The FBI Botches Its DNC Hack Warning In 2016 -- But Says It Won't Next Time (wired.com) 90
An anonymous reader quotes a report from Wired: On April 28, 2016, an IT tech staffer for the Democratic National Committee named Yared Tamene made a sickening discovery: A notorious Russian hacker group known as Fancy Bear had penetrated a DNC server "at the heart of the network," as he would later tell the US Senate's Select Committee on Intelligence. By this point the intruders already had the ability, he said, to delete, alter, or steal data from the network at will. And somehow this breach had come as a terrible surprise -- despite an FBI agent's warning to Tamene of potential Russian hacking over a series of phone calls that had begun fully nine months earlier. The FBI agent's warnings had "never used alarming language," Tamene would tell the Senate committee, and never reached higher than the DNC's IT director, who dismissed them after a cursory search of the network for signs of foul play. That miscommunication would result in the success of the Kremlin-sponsored hack-and-leak operation that would ultimately contribute to the election of Donald Trump.
Four years later, the FBI and the community of incident response security professionals who often work with the bureau's agents says the FBI has significantly changed how it communicates with hacking victims -- the better to avoid another DNC-style debacle. In interviews with WIRED, FBI officials never explicitly admitted to a failure in the case of the DNC's botched notification. But they and their private sector counterparts nonetheless described a bureau that has revamped its practices to warn hacking targets faster, and at a higher level of the targeted organization -- especially in cases that might involve the upcoming election or the scourge of ransomware costing companies millions of dollars across the globe.
In December of last year, for instance, the FBI announced a new formal policy of immediately notifying state government officials when the bureau identifies a threat to election infrastructure they control. But the improvements go beyond warnings to state officials, says Mike Herrington, the section chief of the FBI's cyber division. "I see a key change in practice and emphasis, getting our special agents in charge keyed up to gain the full cooperation of potential victims," says Herrington, who says he's personally notified dozens of victims of hacking incidents over his career. Those "special agents in charge" are higher-ranking than the typical field agents who have notified victims in the past, notes Steven Kelly, the FBI's chief of cyber policy. Kelly says that those special agents have also been instructed to aim their warnings further up the victim's org chart. "We want them to be reaching out to the C-suite level, to senior executives," says Kelly. "To make sure they're aware of what's going on and that they're putting the right amount of calories into addressing the issues so that these things don't get ignored or buried."
Four years later, the FBI and the community of incident response security professionals who often work with the bureau's agents says the FBI has significantly changed how it communicates with hacking victims -- the better to avoid another DNC-style debacle. In interviews with WIRED, FBI officials never explicitly admitted to a failure in the case of the DNC's botched notification. But they and their private sector counterparts nonetheless described a bureau that has revamped its practices to warn hacking targets faster, and at a higher level of the targeted organization -- especially in cases that might involve the upcoming election or the scourge of ransomware costing companies millions of dollars across the globe.
In December of last year, for instance, the FBI announced a new formal policy of immediately notifying state government officials when the bureau identifies a threat to election infrastructure they control. But the improvements go beyond warnings to state officials, says Mike Herrington, the section chief of the FBI's cyber division. "I see a key change in practice and emphasis, getting our special agents in charge keyed up to gain the full cooperation of potential victims," says Herrington, who says he's personally notified dozens of victims of hacking incidents over his career. Those "special agents in charge" are higher-ranking than the typical field agents who have notified victims in the past, notes Steven Kelly, the FBI's chief of cyber policy. Kelly says that those special agents have also been instructed to aim their warnings further up the victim's org chart. "We want them to be reaching out to the C-suite level, to senior executives," says Kelly. "To make sure they're aware of what's going on and that they're putting the right amount of calories into addressing the issues so that these things don't get ignored or buried."
I love how (Score:4, Insightful)
Re: I love how (Score:1, Troll)
Re: I love how (Score:4, Insightful)
You wonder why they can't fix their own country. Well, basically because it's far easier for a nasty, stupid lowlife to drag somebody down to his level than to reach up and join that successful person. An excellent example of this is provided by minimum wage near-slaves who spit on and vilify union workers who actually have a living wage.
Re: (Score:1)
Re: (Score:2)
At least some of them have done very well for themselves, apparently. And don't forget, when a Russian oligarch tells you to jump, you ask "how high" when you're already on the way up.
Re: (Score:1)
Re: (Score:2)
Unfortunately for the citizens of the USA, even the Russians cannot arrange for a competent person to be elected President.
Re: (Score:1)
Re: (Score:1)
No, that's not at all what I was talking about. If you had the brainpower of a retarded chicken, you'd have the comprehension skills to understand this.
Re: I love how (Score:2)
Re: (Score:1)
Say what you want about Russian politics but they were able to manipulate Obama when Assad's back was to the sea and turned what to be a victory for US+allies into another puppet dictator for Putin.
Now Putin can play games in the Middle East thanks to Obama.
All Putin had to do was ask Obama to forgo shelling or doing airstrikes because their might be FSB personnel in that area.
At least that was what the media was told.
I'd like to put it up to Obama's naivete but you have to give more credit to anyone who b
Re: I love how (Score:5, Insightful)
I wonder why they cannot fix their own collapsing country?
Have you never wondered how easier it is to destroy things than to create something?
Re: (Score:2)
Re: (Score:2)
Re: (Score:1)
KGB and GRU were not a bunch of vodka sloshed fools.
But if people believed that it was probably a whole lot easier to control the planet.
Re: (Score:2)
"How did the Russia so smart so quickly?"
Are you stupid? Russia has been developing these skills for 70 years; you think they just threw out all their programs when the Soviet Union ended?
Re: (Score:2)
They're not stupid, they're a paid troll. Chinese, Russian, who knows? But don't feed them.
Re:I love how (Score:5, Insightful)
Re: (Score:1, Offtopic)
Re: (Score:3)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
"I doubt so many of the ones he's hired in the past few years would be in prison right now".
Would you care to list them?
Re: (Score:2)
Not everyone is literally in prison/jail at the moment (in part because Trump pardoned/commuted sentences) but this also isn't including some of the emloyees or associates of these people either.
Re: (Score:2)
Please name the specific crime, and dates thereof, for which those individuals are imprisoned.
I'm sure it will be enlightening.
Why don't you do it, coward?
Re: (Score:2)
There's also no evidence that Trump is/was rich.
There IS evidence that he is/was deep in debt.
The hundreds of millions he's bilked from the taxpayer with his Mar-a-lago golf trips may or may not have put him into the black. We don't know, because he refuses to prove it.
Re: (Score:2)
Re: (Score:2)
Filthy rich in his dreams. The alleged president is a congenital liar. Why do you think he's fighting so hard to keep his tax returns private?
Re: (Score:2)
The Cambridge Analytica is about big data helping Trump elected.
Re: (Score:2)
The Cambridge Analytica scandal. The use of facebook data there was considered a breakthrough in making propaganda more powerful.
Re: (Score:2)
Re: (Score:3)
Well because he believes everything his political party says. That's what it means to be a member--you've got to think, act, and vote in unison, otherwise you aren't a team player.
So yours is a silly question.
Re:I love how (Score:5, Insightful)
Re: (Score:2)
Also, Russia is playing with fire. We Americans are fucking insane. There's a reason we got kicked out of the UK in the 1700s. The rest of the world seems to have forgot
Re: (Score:2)
Hussein didn't have nukes. Putin does. Comparison un-apt.
Ah, but you say, who would use nukes? But what if Putin doesn't care either? All signs suggest that he doesn't.
Re:I love how (Score:4, Insightful)
Re: (Score:2)
Re:I love how (Score:5, Informative)
Claiming something was debunked over and over does not make it so. It is especially silly to claim it never happened when the story is adding details about how it happened and how the US is responding differently. There is bi-partisan agreement in the US regarding the Russian interference. In 2018, the Republican-controlled congress even tightened sanctions on Russia in response to it. The only person claiming it didn't happen was Trump, most likely because he was afraid it would be tied to his campain... which it has now been.
Re: (Score:2)
Ignoring the fact that Russiagate has been debunked does not make that go away. There were quite a lot of people on top of it from the start. They have 4 years headstart on you. To catch up you'd have to be willing to take the possibility serious that the whole thing is a hoax. Without that you wouldn't even read the first paragraph.
Adding detail to a debunked story is like the magician's trick with the sealed letter in the locked chest. You keep adding chains around the chest and suspend it on a crane whic
Re: (Score:2)
So, all those contacts between the alleged president's election efforts and those nice, helpful Russians was because....what...precisely?
Re: (Score:2)
That is so vague it is not even a question.
Re: (Score:2)
Believe it or not, there are legitimate reasons for Americans to contact Russians, and in Russia you can only be so successful without ties to the government.
Take a good look at each 'contact' and ask yourself if there couldn't possibly be an innocent reason for it.
For example, Flynn , as incoming DNI had perfectly valid reasons for reaching out to Russian counterparts before Trump took office.
Carter Page? Met a Russian that asked him to write a research paper and had previously spoken at some Russian confe
Re: (Score:2)
One of the things which is coming out now with the indictment of FBI lawyer Clinesmith is that the CIA told the FBI Carter Page was their man and the FBI omitted that in their request for a spy warrant.
Re: (Score:2)
What the heck is "Russiagate" in this context anyway? Since we are talking about the DNC hack in this discussion, that's what I assumed you meant. But maybe you are talking about something else. What exactly are you saying has been debunked?
Re: (Score:2)
All of it!
Re: (Score:2)
Ok, I wanted that in a separate post to make it stand out as preposterous as possible. But it is roughly true.
With the DNC hack a good description would be more subtle , because the DNC was very hackable and was hacked. But DNC hack is linked to election interference through Wikileaks and has been integrated in the story of Russiagate.
Whether Russia has hacked the DNC wouldn't matter much because hacking is pretty normal , including in international politics but the documents which were posted by Wikileaks
Re: (Score:2)
I get it. You suspect that the DNC emails were leaked, not hacked. I don't agree, solely because the FBI and the Republican-led US Senate disagree. As you said: Russian hacking is pretty normal, so I see little reason to conclude that the Russians weren't involved. But regardless of *how* the emails were obtained, Trump's campaign committed crimes and that is what we should be concerned about. Trump and Stone knew about the emails imminent release ahead of time and instead of reporting the crime they c
Re: (Score:2)
No you don't get it - yet. Where do you get the idea that Democrats debunked Russiagate? They co-instigated it. I object to the FBI announcement because it continues in the main narrative of Russiagate. There was an election 4 years ago. The Democrats should have gone into why Trump won, and they should have challenged him on his policies and exposed them for the shit they were. Instead they (DNC and security services mainly)made up a story of illegitimate elections and Trump being a Russian stooge. They ag
Re: (Score:2)
This is the article from Aaron Mate
accompanying the interview and verifying how it fits with the Mueller claims https://www.thenation.com/arti... [thenation.com]
And yes I claim it is all like that. Whenever a claim is investigated it evaporates.
Re: (Score:2)
Also Stone never had a connection to Assange. Or to any hacker.
He admitted to privately communicating with both Assange and a Russian hacker (Guccifer 2.0) in his sworn testimony before Congress. He also admitted that he told Trump about it. His defense has been that none of it was illegal. Via search warrants the feds got his private tweets, phone calls, and voice mails. They didn't get the encrypted messages he sent using Signal, Wickr, and WhatsApp. This news is still fresh enough that a simple google search for "Roger Stone Julian Assange" comes up with lots o
Re: (Score:2)
Stone lies a lot and then gets into trouble. He had been bluffing , trying to sell the idea that he had a contact to Assange and was hoping to be able to back it up later. He hoped Credico could help with that. Then afterwards he couldn't roll it back and pressured Credico about it. Until Credico stepped up and said he had nothing about Wikileaks. If you want to understand it you have to read Mate's version and then go back to the articles you link to to see where they get it wrong. Sometimes it is in deta
Re: (Score:2)
You should check what exactly Stone lied about. That is what is constantly being omitted and distorted most. He lied about having a contact with Wikileaks while there was no such contact. But it's hardly reported in the mainstream because they start from the assumption that there was such a contact so they only talk about it in indirect ways. For instance you only get the interpretation "lied to protect Trump", which is baseless but journalists can use it because the prosecution has used it at some point.
Re: (Score:2)
I should clarify that I say there was no contact while you show communication. But the point is that stone was trying to get some form of communication started while giving everyone the impression that he had a secret channel but what you see is all there was. There was nothing else and it was not getting him anywhere.
Re: (Score:2)
I'm reading more and more about Stone. I didn't know about Corsi. I admit that it does look like Stone is a dead-end in terms of reaching the Russians. His communications with Assange and Guccifer were too little and too late to be useful. I do wonder what communications do we not have because they were done with encrypted apps. This guy is a real bad dude - totally the mobster type. It really does look like he tried his darn hardest to contact the criminals involved, both directly via text messages a
Re: (Score:2)
Credico doesn't see Stone as a really bad dude, except when he's drunk which is very often. He's shady sure, but like Papadopoulos he is trying to elbow his way into the Trump team and it involves a lot of bluffing and creating impressions, and then hoping your own claims don't come back to bite you. Papadopoulos' ambition was to set up links between Russia and Trump, and it was aiming too high. But Papa will lie just for attention. The importance of Papadopoulos/Mifsud is again how did the FBI and Mueller
Re: (Score:2)
It was a problem a week or two before the election as well.
Utterly predictable. (Score:1)
I'm getting sick of seeing the future. Maybe I should change my name to Cassandra.
Key changes: Yell Louder, Act More Agitated (Score:2)
If they had treated it like a modern press release, would the DNC have reacted quicker?
Re: Key changes: Yell Louder, Act More Agitated Al (Score:2)
All I know is, is that I, for one, welcome our "keyed up" overlords! I've got a heart condition, but at least someone is getting keyed up. /s
I just can't believe that he used the word key, then in bad form used the word again so close together but this time while using a drug reference about being high. I mean, really?
Mostly old news (Score:3)
Russia contributed to Trump's election? (Score:1)
Re:Russia contributed to Trump's election? (Score:4, Insightful)
Re: (Score:3)
Re: (Score:2)
Obviously I'm spouting paranoid nonsense. It's not like the same thing is happening right now for the 2020 election. For example it would never happen that the Director of National Intelligence would stop briefing Congress about foreign election interference. [google.com] It is also impossible that the investigation into Russian influence in 2016 [cnn.com] was deliberately hobbled from the beginning.
Just like the FBI did nothing to influence the 2016 election at the last second
Re: (Score:2)
The investigation was a joke from the start. This is clear because the only instance of a campaign working with Russia in any way was never investigated as such despite being public knowledge. That would be the Steele Dossier. The DNC paid Russian spies for (false) dirt on Trump, but somehow that was used
Re: (Score:2)
It's so much easier to lie on paper then to lie in person. That's the whole point: to cut the legislative branch out of the loop. If the DNI can't do his job while taking the time to do his job and personally brief Congress then they should find someone who is up to the job.
It's clear you are supporting the Putin/Trump ticket. Maybe you should go to Russian where you belong.
Re: (Score:2)
Re: (Score:2)
The weirdest thing about news these days is that one side will admit they did something illegal, but it's somehow ok and they get away with it, while there would be vague accusations of the other side doing something illegal, and that somehow holds a lot more weight and is a lot more damning, even though there's not a shred of evidence...
Re: (Score:2)
Sickening discovery (Score:2)
"Yared Tamene made a sickening discovery:" ... hmm ok... continuing.. "a notorious Russian hacker group known as Fancy Bear had penetrated " .... omg omg ... "a DNC server". Wait what? That's the sickening discovery? What the hell?
Re: (Score:2)
Imagine not being corrupt (Score:3, Insightful)
If the DNC hadn't been putting their thumb on the scale to eliminate Bernie then there wouldn't have been anything damaging for the Russians to leak.
But no, the problem isn't the corruption, it's the "being exposed" part. Yeah, ok.
Re: (Score:3)
There wasn't anything damaging, it was all just people ranting about "her emails". The FBI investigated and there was nothing there.
Re: (Score:2)
There wasn't any damaging information in the DNC email leaks? You mean, like the emails from CNN sending them the interview questions for Clinton before doing an interview, or the whole scandal showing they were conspiring against Bernie Sanders which caused the ousting of Debbie Wasserman Schultz from the head of the party?
i dont see a problem (Score:3, Insightful)
Blame the DNC, not the FBI (this time) (Score:2)
So why is the FBI at fault here?
They warned of "potential" hacking.
Do they really need to use "alarming" language for IT professionals, including the IT director, to understand the ramifications of being hacked?
Did they have evidence of the DNC being hacked, but did not reveal it? That would be a problem, but otherwise, I'm not seeing the issue here.
How was that the FBI's fault? (Score:3)
Were I feeling particularly cynical, I'd suggest that maybe the DNC's Newspeak dictionary doesn't include the word "persistent".
Which I suppose I am, since I said it.
Evidence (Score:2)
I read the indictments of the "fancy bear" hackers and didn't see any evidence there. We continue to be bombarded by all the assumptions of guilt, but haven't seen anything to actually link Russia to the DNC hacks. Has anyone seen anything to connect these other than the Muller signature?
Clinton's wet workers slipped up (Score:1)
Maybe it was bad Intel from Obama's FBI that got Seth Rich assassinated.
Brother Of Murdered DNC Staffer Seth Rich Wants Twitter To Unmask ‘FBI Leaker’—Twitter Says Hold On [forbes.com]
"never used alarming language" (Score:1)
Where's a sternly worded letter when you need one?