- How to watch the History Channel online for free 2 Years Ago
- Why the Senate’s First Step Act isn’t true criminal justice reform 2 Years Ago
- Mom calls cops on son who can’t get ready for school on time Tuesday 11:19 PM
- Tinder exec fired after involvement in lawsuit alleging sexual assault Tuesday 10:48 PM
- Woman matches on Tinder with LaCroix thief—and his victim Tuesday 7:38 PM
- U.K. police will have to disclose documents about WikiLeaks journalists Tuesday 6:37 PM
- Backpack Kid sues Fortnite developer over flossing emote Tuesday 5:38 PM
- Conservatives rage at Alexandria Ocasio-Cortez’s ‘week of self-care’ Tuesday 4:02 PM
- 2 inflatable snowmen fought in front of a combo KFC/Taco Bell Tuesday 2:47 PM
- How to watch the Boca Raton Bowl online for free Tuesday 2:43 PM
- DAZN KOs YouTube, Snapchat as (temporarily) the most downloaded app Tuesday 1:57 PM
- AT&T says it’s rolling out 5G service this week Tuesday 1:03 PM
- NY state senator tells woman staffer ‘Kill yourself!’ in a tweet Tuesday 12:54 PM
- This Lil Jon-Kool-Aid Man Christmas jam is as extra as you’d expect Tuesday 12:13 PM
- YouTube stars say unfair copyright claims are making their lives hell Tuesday 12:12 PM
Cybersecurity firm ‘highly confident’ Russian military hacked DNC based on new evidence
The malware has been traced to previous attacks in Ukraine.
CrowdStrike, a California-based cybersecurity firm, now says it is confident that the group who hacked the Democratic National Committee this summer has direct ties to the Kremlin.
The firm was hired by the Democratic Party this summer to investigate an attack that exposed thousands of embarrassing emails, through WikiLeaks and other online outlets, which raised ethical questions about how the party was overseeing its presidential primary election.
Prior to its nominating convention, party leaders were pelted with accusations that the DNC had worked to undermine the campaign of Sen. Bernie Sanders (D-Vt). Ultimately, the scandal led the DNC’s chair, Rep. Debbie Wasserman Schultz (D-Fla.), to resign.
CrowdStrike now claims to have nearly incontrovertible proof that the malware used in the DNC intrusion also helped the attackers break into an Android app used by the Ukrainian field artillery units from late 2014 through 2016.
The malware is said to have been spread by way of Ukrainian military forums “within a legitimate Android application developed by Ukrainian artillery officer Yaroslav Sherstuk.” The purpose of the Sherstuk’s app was to help artillery forces “more rapidly process targeting data for the Soviet-era D-30 Howitzer” used by the Ukrainian forces. More than 9,000 artillery personnel are reported to use the application, according to CrowdStrike, citing press reports.
CrowdStrike co-founder Dmitri Alperovitch told the Washington Post that the firm now has “high confidence” that the unit responsible for hacking the DNC works for the GRU, Russia’s military intelligence service. The hacking group responsible CrowdStrike has dubbed “Fancy Bear.”
Attribution with regards to cyberattacks is difficult and often problematic.
Cybersecurity expert Jeffrey Carr, the founder of Taia Global, raised concerns this summer about the process of attributing the attack to Moscow based solely on the origin of the malware involved.
Of course, malware can be stolen; it can be re-packaged and sold on the black market; and it can be used as well to throw off investigators.
“In the physical world of crime investigation,” Carr wrote, “common sense dictates that the perpetrator of a crime may use any weapon and not just one made in the country of his birth, and that the developer or manufacturer of the weapon most likely isn’t the criminal. And yet, those seemingly crazy assumptions are made every day by cybersecurity companies involved in incident response and threat intelligence.”
“The malware was written in Russian? It was a Russian who attacked you,” continued Carr, sardonically. “Chinese characters in the code? You’ve been hacked by the Peoples Liberation Army.”
Dell Cameron was a reporter at the Daily Dot who covered security and politics. In 2015, he revealed the existence of an American hacker on the U.S. government's terrorist watchlist. He is a co-author of the Sabu Files, an award-nominated investigation into the FBI's use of cyber-informants. He became a staff writer at Gizmodo in 2017.