Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

12/12/2016
03:40 PM
Connect Directly
Twitter
LinkedIn
RSS
E-Mail
50%
50%

CIA: Russian Hackers Aimed To Help Trump Win

Intelligence suggests Russia hacked the Republican National Committee but didn't leak its data, a sign experts say is indicative of broader plans to sway US election results.

The CIA is confident Russia's goal was to help Trump win the 2016 US Presidential election, the Washington Post reports.

US officials say intelligence agencies have determined which individuals, who have ties with the Russian government, provided WikiLeaks with hacked emails from the Democratic National Committee.

Officials say these individuals are known within the intelligence community and participants in a broader Russian-driven effort to boost Trump's campaign.

"It is the assessment of the intelligence community that Russia's goal here was to favor one candidate over the other, to help Trump get elected," reported a senior US official who was briefed on an intelligence presentation to US Senators. "That's the consensus view." 

The CIA presented its latest findings to lawmakers last week. Its conclusion is partially based on knowledge that Russians infiltrated the Republican National Committee but didn't leak its data, as it did following a series of attacks on the Democratic National Committee.

Experts are confident the Russians also hacked the RNC. However, Trump dismissed the discovery as "ridiculous" in a recent interview, and the RNC has consistently denied its networks were attacked.

If RNC systems were compromised and no information was released, it prompts some key questions about Russia's role in the election. Security experts have expressed concern for how Russia may be executing on objectives to influence US politics.

"Donald Trump was clearly the candidate in the Presidential race least problematic for Mr. Putin's aggressive foreign policy agenda," says John Herbst, director of the Dinu Patriciu Eurasia Center. "While it would be a stretch to say that Russian hacking gave Mr. Trump the election, it seems clear that it was designed to undermine Ms. Clinton and to enhance his chance of winning."

In the months leading up to Election Day, Russian nation-state hackers targeted the DNC and shared its documents via WikiLeaks, intelligence agencies confirmed. As campaigns came to a close, hackers reportedly associated with Russia targeted Hillary Clinton's campaign staffers with a series of phishing emails.

The DNC was able to catch bad actors with the help of security firm CrowdStrike, which implemented endpoint technology to monitor network activity.

"[We] were able to watch everything that the adversaries were doing while we were working on a full remediation plan to remove them from the network," explains CrowdStrike co-founder and CTO Dmitri Alperovitch.

President Obama has responded to the attacks on Democratic party websites with an order for US intelligence agencies to conduct a review of attacks related to the 2016 election. The goal is to understand what happened, take action, and share lessons learned with stakeholders.

It's a tall but important order, especially if foreign actors can exert this amount of control over a US election.

"US intelligence and law enforcement agencies have seen mounting evidence of an active Russian influence operation in the outcome of the 2016 US presidential election through cyber hacking and tampering," says Chenxi Wang, Ph.D., chief strategy officer at Twistlock.

Wang describes how this is "our new cyber reality" in which hacking and counter-hacking, whether for political or financial gain, is commonplace. This carries tremendous implications for a future of "digital weaponry" in which data may not be trusted.

"If we cannot trust the validity of electronic records (e.g., voting records), or if data is made to selectively favor one candidate vs. another, then it could very well threaten the foundation of our everyday lives," she explains. 

Wang, as well as government officials, says it's time for security officials to develop stronger defenses to address these risks.

"For years, foreign adversaries have directed cyberattacks at America's physical, economic, and military infrastructure, while stealing our intellectual property," reported the United States Senate Committee on Armed Services in a joint statement issued Dec. 11.

"Congress's national security committees have worked diligently to address the complex challenge of cybersecurity, but recent events show that more must be done," the Committee said.

Related Content:

Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance & Technology, where she covered financial ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
.osiris
20%
80%
.osiris,
User Rank: Strategist
12/13/2016 | 4:20:45 AM
Re: .wallet virus
Trump doesn't trust his own intelligence service. What would be next? He will use KGB reports to build foreign policy?
Chip Munk
83%
17%
Chip Munk,
User Rank: Strategist
12/13/2016 | 6:26:11 AM
Resurrection of McCarthyism
The Russians are trying to influence the affairs of foreign governments, you say? Hmm... Say, THAT'S new!

Not.

Oh, for a free, objective, critically-thinking press!

We're expected to believe that Vladmir Putin put zombie serum in the wells of flyover country, creating lemmings in overalls to trudge mindlessly to the polls for reasons they knew not.

The Democrats lost the presidential election because they supported a horrible candidate with a decades-long history of corruption. Find one person who changed their mind becausde of Wikileaks. Good luck.

And if the government knew or suspected that that the commies were trying to throw the election BEFORE November 8 (as they claim), why did they wait until AFTER the election to start this narrative?

This is a classic case of fake news.
ZibbyN792
100%
0%
ZibbyN792,
User Rank: Apprentice
12/13/2016 | 9:03:10 AM
Re: Resurrection of McCarthyism
When has a foreign power not wanted to influence US presidential elections?  It find it amusing that the democrat objections stem from the dirty underwear being put on display not that there was dirty underwear to begin with, they're sorry, and won't behave in such fashion in the future.
nosmo_king
0%
100%
nosmo_king,
User Rank: Strategist
12/13/2016 | 11:43:39 AM
Re: Resurrection of McCarthyism
How charmingly naive of you.

Vlad Putin is the former head of the FSB and cyber spying is the FSBs bread and butter.

Trump is so stupid that when Putin called him "brilliant" he took it to mean smart, and the Russian word Putin used does not mean that at all, it means colouful. It is the same put down he uses to describe homosexuals.

Of course Putin wants a bloated, self-sefving ignoramus like Trump as president. Putin won't even have to say anything, trump will be so busy fighting an all-out trade war with China within 3 months that Russia will be able to do as it sees fit.

Fake news that.
nosmo_king
0%
100%
nosmo_king,
User Rank: Strategist
12/13/2016 | 11:43:40 AM
Re: Resurrection of McCarthyism
How charmingly naive of you.

Vlad Putin is the former head of the FSB and cyber spying is the FSBs bread and butter.

Trump is so stupid that when Putin called him "brilliant" he took it to mean smart, and the Russian word Putin used does not mean that at all, it means colouful. It is the same put down he uses to describe homosexuals.

Of course Putin wants a bloated, self-sefving ignoramus like Trump as president. Putin won't even have to say anything, trump will be so busy fighting an all-out trade war with China within 3 months that Russia will be able to do as it sees fit.

Fake news that.
nosmo_king
29%
71%
nosmo_king,
User Rank: Strategist
12/13/2016 | 11:43:44 AM
Re: Resurrection of McCarthyism
How charmingly naive of you.

Vlad Putin is the former head of the FSB and cyber spying is the FSBs bread and butter.

Trump is so stupid that when Putin called him "brilliant" he took it to mean smart, and the Russian word Putin used does not mean that at all, it means colouful. It is the same put down he uses to describe homosexuals.

Of course Putin wants a bloated, self-sefving ignoramus like Trump as president. Putin won't even have to say anything, trump will be so busy fighting an all-out trade war with China within 3 months that Russia will be able to do as it sees fit.

Fake news that.
Wallet
50%
50%
Wallet,
User Rank: Apprentice
12/15/2016 | 5:48:47 AM
Re: Resurrection of McCarthyism
Totally agree, This is the way how big politics is made when you've got a professional paranoic spy as a president of the country with nuclear weapon. I really can't understand why they are still not isolated like North Korea.
rayray2016
50%
50%
rayray2016,
User Rank: Apprentice
12/13/2016 | 12:58:48 PM
rayray2016
50%
50%
rayray2016,
User Rank: Apprentice
12/13/2016 | 1:00:17 PM
The Fat Diminisher Reviewsx
This is a very good read up
rayray2016
50%
50%
rayray2016,
User Rank: Apprentice
12/13/2016 | 1:00:48 PM
Diabetes Destroyer Reviewsx
I dont really beleive any hacker tried to help trump
rayray2016
50%
50%
rayray2016,
User Rank: Apprentice
12/13/2016 | 1:01:26 PM
The Fat Diminisher Reviewsx
This is a very good read up
rayray2016
100%
0%
rayray2016,
User Rank: Apprentice
12/13/2016 | 1:01:30 PM
Diabetes Destroyer Reviewsx
I dont really beleive any hacker tried to help trump
rayray2016
50%
50%
rayray2016,
User Rank: Apprentice
12/13/2016 | 9:33:31 PM
Twenty Motion
awesome stuff
Commentary
Ransomware Is Not the Problem
Adam Shostack, Consultant, Entrepreneur, Technologist, Game Designer,  6/9/2021
Edge-DRsplash-11-edge-ask-the-experts
How Can I Test the Security of My Home-Office Employees' Routers?
John Bock, Senior Research Scientist,  6/7/2021
News
New Ransomware Group Claiming Connection to REvil Gang Surfaces
Jai Vijayan, Contributing Writer,  6/10/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This gives a new meaning to blind leading the blind.
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-27479
PUBLISHED: 2021-06-16
ZOLL Defibrillator Dashboard, v prior to 2.2,The affected product’s web application could allow a low privilege user to inject parameters to contain malicious scripts to be executed by higher privilege users.
CVE-2021-27483
PUBLISHED: 2021-06-16
ZOLL Defibrillator Dashboard, v prior to 2.2,The affected products contain insecure filesystem permissions that could allow a lower privilege user to escalate privileges to an administrative level user.
CVE-2021-27485
PUBLISHED: 2021-06-16
ZOLL Defibrillator Dashboard, v prior to 2.2,The application allows users to store their passwords in a recoverable format, which could allow an attacker to retrieve the credentials from the web browser.
CVE-2021-31159
PUBLISHED: 2021-06-16
Zoho ManageEngine ServiceDesk Plus MSP before 10519 is vulnerable to a User Enumeration bug due to improper error-message generation in the Forgot Password functionality, aka SDPMSP-15732.
CVE-2021-31857
PUBLISHED: 2021-06-16
In Zoho ManageEngine Password Manager Pro before 11.1 build 11104, attackers are able to retrieve credentials via a browser extension for non-website resource types.