Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Security Government United States

The FBI Botches Its DNC Hack Warning In 2016 -- But Says It Won't Next Time (wired.com) 90

An anonymous reader quotes a report from Wired: On April 28, 2016, an IT tech staffer for the Democratic National Committee named Yared Tamene made a sickening discovery: A notorious Russian hacker group known as Fancy Bear had penetrated a DNC server "at the heart of the network," as he would later tell the US Senate's Select Committee on Intelligence. By this point the intruders already had the ability, he said, to delete, alter, or steal data from the network at will. And somehow this breach had come as a terrible surprise -- despite an FBI agent's warning to Tamene of potential Russian hacking over a series of phone calls that had begun fully nine months earlier. The FBI agent's warnings had "never used alarming language," Tamene would tell the Senate committee, and never reached higher than the DNC's IT director, who dismissed them after a cursory search of the network for signs of foul play. That miscommunication would result in the success of the Kremlin-sponsored hack-and-leak operation that would ultimately contribute to the election of Donald Trump.

Four years later, the FBI and the community of incident response security professionals who often work with the bureau's agents says the FBI has significantly changed how it communicates with hacking victims -- the better to avoid another DNC-style debacle. In interviews with WIRED, FBI officials never explicitly admitted to a failure in the case of the DNC's botched notification. But they and their private sector counterparts nonetheless described a bureau that has revamped its practices to warn hacking targets faster, and at a higher level of the targeted organization -- especially in cases that might involve the upcoming election or the scourge of ransomware costing companies millions of dollars across the globe.

In December of last year, for instance, the FBI announced a new formal policy of immediately notifying state government officials when the bureau identifies a threat to election infrastructure they control. But the improvements go beyond warnings to state officials, says Mike Herrington, the section chief of the FBI's cyber division. "I see a key change in practice and emphasis, getting our special agents in charge keyed up to gain the full cooperation of potential victims," says Herrington, who says he's personally notified dozens of victims of hacking incidents over his career. Those "special agents in charge" are higher-ranking than the typical field agents who have notified victims in the past, notes Steven Kelly, the FBI's chief of cyber policy. Kelly says that those special agents have also been instructed to aim their warnings further up the victim's org chart. "We want them to be reaching out to the C-suite level, to senior executives," says Kelly. "To make sure they're aware of what's going on and that they're putting the right amount of calories into addressing the issues so that these things don't get ignored or buried."

This discussion has been archived. No new comments can be posted.

The FBI Botches Its DNC Hack Warning In 2016 -- But Says It Won't Next Time

Comments Filter:
  • I love how (Score:4, Insightful)

    by Jarwulf ( 530523 ) on Wednesday September 02, 2020 @08:12PM (#60467638)
    foreign manipulation and election tampering and hackiing and big data tactics only became a problem after the 2016 election.
    • by OMBad ( 6965950 )
      Exactly. How did the Russia so smart so quickly? Literally no one knew, then Hillary lost and they became master hackers who control the planet. I wonder why they cannot fix their own collapsing country?
      • Re: I love how (Score:4, Insightful)

        by Miles_O'Toole ( 5152533 ) on Wednesday September 02, 2020 @08:50PM (#60467716)

        You wonder why they can't fix their own country. Well, basically because it's far easier for a nasty, stupid lowlife to drag somebody down to his level than to reach up and join that successful person. An excellent example of this is provided by minimum wage near-slaves who spit on and vilify union workers who actually have a living wage.

        • by OMBad ( 6965950 )
          Really? Seems like it would be much easier to use their master hacking skillz that apparently can get world leaders elected to make some money. Here we all thought they were vodka sloshed fools and it turns out they are the smartest people on the planet.
          • At least some of them have done very well for themselves, apparently. And don't forget, when a Russian oligarch tells you to jump, you ask "how high" when you're already on the way up.

            • by OMBad ( 6965950 )
              Yeah VERY well. Apparently they are so amazing they have taken over the planet with their mad skillz. Pretty fucking amazing that they are able to get a guy elected in the US but can't figure out how to build a good car.
              • Unfortunately for the citizens of the USA, even the Russians cannot arrange for a competent person to be elected President.

        • oh, you must be talking about the "peaceful" protestors. Whole lot easier to burn a building down (sorry, the police where able to get out despite your best efforts) then to build one.
          • No, that's not at all what I was talking about. If you had the brainpower of a retarded chicken, you'd have the comprehension skills to understand this.

            • Please do not use the phrase "retarded". It is deeply problematic due to its ableistic undertones that harken back to colonial oppression. I can't even.
        • Say what you want about Russian politics but they were able to manipulate Obama when Assad's back was to the sea and turned what to be a victory for US+allies into another puppet dictator for Putin.

          Now Putin can play games in the Middle East thanks to Obama.
          All Putin had to do was ask Obama to forgo shelling or doing airstrikes because their might be FSB personnel in that area.
          At least that was what the media was told.
          I'd like to put it up to Obama's naivete but you have to give more credit to anyone who b

      • Re: I love how (Score:5, Insightful)

        by K. S. Kyosuke ( 729550 ) on Wednesday September 02, 2020 @08:51PM (#60467718)
        You don't need to be "smart" to manipulate people in the US. It doesn't take *that* much effort, really.

        I wonder why they cannot fix their own collapsing country?

        Have you never wondered how easier it is to destroy things than to create something?

        • by OMBad ( 6965950 )
          Amazing how these guys suddenly figured out how to control the planet in 2016, but before that they were vodka sloshed fools.
      • by nomadic ( 141991 )

        "How did the Russia so smart so quickly?"

        Are you stupid? Russia has been developing these skills for 70 years; you think they just threw out all their programs when the Soviet Union ended?

    • Re:I love how (Score:5, Insightful)

      by DogDude ( 805747 ) on Wednesday September 02, 2020 @08:39PM (#60467696)
      Why do you think that it "only became a problem after the 2016 election"?
      • Re: (Score:1, Offtopic)

        by Jarwulf ( 530523 )
        Everybody was gushing over Obama's use of Big Data and how it was so cool and forward thinking and now it suddenly becomes sinister when Trump does the same thing at a much lower scale. Also foreign governments interfere in every election and were certainly interfering in previous ones yet you didn't really start to hear about it until 2016 https://www.google.com/search?... [google.com]
        • by DogDude ( 805747 )
          We're talking about Russia using Big Data to help Trump. I doubt the Trump campaign could do anything like that on their own.
          • yeah right. The guy is filthy rich, why couldn't he hire someone? That statement just doesn't make sense no matter what side you're on.
            • by DogDude ( 805747 )
              Rich != smart. If he hired competent people, I doubt so many of the ones he's hired in the past few years would be in prison right now.
              • "I doubt so many of the ones he's hired in the past few years would be in prison right now".

                Would you care to list them?

                  • Michael Cohen
                  • Paul Manafort
                  • Roger Stone
                  • Steve Bannon
                  • George Papadopoulos
                  • Michael Flynn

                  Not everyone is literally in prison/jail at the moment (in part because Trump pardoned/commuted sentences) but this also isn't including some of the emloyees or associates of these people either.

              • There's also no evidence that Trump is/was rich.

                There IS evidence that he is/was deep in debt.

                The hundreds of millions he's bilked from the taxpayer with his Mar-a-lago golf trips may or may not have put him into the black. We don't know, because he refuses to prove it.

            • by gtall ( 79522 )

              Filthy rich in his dreams. The alleged president is a congenital liar. Why do you think he's fighting so hard to keep his tax returns private?

          • The Cambridge Analytica is about big data helping Trump elected.

            • The Cambridge Analytica scandal. The use of facebook data there was considered a breakthrough in making propaganda more powerful.

          • Except it did. That side of the campaign was run by a guy named Brad Parscale, and he was better at it than Hillary or Obama's campaigns.
      • Well because he believes everything his political party says. That's what it means to be a member--you've got to think, act, and vote in unison, otherwise you aren't a team player.

        So yours is a silly question.

    • Re:I love how (Score:5, Insightful)

      by K. S. Kyosuke ( 729550 ) on Wednesday September 02, 2020 @08:48PM (#60467710)
      Exactly. The US never had issues with it when it was manipulating other countries and tampering with their politics.
      • Um.... that's kinda like saying you don't have any issue with using a gun until somebody shoots you. Yes, the United States does not want a weapon used against it. If you happen to be a member of the United States you do not that either. Yes, it would be nice if the United States also didn't use such weapons, but that's a separate issue.

        Also, Russia is playing with fire. We Americans are fucking insane. There's a reason we got kicked out of the UK in the 1700s. The rest of the world seems to have forgot
        • Hussein didn't have nukes. Putin does. Comparison un-apt.

          Ah, but you say, who would use nukes? But what if Putin doesn't care either? All signs suggest that he doesn't.

    • Re:I love how (Score:4, Insightful)

      by phantomfive ( 622387 ) on Thursday September 03, 2020 @12:40AM (#60468150) Journal
      No, people were really upset about the hacking before the election, too. The leaked emails made some people look really bad. That is when the D team turned against Wikileaks. It was cool when they were leaking stuff about Bush.
    • I love how the Democrats keep beating the debunked "Russia Russia Russia" dead horse.
      • Re:I love how (Score:5, Informative)

        by MobyDisk ( 75490 ) on Thursday September 03, 2020 @02:18AM (#60468272) Homepage

        Claiming something was debunked over and over does not make it so. It is especially silly to claim it never happened when the story is adding details about how it happened and how the US is responding differently. There is bi-partisan agreement in the US regarding the Russian interference. In 2018, the Republican-controlled congress even tightened sanctions on Russia in response to it. The only person claiming it didn't happen was Trump, most likely because he was afraid it would be tied to his campain... which it has now been.

        • Ignoring the fact that Russiagate has been debunked does not make that go away. There were quite a lot of people on top of it from the start. They have 4 years headstart on you. To catch up you'd have to be willing to take the possibility serious that the whole thing is a hoax. Without that you wouldn't even read the first paragraph.

          Adding detail to a debunked story is like the magician's trick with the sealed letter in the locked chest. You keep adding chains around the chest and suspend it on a crane whic

          • by gtall ( 79522 )

            So, all those contacts between the alleged president's election efforts and those nice, helpful Russians was because....what...precisely?

            • That is so vague it is not even a question.

            • by kenh ( 9056 )

              Believe it or not, there are legitimate reasons for Americans to contact Russians, and in Russia you can only be so successful without ties to the government.

              Take a good look at each 'contact' and ask yourself if there couldn't possibly be an innocent reason for it.

              For example, Flynn , as incoming DNI had perfectly valid reasons for reaching out to Russian counterparts before Trump took office.

              Carter Page? Met a Russian that asked him to write a research paper and had previously spoken at some Russian confe

              • One of the things which is coming out now with the indictment of FBI lawyer Clinesmith is that the CIA told the FBI Carter Page was their man and the FBI omitted that in their request for a spy warrant.

          • by MobyDisk ( 75490 )

            What the heck is "Russiagate" in this context anyway? Since we are talking about the DNC hack in this discussion, that's what I assumed you meant. But maybe you are talking about something else. What exactly are you saying has been debunked?

            • All of it!

            • Ok, I wanted that in a separate post to make it stand out as preposterous as possible. But it is roughly true.
              With the DNC hack a good description would be more subtle , because the DNC was very hackable and was hacked. But DNC hack is linked to election interference through Wikileaks and has been integrated in the story of Russiagate.

              Whether Russia has hacked the DNC wouldn't matter much because hacking is pretty normal , including in international politics but the documents which were posted by Wikileaks

              • by MobyDisk ( 75490 )

                I get it. You suspect that the DNC emails were leaked, not hacked. I don't agree, solely because the FBI and the Republican-led US Senate disagree. As you said: Russian hacking is pretty normal, so I see little reason to conclude that the Russians weren't involved. But regardless of *how* the emails were obtained, Trump's campaign committed crimes and that is what we should be concerned about. Trump and Stone knew about the emails imminent release ahead of time and instead of reporting the crime they c

                • No you don't get it - yet. Where do you get the idea that Democrats debunked Russiagate? They co-instigated it. I object to the FBI announcement because it continues in the main narrative of Russiagate. There was an election 4 years ago. The Democrats should have gone into why Trump won, and they should have challenged him on his policies and exposed them for the shit they were. Instead they (DNC and security services mainly)made up a story of illegitimate elections and Trump being a Russian stooge. They ag

                  • This is the article from Aaron Mate
                    accompanying the interview and verifying how it fits with the Mueller claims https://www.thenation.com/arti... [thenation.com]

                    And yes I claim it is all like that. Whenever a claim is investigated it evaporates.

                  • by MobyDisk ( 75490 )

                    Also Stone never had a connection to Assange. Or to any hacker.

                    He admitted to privately communicating with both Assange and a Russian hacker (Guccifer 2.0) in his sworn testimony before Congress. He also admitted that he told Trump about it. His defense has been that none of it was illegal. Via search warrants the feds got his private tweets, phone calls, and voice mails. They didn't get the encrypted messages he sent using Signal, Wickr, and WhatsApp. This news is still fresh enough that a simple google search for "Roger Stone Julian Assange" comes up with lots o

                    • Stone lies a lot and then gets into trouble. He had been bluffing , trying to sell the idea that he had a contact to Assange and was hoping to be able to back it up later. He hoped Credico could help with that. Then afterwards he couldn't roll it back and pressured Credico about it. Until Credico stepped up and said he had nothing about Wikileaks. If you want to understand it you have to read Mate's version and then go back to the articles you link to to see where they get it wrong. Sometimes it is in deta

                    • You should check what exactly Stone lied about. That is what is constantly being omitted and distorted most. He lied about having a contact with Wikileaks while there was no such contact. But it's hardly reported in the mainstream because they start from the assumption that there was such a contact so they only talk about it in indirect ways. For instance you only get the interpretation "lied to protect Trump", which is baseless but journalists can use it because the prosecution has used it at some point.

                    • I should clarify that I say there was no contact while you show communication. But the point is that stone was trying to get some form of communication started while giving everyone the impression that he had a secret channel but what you see is all there was. There was nothing else and it was not getting him anywhere.

                    • by MobyDisk ( 75490 )

                      I'm reading more and more about Stone. I didn't know about Corsi. I admit that it does look like Stone is a dead-end in terms of reaching the Russians. His communications with Assange and Guccifer were too little and too late to be useful. I do wonder what communications do we not have because they were done with encrypted apps. This guy is a real bad dude - totally the mobster type. It really does look like he tried his darn hardest to contact the criminals involved, both directly via text messages a

                    • Credico doesn't see Stone as a really bad dude, except when he's drunk which is very often. He's shady sure, but like Papadopoulos he is trying to elbow his way into the Trump team and it involves a lot of bluffing and creating impressions, and then hoping your own claims don't come back to bite you. Papadopoulos' ambition was to set up links between Russia and Trump, and it was aiming too high. But Papa will lie just for attention. The importance of Papadopoulos/Mifsud is again how did the FBI and Mueller

    • by AmiMoJo ( 196126 )

      It was a problem a week or two before the election as well.

  • I'm getting sick of seeing the future. Maybe I should change my name to Cassandra.

  • If they had treated it like a modern press release, would the DNC have reacted quicker?

    • All I know is, is that I, for one, welcome our "keyed up" overlords! I've got a heart condition, but at least someone is getting keyed up. /s

      I just can't believe that he used the word key, then in bad form used the word again so close together but this time while using a drug reference about being high. I mean, really?

  • by ChrisMaple ( 607946 ) on Wednesday September 02, 2020 @09:25PM (#60467806)
    The DNC rejection of the FBI's offer of help against hackers has been public knowledge for over 3 years.
  • Umm, I'm no fan of Trump or Hillary, but wasn't it Hillary's use of a private email server for handling classified information, then getting caught for that, which contributed to her loss to Trump? Just because leaking that information served Putin's agenda doesn't make the DNC pure victims in the matter.
    • by OMBad ( 6965950 ) on Wednesday September 02, 2020 @10:06PM (#60467898)
      Hillary didn't get elected because she was unlikable and dismissive of the average American.
      • I'm glad it wasn't anything to do with the head of the FBI suddenly saying he had to urgently brief congress of something critical, and then standing in front of them and lying that he had re-opened the investigation into Hillary Clinton. That would have been shocking!
        • Or Russian propaganda on social media and Fox News.

          Obviously I'm spouting paranoid nonsense. It's not like the same thing is happening right now for the 2020 election. For example it would never happen that the Director of National Intelligence would stop briefing Congress about foreign election interference. [google.com] It is also impossible that the investigation into Russian influence in 2016 [cnn.com] was deliberately hobbled from the beginning.

          Just like the FBI did nothing to influence the 2016 election at the last second

          • The DNI is still briefing Congress, but in writing rather than in person. The big difference appears to be how much time the DNI can devote to doing his job vs. answering the same question ten times.

            The investigation was a joke from the start. This is clear because the only instance of a campaign working with Russia in any way was never investigated as such despite being public knowledge. That would be the Steele Dossier. The DNC paid Russian spies for (false) dirt on Trump, but somehow that was used

            • Bullshit. Not being able to ask questions in person short circuits the ability of Congress to find out what is really going on.

              It's so much easier to lie on paper then to lie in person. That's the whole point: to cut the legislative branch out of the loop. If the DNI can't do his job while taking the time to do his job and personally brief Congress then they should find someone who is up to the job.

              It's clear you are supporting the Putin/Trump ticket. Maybe you should go to Russian where you belong.

              • I tried, but couldn't find any flights to Russian. Turns out that it isn't a place, you just can't spell.
            • I didn't hear about this?!! Was this before or after Trump Jr and Jared met with the Russian spies?

              The weirdest thing about news these days is that one side will admit they did something illegal, but it's somehow ok and they get away with it, while there would be vague accusations of the other side doing something illegal, and that somehow holds a lot more weight and is a lot more damning, even though there's not a shred of evidence...
              • Jr and Jared did not "meet with Russian spies", they met with one Russian and walked out on her. Which is why I agree with your second statement with the addition of great frustration. Jr. and Jared met with a Russian who offered dirt on Hillary, but walked out because she lied. That's supposed to indicate that Trump "colluded" with Russia, is evil and must be impeached. Hillary's people went ahead and bought (false) dirt from Russians, and spread that disinformation throughout the press and the FBI (wh
  • "Yared Tamene made a sickening discovery:" ... hmm ok... continuing.. "a notorious Russian hacker group known as Fancy Bear had penetrated " .... omg omg ... "a DNC server". Wait what? That's the sickening discovery? What the hell?

  • by Anonymous Coward on Thursday September 03, 2020 @01:11AM (#60468182)

    If the DNC hadn't been putting their thumb on the scale to eliminate Bernie then there wouldn't have been anything damaging for the Russians to leak.

    But no, the problem isn't the corruption, it's the "being exposed" part. Yeah, ok.

    • by AmiMoJo ( 196126 )

      There wasn't anything damaging, it was all just people ranting about "her emails". The FBI investigated and there was nothing there.

      • There wasn't any damaging information in the DNC email leaks? You mean, like the emails from CNN sending them the interview questions for Clinton before doing an interview, or the whole scandal showing they were conspiring against Bernie Sanders which caused the ousting of Debbie Wasserman Schultz from the head of the party?

  • by alexeinz001 ( 7194130 ) on Thursday September 03, 2020 @02:19AM (#60468274)
    US routinely both openly and covertly doing everything it can to subvert political process in many many countries incl Russia to its own favor. It has been documented myriad times and is an absolute fact... why are they so upset to taste their own medicine. Funnily enough Rusia ( if indeed sponsored by Kremlin - questionable at best ) didnt even need to make things up, just publish information hidden from US public exposing DNC for what it is... bunch of fakes. so.. chill?
  • So why is the FBI at fault here?

    They warned of "potential" hacking.

    Do they really need to use "alarming" language for IT professionals, including the IT director, to understand the ramifications of being hacked?

    Did they have evidence of the DNC being hacked, but did not reveal it? That would be a problem, but otherwise, I'm not seeing the issue here.

  • by sabbede ( 2678435 ) on Thursday September 03, 2020 @08:31AM (#60468704)
    What did the FBI botch? They provided advance warning, which the DNC didn't take seriously. That sounds like the DNC botched it, not the FBI. They were warned of a persistent threat, responded with a cursory scan, and decided that since they hadn't been hacked yet they could go take a nap.

    Were I feeling particularly cynical, I'd suggest that maybe the DNC's Newspeak dictionary doesn't include the word "persistent".

    Which I suppose I am, since I said it.

  • I read the indictments of the "fancy bear" hackers and didn't see any evidence there. We continue to be bombarded by all the assumptions of guilt, but haven't seen anything to actually link Russia to the DNC hacks. Has anyone seen anything to connect these other than the Muller signature?

  • Where's a sternly worded letter when you need one?

Real Programmers don't write in PL/I. PL/I is for programmers who can't decide whether to write in COBOL or FORTRAN.

Working...