Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

7/29/2016
12:00 PM
50%
50%

DNC Leak: US Intel Chief Says It's Too Soon To Attribute Blame

James Clapper suggests the email leak was an act by a nation-state and not some hacking group.

US National Intelligence chief James Clapper has said authorities did not want to attribute blame of Democratic National Convention (DNC) email leak yet, reports Reuters. His statement comes in the wake of allegations by US officials that evidence appeared to implicate Russia.

"We don’t know enough to ascribe motivation," said Clapper at the Aspen Security Forum. "Was this just to stir up trouble, or was this ultimately to try to influence an election? That’s a serious proposition." He did, however, indicate it was likely the work of a nation-state and not independent groups.

The emails leaked had caused a furor over DNC’s preference for Hillary Clinton over Bernie Sanders as presidential candidate.

Clapper also voiced concerns over Republican Donald Trump’s rhetoric on US overseas alliances, saying it was a cause for worry to the nation’s foreign partners.

Read details on Reuters

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
GonzSTL
50%
50%
GonzSTL,
User Rank: Ninja
8/1/2016 | 8:43:24 AM
Re: Coincides with my previous statement
We all know how expensive political campaigns can be. Campaign staff are usually comprised of political folks close to the candidate, and not necessarily looking all all aspects of the campaign, notably their information infrastructure. As with industry, infosec likely takes a back seat in the budgeting process. It is almost laughable to think that the DNC would provide this protection, given their candidate's recent debacle with email confidentiality. One would think that the other party however, would likely offer a bit more protection with their candidate more knowledgeable in business matters where all aspects of infrastructure are considered, and hopefully surrounding himself with not just political staff, but also business folks. I guess time will tell, because as you pointed out, most don't act until they themselves get burned. That is an axiom that makes infosec folks uncomfortable.
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
7/31/2016 | 9:29:58 PM
Re: Coincides with my previous statement
Very good point. I would hope the RNC would learn from the event at the DNC less it happen to them in the future. But then again, I've seen first hand that most don't act until they themselves get burnt.
GonzSTL
50%
50%
GonzSTL,
User Rank: Ninja
7/29/2016 | 2:42:37 PM
Re: Coincides with my previous statement
There are really two issues at hand. First, the method and motive - although at some point in time it will be possible to attribute the breach/leak actors and their methods, it will be difficult to pin a motive short of a confession. At best, an educated guess will result. Second, the exposure resulting from the leak. Although it is difficult to have an end justify the means, the more important message gleaned is that a major political party disenfranchised 13 million or so voters. That, coming from the party that claims the other political party disenfranchises voters is certainly disingenuous. It does not end there. Now, there appears to be collusion between a political party and news media. People get their news from the media, but how genuine or trustworthy is that news if it is seriously influenced or even shaped by a political party? Although this is not Nazi Germany with Goebbels at the helm of their propaganda machine ... it does resemble it, just with different actors. Here is a more important question - was it a good or bad thing that the leak occurred, when it sheds light on an organization's activities? If so, how is that different from officials "hacking" into data sources to reveal their contents, in the interest of national security, knowing that the leak was a result of a hack (case in point, FBI and terrorist iPhones)? In these cases, there are blurred lines when attempting to define good and bad.

One thing is certain - the DNC is now a richer target environment because there is now a known trove of "juicy information", so they had better be on their toes. Additionally, the RNC should be increasingly alert because their opponents will be searching for their "juicy information" to counterbalance that which was exposed about the DNC. A digital information war by proxy, as it were.
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
7/29/2016 | 1:58:57 PM
Re: Coincides with my previous statement
I agree that another dump of emails will most likely occur soon. As for there not being a motive I would find that difficult to believe in this case. For a cause such as a cyber threat or hack there is normally an effect that the hacker is trying to achieve.
theb0x
100%
0%
theb0x,
User Rank: Ninja
7/29/2016 | 1:43:26 PM
Re: Coincides with my previous statement
There doesn't necessarily have to be a motive. We all know the level of corruption there is within these organizations based on what has been exposed. I am predicting another dump of emails soon. This is just the surface...
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
7/29/2016 | 1:06:17 PM
Coincides with my previous statement
This coincides with a previous statement I made for the quick hit "Russia Likely behind DNC Breach says FBI." (I tried linking the article but the post window would not accept it.)


There haven't been enough parameters defined to assess motive.
COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/6/2020
Ripple20 Threatens Increasingly Connected Medical Devices
Kelly Sheridan, Staff Editor, Dark Reading,  6/30/2020
DDoS Attacks Jump 542% from Q4 2019 to Q1 2020
Dark Reading Staff 6/30/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-15350
PUBLISHED: 2020-07-07
RIOT 2020.04 has a buffer overflow in the base64 decoder. The decoding function base64_decode() uses an output buffer estimation function to compute the required buffer capacity and validate against the provided buffer size. The base64_estimate_decode_size() function calculates the expected decoded ...
CVE-2019-19935
PUBLISHED: 2020-07-07
Froala Editor before 3.0.6 allows XSS.
CVE-2020-11882
PUBLISHED: 2020-07-07
The O2 Business application 1.2.0 for Android exposes the canvasm.myo2.SplashActivity activity to other applications. The purpose of this activity is to handle deeplinks that can be delivered either via links or by directly calling the activity. However, the deeplink format is not properly validated...
CVE-2020-15028
PUBLISHED: 2020-07-07
NeDi 1.9C is vulnerable to a cross-site scripting (XSS) attack. The application allows an attacker to execute arbitrary JavaScript code via the Topology-Map.php xo parameter.
CVE-2020-15029
PUBLISHED: 2020-07-07
NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The application allows an attacker to execute arbitrary JavaScript code via the Assets-Management.php sn parameter.