Attacks/Breaches
1/11/2017
10:15 AM
50%
50%

FBI Chief: Russian Hackers Exploited Outdated RNC Server, But Not Trump Campaign

Russian state-sponsored hackers attacked Republican state political campaigns, and compromised an old Republican National Committee (RNC) server, but did not penetrate the "current RNC" or the campaign of president-elect Donald Trump, FBI director James Comey told lawmakers at a Senate hearing Tuesday.

Reuters reports that Comey told lawmakers the FBI "'did not develop any evidence that the Trump campaign, or the current RNC, was successfully hacked.' He did not say whether Russia had tried to hack Trump's campaign."

Russia did not release any information obtained through these compromises of state campaigns or old RNC email domains, Comey said, reports Reuters. 

From the New York Times:

Mr. Comey said Tuesday that there was 'evidence of hacking directed at the state level' and at the R.N.C., 'but that it was old stuff.' He said there was no evidence 'that the current R.N.C.' — he appeared to be referring to servers at the committee's headquarters or contractors with current data — had been hacked.

There is no evidence that computers used by the Trump campaign or the Clinton campaign were also compromised, though the personal email account of John D. Podesta, Hillary Clinton's campaign chairman, was copied and released as part of the Russian-ordered hack.

According to the Times, the "old stuff" to which Comey referred appeared to be a single email server used by the RNC that was soon going out of service and contained outdated material.  

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Joe Stanganelli
100%
0%
Joe Stanganelli,
User Rank: Ninja
1/11/2017 | 11:49:38 AM
Email
This hacking scandal (and others like it) is really making political figures who never used email -- like Donald Rumsfeld and Janet Neapolitano -- look like the genuinely smart ones.
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Security Operations and IT Operations: Finding the Path to Collaboration
A wide gulf has emerged between SOC and NOC teams that's keeping both of them from assuring the confidentiality, integrity, and availability of IT systems. Here's how experts think it should be bridged.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7445
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

CVE-2015-4948
Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

CVE-2015-5660
Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

CVE-2015-6003
Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

CVE-2015-6333
Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio
Archived Dark Reading Radio
In past years, security researchers have discovered ways to hack cars, medical devices, automated teller machines, and many other targets. Dark Reading Executive Editor Kelly Jackson Higgins hosts researcher Samy Kamkar and Levi Gundert, vice president of threat intelligence at Recorded Future, to discuss some of 2016's most unusual and creative hacks by white hats, and what these new vulnerabilities might mean for the coming year.