The Plot to Hack America: How Putin's Cyberspies and WikiLeaks Tried to Steal the 2016 Election [Malcolm W Nance] (fb2) читать постранично, страница - 3

implanted analytical software into the structure of the DNC’s servers, they soon discovered that two unknown entities had made an unauthorized penetration of the committee’s computers. The technicians immediately recognized that this was not a nuisance attack; it was a professional hit using professional tools and software. The CrowdStrike team started a series of analytical tests to discover the methods of entry and to outline the pathways that the hackers took into the server system. The tests would allow the cyber sleuths to determine where the hackers went, what they did while inside, and what data they may have taken. Another team checked the DNC’s server logs to see what the hackers had manipulated out of parameter. All of the parameters of the hack would take weeks to lay out in an official report, but it was almost immediately clear that this was not the work of amateur hackers.

Once inside, the two unauthorized users had started rooting around. One entity had implanted itself and had been monitoring the emails and chats of the Democratic staff for months, stealing files, emails, and voice messages—almost everything. The second entity, seemingly operating independently, had targeted two very specific files.

The treasure in political espionage is to know precisely what your enemy knows about you. Every intelligence agency seeks to find the details of the inner management of their opposition, but finding the file summary of what they actually know, what they don’t know and—equally important—what they know that they don’t know, is intelligence gold. For the political season of 2016, the most highly-prized information in the DNC’s servers would be the opposition files held by the Democratic Party about the seventeen Republican Party’s candidates.

The CrowdStrike damage control team determined that the penetration operation conducted by the unknown hackers had left the servers of the Democratic Party severely compromised. They had copied or taken materials of all kinds, and had infiltrated virtually everything of value to a political opponent: personal file folders, official chat threads, digital voicemails, and the email content of virtually everyone’s mailbox. The hackers also obtained the DNC’s donors lists, and it is likely that the donors’ credit card information was associated with these lists. One of the more fascinating aspects about this attack is that it was bold and brazen; many cyber security experts are a little surprised at how the hackers didn’t cover their tracks deeply, as if they wanted to be discovered. There was just enough cover to be deniable, but as one expert observed, it was a “big cyber F-you.” It was an electronic equivalent of a looting where the perpetrators throw everything around on the floor just to let you know they were there.

CrowdStrike quickly determined that the penetration into the servers started in the summer of 2015. Hand in hand with the successful penetration the next year, it would appear that the older attempt was an exploratory operation to determine the security settings on the server’s network. This probe would lay the groundwork for the determined and focused 2016 attack. However one factor was unshakable; the timeline of the 2016 hacks on the computers of the Democratic National Committee clearly indicated that the collection and dissemination was timed to benefit only the opposition Republican Party. Worse, if the hack was truly malicious, even relatively innocent information such as personal discussions, preferences, and the rivalry or relationships among co-workers could be twisted and injected into the national conversation in the months leading up to the election. This was not lost on the Chairperson of the DNC, Debbie Wasserman Schultz. She knew that scandal or not, the Republicans would use the hacked information to attack.

The Republican Party has shown an uncanny proclivity for taking an innocuous subject and by dint of repetition, inference, and outright false accusation make a seemingly innocent remark turn into years of acrimonious investigations. When Democratic staffers removed the letter “W” from a couple of Old Executive Office building computer keyboards, the Republicans turned it into a national campaign about how the White house itself was horribly vandalized by hordes of Democrats. When the staff at the White House travel office was routinely replaced upon the arrival of the freshly sworn-in President Bill Clinton, the scandal machine turned it into a witch hunt of national proportions that led to congressional investigations over abuse of power and personally targeted the First Lady. It’s been joked that had George Washington confessed to cutting down the cherry tree in the modern era, he would have been investigated for destruction of government property and abuse of authority, and promptly impeached.

However, this hack was unprecedented. The exposure of all of the internal discussions on the processes, procedures, strategy, beliefs, and thoughts of every staffer at the DNC from Debbie Wasserman Schultz down to the concerned citizen who calls and leaves a voice mail, was staggering. Any innocent comment could be turned into a political flamethrower. All discussions could be framed as conspiracies. The question at hand for the DNC became not who conducted the hack, but what would they do with the information.

Watergate 1.0

In 1972, President Richard Nixon, through his proxies in the White House called “The Plumbers” and in coordination with the Committee to Reelect the President (aka CREEP), sent five men into the offices of the Democratic National Committee in the offices at the luxurious Watergate hotel in Washington DC. The burglars had orders to install wiretaps, break into safes, and copy files to find out exactly what opposition research the Democrats had on Nixon in the months before the election. Although he won the presidential election, by August of 1973, the political scandal of covering up the crime led to Nixon being the first President to resign in disgrace.

The 2016 DNC hack conducted forty-four years later—almost to the day—was the exact same operation. However, this time there would be no security guard to detect the intrusion, and the burglars would not be caught wearing latex gloves and planting microphones. They would copy the information in a matter of seconds, their digital fingerprints would emerge long after the break-in, and discovery would occur well after the damage had been done to Hillary Clinton’s presidential campaign.

There were a myriad of suspects on the political stage from Trump supporters to Black Hat members of Anonymous, the shadowy hacker collective that sought to expose hidden secrets though public sun lighting. Though the DNC is a political machine that managed the Democratic Party and the campaigns of its members to office, it also operates as the framework to express the political aspirations of a huge proportion of the American electorate.

When President Barack Obama won re-election to the Presidency in 2012, he won over 65 million votes representing 51.1 percent of American voters. The management team for that electoral success was the DNC. They not only represent the candidates, but once the candidates are selected the DNC is the principle agency for the grooming, funding, and support to meet the goals of the party. Now, all of their internal secrets were stolen.

The general understanding at the time was that the DNC could contain the damage resulting from the hack, and the DNC claimed that nothing had been pilfered.¹

The general inner workings were relatively tame so long as they were not in the public domain. In June 2016, DNC Chairwoman Debbie Wasserman Schultz stated that,

The security of our system is critical to our operation and to the confidence of the campaigns and state parties we work with… When we discovered the intrusion, we treated this like the serious incident it is and reached out to CrowdStrike immediately. Our team moved as quickly as possible to kick out the intruders and secure our network.²

After the April hack had been discovered, the analytical study of what was stolen was compiled. Crowdstrike and DNC officials figured out very quickly that the attack was broad and that the hackers had access for as long as ninety or more days where they entered and exited the servers and reviewed and took what they pleased. However, there was an early indicator of the intent of the intrusion.

If an advocate of the Republican Party, a citizen hacktivist, or a malicious “Black Hat” hacker anarchist had perpetrated the intrusion, it would have been a much sloppier operation. Additionally, the