Spy Chief: Foreign Hackers May Be Targeting Presidential Candidates (nbcnews.com) 91
An anonymous reader writes from a report via NBC News: Director of National Intelligence James Clapper warned Wednesday that foreign hackers may be targeting the campaigns of U.S. presidential candidates. The FBI and Homeland Security are working with the campaigns to tighten security and prevent cyber intruders from penetrating their defenses, said Clapper. "We have already had some indications of that, and a combination of DHS, FBI are doing what they can to educate both candidates of potential cyber threats," Clapper said, without specifying which candidates they were advising. "I anticipate as the campaigns intensify we will probably have more of it." A senior U.S. intelligence official told NBC News that they are "most worried about Trump, who has no experience with government computer systems or protocols." Foreign hacking against American political candidates is nothing new, Clapper said. Prior to the 2008 presidential election, Chinese cyber spies had targeted the presidential campaigns of then Sen. Obama and Sen. John McCain in order to read emails and policy papers. The hackers successfully compromised some emails, including private correspondence from McCain, NBC News reported. Also, both Obama's and GOP candidate Mitt Romney's campaigns were hit by Chinese cyber-attacks during the 2012 election. The Office of the DNI clarified Clapper's remarks tweeting: "We're aware that campaigns and related organizations and individuals are targeted by actors with a variety of motivations -- from philosophical differences to espionage -- and capabilities -- from defacements to intrusions. We defer to FBI for specific incidents."
Hoping... (Score:1)
Re: (Score:1, Funny)
Well, they replaced Trump's sites with insult-bots, but nobody knew the diff. AND his ratings went UP.
Re: Hoping... (Score:5, Funny)
Re: (Score:2, Troll)
Re: (Score:3)
And if everything fails, the evidence will just go 'poof'.
US Government Hackers worry me more (Score:2)
I'm really not worried about Chinese or Russian or Enemy-of-the-month-i-stani 1337 h4x0rs tracking what the US presidential campaigns are doing. I'm much more concerned about US government hackers monitoring who's involved with what political campaigns, and slightly concerned about campaigns and their totally-not-coordinated-with-the-campaign supporters' committees hacking each others' resources.
The biggest risk with foreign hackers isn't foreign governments tracking our political movements - it's foreign
Re: (Score:2)
It doesn't concern you that foreign hackers might learn information that could be used to blackmail a sitting president?
Sarah Palin's email was hacked in 2008 (Score:2)
This reminds me of how Sarah Palin's email was hacked by a US citizen back in 2008: https://en.wikipedia.org/wiki/... [wikipedia.org]
Re: (Score:2)
Yeah, this story reminded me of this other story:
https://politics.slashdot.org/... [slashdot.org]
and the fact that Hillary had the server wiped, which means that no one knows if the server was compromised and all that classified information that was on it was gathered by foreign actors.
Inconceivable! (Score:2)
Re: (Score:2)
This is news? (Score:5, Insightful)
Re: (Score:1)
Indeed. It would be news only if they were not attempting such. Ex: "Strange gap found in hacker target patterns."
Re: (Score:2)
Re: (Score:2)
Foreign hackers are targeting everything, everywhere. Of course they're targeting political figures.
Domestic hackers are targeting everything, everywhere too. So are domestic intelligence agencies. So yeah.
Re: (Score:2)
Inheriting $40-$200 million, and turning it into $4-$8.7 billion is being successful, I don't care if it matches the growth of the S&P, anyone who lives comfortably and still increases their net worth like that is successful.
In other news... (Score:2)
Re: (Score:2)
Re: (Score:2)
True. And, I'm well aware that my box might attacked at random, and no matter how careful I am it's always possible that somebody might get in. However, there's a vast difference between that and a professional data thief tracking down my public IP and making a concerted attempt to break in because they think there's something valuable for them to take. People who do that sort of thing don't go after random people like me, they go for high pr
Re: (Score:2)
Re: (Score:2)
my computers all run Linux and are about as secure as you can reasonably expect
Some what serious question but are they really? Likely there are additional measures that can be taken as I found out a long time ago. The base level of security expected in the industry I work in is that specified in the Center for Internet Security benchmarks [cisecurity.org] for what ever OS and large applications benchmarks are applicable. Anyone can go and view/download the benchmarks. These go well beyond patching, AV, firewall, and other simple standard protections that most are aware of. Even the windows protections
Yes and no. (Score:4, Informative)
However, I must admit that it's hard for me to imagine anybody specifically targeting me;
You in particular, as opposed to any other member of the human specie ?
Probably nobody is wasting the ressources, indeed.
(Though it's hard to be 100% sure).
On the other hand:
You, as in a member of a targeted group ?
(Say as:
- "an American who might be rich, so let's try to get as much personal data as possible, in order to try some identity theft/impersonation and see if we can empty their bank accounts"
- "a citizen, but there the 'one-in-a-million' chance that he might be an evil terrist, so let's siphon all on-line communication, to protect the interests of the gov^H^H^H democracy and freedom"
- "someone with a computer. maybe there's something of value stored on the computer, so let's encrypt everything and asks for bitcoin in exchange of the decryption key"
- "hey, there's a smartphone, syncing its photo database to the cloud! Let's try to break this and maybe we'll land on some pictures resellable to pornsites"
- "sniff, sniff,... do I smell badly protected credit card numbers in that database ?"
- "Hello dear Mr. Techno Vampire, I'm the son of the late King of Nigeria...."
- etc.)
You bet.
Happens probably way more time per day that you imagine.
Even if you don't have any classified information, you as an individual have several caracteristics which cause you to be lumped into the group targetted by various people in for the money.
Luckily for you not all of those semi-automated large-scale operation manage to succeed.
Unlucky for your those actually successful are most likely to go unnoticed - quickly swept under the rug - unless the target was a high profile (say: Sony's database got hacked yet again and millions of credicards numbers are up to grab on the darknet).
But yeah, you ARE definitely targetted, constantly. Just noboy sees you as a clear individual, more as a number on a long list of targets.
(Except maybe for the Nigerian Prince. This kind of scam tends to be a little bit more personal and targeted).
Re: (Score:2)
Exactly. And, unlike many people with far more to lose, my box is kept secure enough that it's probably not worth the bother of breaking into on the slight off-chance that there might be something valuable here.
Not custom, but... (Score:2)
my box is kept secure enough that it's probably not worth the bother of breaking into on the slight off-chance that there might be something valuable here.
It's not worth dedicating time of a pro hacker, to specifically find a way into your box, yes.
But it's worth every script kiddie's time to try generic attacks (like bugs of openssl that you haven't had the time to patch yet) against the target groups you appear in.
Again, you only are going to be a number on their list, not a concrete person, but they'll constantly deploy every trick in their sleeve to try to get at you (and at any other number on their target list against whom the trick-of-the-day happened
I know! (Score:2, Funny)
Re: (Score:1)
Hey, the regular State Dept. email server was a generic box, and was hacked. [reuters.com] We are comparing Pinto's to Yugo's here, not to Cadillacs.
Pundits keep implying she skipped "the good system". There was no good system for "regular" work emails.
Re: (Score:1)
She still broke the Law, doesn't matter if the "correct" way was bad as well. she also dodged Data retention laws, laws on handling of classified data and classified programs.... the list goes on.
H [Re:I know!] (Score:1)
Non-biased legal experts say the related laws are convoluted and murky. After all, how many law makers do you know who can write non-ambiguous and meaningful laws on technology? Bigfoot is probably more common.
Re:H [Re:I know!] (Score:5, Insightful)
Re: (Score:2)
Nobody has presented public evidence that ANY were clearly classified at the time she sent/received them.
Zilcho.
Re:H [Re:I know!] (Score:5, Insightful)
Nobody has presented public evidence that ANY were clearly classified at the time she sent/received them.
Zilcho.
Irrelevant, and false: Dozens of Clinton emails were classified from the start, U.S. rules suggest [reuters.com]
Plus, some things are "born classified" [investors.com]. They do not need "clear markings" to be classified, and she knew this.
Oh, and then there is the email in which she ordered someone to strip the classified markings from a document [wordpress.com]. Quote: "If they can't, turn into non paper w no identifying heading and send nonsecure." That's a smoking gun in my book. If you or I did that, we'd be in federal prison right now.
Re: (Score:1)
The first link says "suggests".
The second is in the editorial section of the e-mag.
The third she said was short-hand shop-talk asking to clean out the classified parts so it could be published. Whether that's true or not is premature to judge. The actual result of that cleaning has not been made public yet. If was cleaned up properly, then it's a non-issue.
Still NO smoking gun. You are seeing what you want to see.
Re: (Score:1)
It's true the rich can afford better lawyers to make law fuzz their buddy instead of a liability; that's not news.
As far as "clear and decisive message", Trump blatantly admitted to bribing, and Bernie is not likely to make it to the final round. Thus, it will be a runoff between two "players". Unicorns and rainbows won't be in the running.
On removing headers [Re:H [Re:I know!]] (Score:2)
Addendum: here's a link to H's side of the "headers removed" saga:
http://hotair.com/archives/201... [hotair.com]
Re: (Score:2)
Generally, but not always the evidence is presented during the trial and not beforehand as it tends to taint the prosecution. Some is presented during the indictment but not all. All that is going on now is straight up corruption, where the corporate chosen Dear Leader is being protected by the current corporate chosen Dear Leader, nothing more and nothing less. A corrupt US government on display to the world and other countries will expose information over time to exacerbate the visibility of that corrupt
Re: I know! (Score:3)
Re: (Score:3, Insightful)
The reason she did it was so that her official emails wouldn't be archived and subject to the FOIA. She did it for the most undemocratic and opaque reasons.
Campaigning for Hillary (Score:2)
So senior officials are talking about how worrying Trump's lack of experience is. Isn't this the administration favoring some candidates? Is this legal in the US?
Another thing I find disturbing/intriguing is that political parties are private entities. Are the FBI and DHS available to help other private entities worried about their security?
Only Trump? (Score:2, Insightful)
who has no experience with government computer systems or protocols
I seem to remember another candidate that seemingly has no experience with proper security protocol.
Fair transaction (Score:2)
Microsoft Homeland Security ® (Score:2)
"The Department of Homeland Security today appointed a senior Microsoft Corp. executive to head a section charged with protecting the federal government's computer networks from cyber attacks." ref [washingtonpost.com]
"Overall, we identified 1,085 instances of high-risk vulnerabilities on the MOE [Mission Operating Environment]" ref [dhs.gov]
Encryption bad!!! Uh, no wait, encryption good! ? (Score:4, Insightful)
So is Mr. Clapper now going to admit that SECURING WEBSITES and SECURING DATA is a good thing... and to do that we need encryption, or is he going to try to weasel out by somehow pretending you can secure these things but still give law enforcement and hackers access?
Sooner or later these Washington mouths need to realize that what comes out of one side of their mouth undermines what comes out the other.
Long live encryption.
Ehud Gavron
Tucson AZ
Re: (Score:2)
It is double plus good to have our information vulnerable and theirs secure. Their biggest take away from the Snowden mess isn't that they shouldn't have been doing illegal shit but that they need to better secure their illegal shit.
BWAHAHAHAHA (Score:4, Insightful)
" A senior U.S. intelligence official told NBC News that they are "most worried about Trump, who has no experience with government computer systems or protocols."
As opposed to Hillary's extensive experience of maintaining a secure platform to conduct official business ?
Technically, she had the experience and knowledge to conduct State Deparment business, she just chose to ignore it.
Of the two, I would be more concerned about Hillary who KNEW better, but elected to follow her own rules vs the established ones. ( There is a very good reason we handle classified info the way we do. )
Give it a rest already (Score:2)
For all of the alarm bells and billions spent I'll leave the totally feckless public outreach to do anything about it speak for itself.
They don't really care about helping U.S. based organizations not get owned they just care about scaring politicians into writing them bigger checks and passing more laws to retroactively make legal rummaging thru even more of everyone's shit.
Given the expertise of most politicians. . . (Score:2)
. . . I expect generic deploys of commodity platforms and low-bidder content.
So OF COURSE it's going to be hacked. And similarly, their people tend to be persuaded by the latest plastic fantastic gear, so they'll buy a "next-gen" firewall, fail to properly configure it, and then blame the firewall when they get hacked,
As for "foreign" hackers, with the plethora of botted boxes worldwide, J. Random Hacker could be sitting in Dubuque, Iowa, and the attack would look like it's coming from all over. . .
Great News for Hillary Clinton (Score:2)
She has lots of experience being hacked by foreign nationals.
Isn't turn-about fair play? (Score:1)