d*2 发帖数: 2053 | 1 https://www.yahoo.com/news/clinton-and-dnc-face-new-email-attacks-in-wake-of
-wikileaks-dump-200106265.html?soc_src=mail&soc_trk=ma
Clinton and DNC face new email attacks in wake of Wikileaks dump
John Podesta and Donna Brazile. (Photo illustration: Yahoo News, photos:
Andrew Harnick/AP, Paul Sancya/AP)
At 7:51 p.m. on Wednesday night, Democratic National Committee chair Donna
Brazile got an odd email from the Gmail account of Clinton campaign chair
John Podesta. “We have a problem,” read the subject line.
“Donna, some of our less than reliable media people are starting to
privately question the Russian hack story we’ve been feeding them about
these emails that [WikiLeaks founder Julian] Assange keeps leaking,” it
read, according to a copy of the email Brazile shared with Yahoo News. It
went on to say “HRC wants us to come up with a backup story to keep them
guessing until we get to E-day in case we need to use it.”
The email was unlike any Podesta would actually write — and for good reason
. It was fake. He wrote no such missive, says a Clinton campaign official.
But the message, using a cloned version of Podesta’s real Gmail address,
was a vivid example of the mischief Russian hackers — and WikiLeaks — have
unleashed by dumping thousands of stolen emails into the public domain, say
Democratic party officials and cybersecurity experts.
“This is part of the disinformation campaign,” said Brazile, who quickly
alerted the DNC’s cybersecurity officials so they could try to trace the
email to its original source. So far, they haven’t cracked the case. But
party and Clinton campaign officials are increasingly on guard for similar
phony messages. In one case, party officials tell Yahoo News, a malicious
unidentified spoofer replicated the email address of the DNC’s press
secretary and sent the New York Times a phony op-ed from Tim Kaine. “We’re
a political party operating under tremendous stress,” said Brazile.
The Clinton campaign on Friday ramped up its efforts to put a spotlight on
Russia’s role in the cyberattacks on the DNC and other party organizations,
arranging a conference call led by former acting CIA director Michael
Morrell. He said the hacks were “a direct assault on our democracy” and
called on Donald Trump to condemn them.
But in fact, there is no indication the phony Podesta message was the work
of Russian state-sponsored hackers, say cybersecurity experts. It’s far
more likely it was sent by cyberspoofers using relatively accessible
Internet tools to replicate an email address, using or installing a STMP (
Simple Mail Transfer Protocol) email server. In the case of Podesta email,
the spoofer also used a separate “reply to” email service — a sort of
throwaway inbox to weed out junk email — presumably so that Podesta would
have been completely unwitting if Brazile had actually responded.
Clinton and DNC face new email attacks in wake of Wikileaks dump
Michael Isikoff 22 hours ago Comments Like Reblog on Tumblr Share Tweet
Email
John Podesta and Donna Brazile (Photo illustration: Yahoo News, photos:
Andrew Harnick/AP, Paul Sancya/AP)
John Podesta and Donna Brazile. (Photo illustration: Yahoo News, photos:
Andrew Harnick/AP, Paul Sancya/AP)
At 7:51 p.m. on Wednesday night, Democratic National Committee chair Donna
Brazile got an odd email from the Gmail account of Clinton campaign chair
John Podesta. “We have a problem,” read the subject line.
“Donna, some of our less than reliable media people are starting to
privately question the Russian hack story we’ve been feeding them about
these emails that [WikiLeaks founder Julian] Assange keeps leaking,” it
read, according to a copy of the email Brazile shared with Yahoo News. It
went on to say “HRC wants us to come up with a backup story to keep them
guessing until we get to E-day in case we need to use it.”
The email was unlike any Podesta would actually write — and for good reason
. It was fake. He wrote no such missive, says a Clinton campaign official.
But the message, using a cloned version of Podesta’s real Gmail address,
was a vivid example of the mischief Russian hackers — and WikiLeaks — have
unleashed by dumping thousands of stolen emails into the public domain, say
Democratic party officials and cybersecurity experts.
“This is part of the disinformation campaign,” said Brazile, who quickly
alerted the DNC’s cybersecurity officials so they could try to trace the
email to its original source. So far, they haven’t cracked the case. But
party and Clinton campaign officials are increasingly on guard for similar
phony messages. In one case, party officials tell Yahoo News, a malicious
unidentified spoofer replicated the email address of the DNC’s press
secretary and sent the New York Times a phony op-ed from Tim Kaine. “We’re
a political party operating under tremendous stress,” said Brazile.
The Clinton campaign on Friday ramped up its efforts to put a spotlight on
Russia’s role in the cyberattacks on the DNC and other party organizations,
arranging a conference call led by former acting CIA director Michael
Morrell. He said the hacks were “a direct assault on our democracy” and
called on Donald Trump to condemn them.
But in fact, there is no indication the phony Podesta message was the work
of Russian state-sponsored hackers, say cybersecurity experts. It’s far
more likely it was sent by cyberspoofers using relatively accessible
Internet tools to replicate an email address, using or installing a STMP (
Simple Mail Transfer Protocol) email server. In the case of Podesta email,
the spoofer also used a separate “reply to” email service — a sort of
throwaway inbox to weed out junk email — presumably so that Podesta would
have been completely unwitting if Brazile had actually responded.
“It could really be anybody,” said Rich Barger, chief intelligence officer
of ThreatConnect, a cybersecurity firm that has closely studied the Russian
hacks. “It could be a 400-pound hacker in his mother’s basement,” he
added in an allusion to Trump’s own quip during the first presidential
debate last month.
What the Russians — with their presumed co-conspirators at WikiLeaks and
other websites such as DCLeaks.com and Guccifer 2.0 — apparently did do is
make the process a whole lot easier by publicizing Podesta’s private Gmail
account — and those of scores of other Democratic party officials and
operatives. The spoofers “didn’t have to do the hard work of trying to
sniff out the email addresses,” said Barger.
The first indication of the problem came two months ago, shortly after the
Democratic convention in Philadelphia and the initial WikiLeaks dump of DNC
emails. On Aug. 2, at 5:43 a.m., New York Times reporter Yamiche Alcindor
got a chatty email from the DNC address of Mark Paustenbach, the DNC’s
press secretary. “Hi Yamiche,” it began. “Long story short … Tim Kaine
wants to submit an Opted [sic] and get it in ASAP.” It added that Brazile
would be sending “the final draft” shortly. Alincdor responded later that
morning. “Hey Mark, I’m just seeing this. I’ll email my editors right now
and get back to you.” (A Times spokeswoman confirmed that Alcindor got the
email from Paustenbach’s address.)
The response from the Times reporter surprised Paustenbach, who immediately
alerted DNC security, noting that the language in the original message “is
clearly not mine.” Later, a proposed op-ed under Kaine’s byline was sent
from Brazile’s address to Alcindor. The content was preposterous. (“When
it comes to selecting a future Vice President, it’s almost a tradition to
pick someone that helps make you as the presidential candidate look better,
” it read. “It’s like when you go to a club, and you see those hot girls
next to their boring ugly friends. I’m the boring ugly friend. I’m the one
that doesn’t get drugged at the bar, because no one wants to touch me with
a fifty-foot pole.”
The Times, of course, never ran the phony op-ed. But the DNC was on notice
that they had become sitting ducks for Internet trolls. |
|