assange would know. It isn't like the leaker came to visit him in the Ecuadorian embassy. Email headers aren't that hard to spoof. He should know that from his years being 'Mendax'.

Granted, it was Assange who chose to trickle out 50000+ Podesta emails 1000-2000 at a time over the course of a month for maximum bad optics. (making it look to stupid people like new hacks were happening every day). That alone shows which side he was on, for whatever reason I don't know considering people like Newt Gingrich stating he should be in jail being the reason why he's hiding from Swede rape charges in the embassy in the first place.

Why would Russia or any other govermant realise this hacks. This hacks are golden goose of information. they will know future plans before the plan is even executed? why to blow leed on that?

>>91346
Fuck outta here Sergei

>>91346
No 12 year old allowed on 4Chan

related:
http://www.nytimes.com/2016/12/13/us/politics/russia-hack-election-dnc.html

>When Special Agent Adrian Hawkins of the Federal Bureau of Investigation called the Democratic National Committee in September 2015 to pass along some troubling news about its computer network, he was transferred, naturally, to the help desk.

>His message was brief, if alarming. At least one computer system belonging to the D.N.C. had been compromised by hackers federal investigators had named “the Dukes,” a cyberespionage team linked to the Russian government.

>The F.B.I. knew it well: The bureau had spent the last few years trying to kick the Dukes out of the unclassified email systems of the White House, the State Department and even the Joint Chiefs of Staff, one of the government’s best-protected networks.

>Yared Tamene, the tech-support contractor at the D.N.C. who fielded the call, was no expert in cyberattacks. His first moves were to check Google for “the Dukes” and conduct a cursory search of the D.N.C. computer system logs to look for hints of such a cyberintrusion. By his own account, he did not look too hard even after Special Agent Hawkins called back repeatedly over the next several weeks — in part because he wasn’t certain the caller was a real F.B.I. agent and not an impostor.

>“I had no way of differentiating the call I just received from a prank call,” Mr. Tamene wrote in an internal memo, obtained by The New York Times, that detailed his contact with the F.B.I.

>It was the cryptic first sign of a cyberespionage and information-warfare campaign devised to disrupt the 2016 presidential election, the first such attempt by a foreign power in American history. What started as an information-gathering operation, intelligence officials believe, ultimately morphed into an effort to harm one candidate, Hillary Clinton, and tip the election to her opponent, Donald J. Trump.
...

>>91337
This puts us in a very precarious position. With the CIA alleging Russian hacking and interference in the election, if the upper level ODNI were to confirm it, Trump's refusal to act would make us look weak in comparison to Russia and would leave our allies questioning where his loyalties lie. Internally, there would be significant rift opened up between the presidency and the CIA who would feel betrayed by him and would become suspicious of his motives, especially with the Russian connections of his cabinet and campaign advisers.

The would be encouraged to covertly work against the president in the event he were to do something that plays to the Russians favor. We've already seen them act directly against the senate to protect the agency, by deleting files off Senate computers, in blatant view of the public :https://www.washingtonpost.com/world/national-security/feinstein-cia-searched-intelligence-committee-computers/2014/03/11/982cbc2c-a923-11e3-8599-ce7295b6851c_story.html?utm_term=.c437c2572835

I wouldn't entertain something like a coup, but a would anticipate a 'war behind the scenes' that will leave the nation less stable and more vulnerable to foreign attack.

>>91590
that isn't to say that they don't already feel betrayed and many former CIA officials have come out harshly against him.

>>91590
>but a would anticipate a 'war behind the scenes'
Rest assured that no matter what happens at the CIA, the DIA is on the case.

Also, these guys:
https://en.wikipedia.org/wiki/Twenty-Fourth_Air_Force

>>91604
Well, I don't mean counter ops by us cyber forces. I'm talking about the CIA acting on its own accord behind the scenes to jeopardize any attempt by the Trump administration to improve relations with Russia or do anything that might help Russia. Such actions would lead to a war behind the scenes between the White House and the CIA.

The conflict on the CIA side will likely involve extensive support from moderate liberals and republicans and obviously cross agency support, which would obviously be stymied by the White House and whoever Trump nominates for the head of the CIA, FBI, NSA, etc.

It could be a very bad situation and reminds me of the cold war and the red scare.

>>91607
liberals and republicans in the senate I mean

>>91337
Get the fuck outta /news/ with your clickbait

Wait, so Putin didn't hack the voting machines to sway the actual results, he just exposed the corruption and dirty dealings going on with the democrats? Why are people so buttmad then?

Shouldn't they be thanking Putin for having enough elite skills to expose corruption and inform Americans? Are Americans actually wanting a nuclear war because Putin phished the democrats and their emails proved they were a shitty corrupt party?

>>92201
Not the machines, the databases.

http://fortune.com/2016/10/01/hackers-targeted-election-systems/

>DHS Confirms Hackers Targeted Election Systems in 20 States

>A Homeland Security official has confirmed that hackers have targeted the voter registration systems of more than 20 states, the Associated Press reports. That disclosure puts hard numbers on a similar statement made earlier in the week by FBI Director James Comey.

>Comey stated that hackers were scanning voter database systems, “which is a preamble for potential intrusion activities,” and had attempted to gain access to some systems. Among states that have been targeted are Illinois and Arizona. In Illinois, hackers reportedly successfully downloaded information on as many as 200,000 voters.

>>92203
How does that impact the actual election results?

>>92209
Ask Mitch McConnell or these guys:
http://www.intelligence.senate.gov/
They were there for the classified CIA briefing.

>>92201

There's also a little bit of "they had dirt on both sides but chose to expose only one." Obviously not confirmed, but it's believed the Republican systems were at least probed by the same groups that broke into the Democratic systems. If Vlad really wanted to do America a favor, he would have aired all of the dirty laundry instead of being selective to create the ideal scenario for one party. The release rate of information was also specifically built to maximize damage.