Hack­ers ap­par­ently fooled Clin­ton of­fi­cial with bo­gus email

Kuwait Times - - TECHNOLOGY -

New ev­i­dence ap­pears to show how hack­ers ear­lier this year stole more than 50,000 emails of Hil­lary Clin­ton’s cam­paign chair­man, an au­da­cious elec­tronic at­tack blamed on Rus­sia’s govern­ment and one that has re­sulted in em­bar­rass­ing po­lit­i­cal dis­clo­sures about Democrats in the fi­nal weeks be­fore the US pres­i­den­tial elec­tion.

The hack­ers sent John Podesta an of­fi­cial­look­ing email on Satur­day, March 19, that ap­peared to come from Google. It warned that some­one in Ukraine had ob­tained Podesta’s per­sonal Gmail pass­word and tried un­suc­cess­fully to log in, and it di­rected him to a web­site where he should “change your pass­word im­me­di­ately.”

Podesta’s chief of staff, Sara Latham, for­warded the email to the op­er­a­tions help desk of Clin­ton’s cam­paign, where staffer Charles Dela­van in Brook­lyn, New York, wrote back 25 min­utes later: “This is a le­git­i­mate email. John needs to change his pass­word im­me­di­ately.”

But the email was not au­then­tic. The link to the web­site where Podesta was en­cour­aged to change his Gmail pass­word ac­tu­ally di­rected him in­stead to a com­puter in the Nether­lands with a web ad­dress as­so­ci­ated with Toke­lau, a ter­ri­tory of New Zealand lo­cated in the South Pa­cific. The hack­ers care­fully dis­guised the link us­ing a ser­vice that short­ens lengthy on­line ad­dresses. But even for any­one check­ing more dili­gently, the ad­dress - “google.com-se­cu­ri­ty­set­ting­page” - was crafted to ap­pear genuine.

In the email, the hack­ers even pro­vided an in­ter­net ad­dress of the pur­ported Ukrainian hacker that ac­tu­ally traced to a mo­bile com­mu­ni­ca­tions provider in Ukraine. It was also no­table that the hack­ers struck Podesta on a week­end morn­ing, when or­ga­ni­za­tions typ­i­cally have fewer re­sources to in­ves­ti­gate and re­spond to re­ports of such prob­lems. Dela­van, the cam­paign help-desk staffer, did not re­spond im­me­di­ately to The As­so­ci­ated Press’ ques­tions about his ac­tions that day.

It is not im­me­di­ately clear how Podesta re­sponded to the threat, but five months later hack­ers suc­cess­fully down­loaded tens of thou­sands of emails from Podesta’s ac­counts that have now been posted on­line. The Clin­ton cam­paign de­clined to dis­cuss the in­ci­dent. Podesta has pre­vi­ously con­firmed his emails were hacked and said the FBI was in­ves­ti­gat­ing.

The sus­pi­cious email was among more than 1,400 mes­sages pub­lished by Wik­iLeaks on Fri­day that had been hacked from Podesta’s ac­count. It was not known whether the hack­ers de­lib­er­ately left be­hind the ev­i­dence of their at­tempted break-in for Wik­iLeaks to re­veal, but the tools they were us­ing seven months ago still in­di­cate they were per­son­ally tar­get­ing Podesta: Late Fri­day, the com­puter in the Nether­lands that had been used in the hack­ing at­tempt fea­tured a copy of Podesta’s bi­o­graph­i­cal page from Wikipedia.

The US Of­fice of the Di­rec­tor of Na­tional In­tel­li­gence and the Home­land Se­cu­rity Depart­ment have for­mally ac­cused Rus­sian state-spon­sored hack­ers for the re­cent string of cy­ber­at­tacks in­tended to in­flu­ence the pres­i­den­tial elec­tion. The help-desk staffer, Del­e­van, emailed to Podesta’s chief of staff a sep­a­rate, au­then­tic link to re­set Podesta’s Gmail pass­word and en­cour­aged Podesta to turn on two-fac­tor au­then­ti­ca­tion. That fea­ture pro­tects an ac­count by re­quir­ing a sec­ond code that is separately sent to a cell phone or al­ter­nate email ad­dress be­fore a user can log in. “It is ab­so­lutely im­per­a­tive that this is done ASAP,” Del­e­van said.

Tod Beard­s­ley, a se­cu­rity re­search man­ager at the Bos­ton-based cy­ber­se­cu­rity firm Rapid7, said the fact that an IT per­son deemed the sus­pi­cious email to be le­git­i­mate “pretty much guar­an­tees the user who is not an IT per­son is go­ing to click on it.”

Other emails pre­vi­ously re­leased by Wik­iLeaks have in­cluded mes­sages con­tain­ing the pass­word for Podesta’s iPhone and iPad ac­counts. —AP

WASH­ING­TON: In this photo taken April 30, 2014, Amanda Ren­te­ria is in­ter­viewed in Wash­ing­ton. Se­nior staff mem­bers on Hil­lary Clin­ton’s nascent cam­paign were con­scious about di­ver­sity in the top ranks two months be­fore the Demo­cratic pres­i­den­tial can­di­date for­mally an­nounced her bid, ac­cord­ing to hacked emails from the per­sonal ac­count of a top cam­paign of­fi­cial. — AP

Newspapers in English

Newspapers from Kuwait

© PressReader. All rights reserved.