Russian Hackers New Target: a Vulnerable Democratic Senator

The Russian intelligence agency behind the 2016 election cyberattacks targeted Sen. Claire McCaskill as she began her 2018 re-election campaign in earnest, a Daily Beast forensic analysis reveals. That makes the Missouri Democrat the first identified target of the Kremlins 2018 election interference.

McCaskill, who has been highly critical of Russia over the years, is widely considered to be among the most vulnerable Senate Democrats facing re-election this year as Republicans hope to hold their slim majority in the Senate. In 2016, President Donald Trump defeated Hillary Clinton by almost 20 points in the senators home state of Missouri.

Theres no evidence to suggest that this attempt to lure McCaskill staffers was successful. The precise purpose of the approach was also unclear. Asked about the hack attempt by Russias GRU intelligence agency, McCaskill told The Daily Beast on Thursday that she wasnt yet prepared to discuss it.

Im not going to speak of it right now, she said. I think well have something on it next week. Im not going to speak about it right now. I cant confirm or do anything about it right now.

Recommended For You

Long Tail Pro Special Offer

The best and fastest way to find keywords that will help your website rank in search engines. The Beginner Package includes 20,000 keyword results with complete SERP competition data, Keyword Competitiveness scores for every keyword, and no expiry date!

ConvertProof Pro Yearly

Live conversion proof on your offers brings you more sales and more conversions.

Facebook Remarketing 3.0 Success Kit Upsell

Get this Up-to-date "Facebook Remarketing 3.0 Success Kit PLR" with PLR Rights and start cashing in huge by selling it as your own.

The senator later released a statement asserting that the cyberattack was unsuccessful.

Russia continues to engage in cyber warfare against our democracy. I will continue to speak out and press to hold them accountable, McCaskill said. While this attack was not successful, it is outrageous that they think they can get away with this. I will not be intimidated. Ive said it before and I will say it again, Putin is a thug and a bully.

In August 2017, around the time of the hack attempt, Trump traveled to Missouri and chided McCaskill, telling the crowd to vote her out of office. Just this last week, however, Trump said, on Twitter, that he feared Russians would intervene in the 2018 midterm elections on behalf of Democrats.

In August 2017, around the time of the hack attempt, Trump traveled to Missouri and chided McCaskill, telling the crowd to vote her out of office.

The revelations of the attempted hack of McCaskill staffers comes just weeks after Special Counsel Robert Mueller indicted 12 Russian intelligence officers, accusing them of orchestrating cyberattacks that targeted the Democratic National Committee, the Democratic Congressional Campaign Committee, and Clintons campaign in 2016.

On Friday, Trump is scheduled to chair a meeting of the National Security Council on election vulnerabilities facing the midterm electionsamid persistent criticism, particularly after his Helsinki meeting with Russian President Vladimir Putin, that he isnt taking Russian interference seriously.

The attempt against McCaskills office was a variant of the password-stealing technique used by Russias so-called Fancy Bear hackers against Clintons campaign chairman, John Podesta, in 2016.

The hackers sent forged notification emails to Senate targets claiming the targets Microsoft Exchange password had expired, and instructing them to change it. If the target clicked on the link, he or she was taken to a convincing replica of the U.S. Senates Active Directory Federation Services (ADFS) login page, a single sign-on point for e-mail and other services.

As with the Podesta phishing, each Senate phishing email had a different link coded with the recipient's email address. That allowed the fake password-change webpage to display the users email address when they arrived, making the site more convincing.

In October, Microsoft wrested control of one of the spoofed website addressesadfs.senate.qov.info. Seizing the Russians malicious domain names has been easy for Microsoft since August 2017, when a federal judge in Virginia issued a permanent injunction against the GRU hackers, after Microsoft successfully sued them as unnamed John Doe defendants. The court established a process that lets Microsoft take over any web addresses the hackers use that includes a Microsoft trademark.

Microsoft redirected the traffic from the fake Senate site to its own sinkhole server, putting it in a prime position to view targets trying to click through to change their passwords.

The Daily Beast identified McCaskill as a target while investigating statements made by Microsoft VP Tom Burt last week in an appearance at the Aspen Security Forum. Burton discussed the Virginia injunction, and told the audience that it allowed Microsoft to thwart a phishing campaign against three midterm election candidates, who he declined to name.

We did discover that a fake Microsoft domain had been established as the landing page for phishing attacks, and we saw metadata that suggested those phishing attacks were being directed at three candidates who are all standing for elections in the midterm elections, said Burt, Microsofts corporate vice president for customer security and trust. We took down that domain and working with the government actually were able to avoid anybody being infected by that particular attack.

The most recent domain seizures recorded in the Virginia case took place between August and December of last year, when Microsoft grabbed seven malicious web addresses, including the qov.info address. A report from the security company Trend Micro released in January listed that address and the role it played in a Senate phishing campaign against unnamed targets.

A snapshot of a deep link on the phishing site taken September 26th by a website security scanner showed the fake password-change page with the Senate email address of a McCaskill policy aide on display.

McCaskill has spoken out forcefully against Moscow, likening Russian election-meddling to a form of warfare and calling Putin a thug and a bully.

There is a notable divide between Congress and the Trump administration over the vulnerability of the 2018 election to Russian election interference.

In March, the Senate Intelligence Committee warned state election officials to make cybersecurity a high priority for their election systems, particularly over voter databases, and urged the states to bolster their coordination with the Department of Homeland Security. But the secretary of Homeland Security, Kirstjen Nielsen, appeared earlier this month to downplay the threat. While adversaries and nonstate actors consider U.S. elections a persistent target, Nielsen said there are no indications that Russia is targeting the 2018 U.S. midterms at a scale or scope to match their activities in 2016.

By contrast, Dan Coats, the embattled director of national intelligence, testified in February that Russia considered its 2016 election hacking a success. Putin views the 2018 U.S. midterm elections as a potential target for Russian influence operations, Coats told the Senate intelligence panel. Last week, after being rebuked by Trump beside Putin in Helsinki, Coats reiterated his concern about Russias ongoing, pervasive efforts to undermine our democracy.

Earlier this year, Congress appropriated $380 million, as part of a broader spending package, to individual states for election security. The Senate is currently weighing whether to authorize an additional $250 million in similar grants.

A spokesperson for the Senate Intelligence Committee declined to comment, as did a spokesperson for Mark Warner, the top Democrat on the panel.

McCaskill is one of 10 Senate Democrats facing re-election this year in states that Trump won in 2016. Her likely Republican challenger is Josh Hawley, who currently serves as the states attorney general. Outside groups and campaign committees have spent more than $15.5 million against McCaskill so far.

McCaskill has spoken out forcefully against Moscow, likening Russian election-meddling to a form of warfare and calling Putin a thug and a bully. She was also caught up in the Podesta hack, which was revealed when WikiLeaks released the Clinton campaign chairs private email communications. The document dump showed that McCaskill called Podesta to inform him that she had info about an individual working in the State Departments inspector generals office, which at the time was investigating Clintons private email server. The info was that a top aide at the inspector generals office once worked for a Republican senator, Chuck Grassley of Iowa.

McCaskills criticisms of WikiLeaks stretch back nearly a decade. In 2010, she and Sen. Lindsey Graham (R-S.C.) called for prosecutions of individuals who send classified information to WikiLeaks. Earlier this month, Muellers GRU indictment included Russian intelligence officers who, through the Guccifer2.0 persona, are accused of funnelling the hacked 2016 data to WikiLeaks.

I hope we can find out where this is coming from and go after them with the force of law, she said at the time.

with additional reporting by Spencer Ackerman

Original Article : HERE ; This post was curated & posted using : RealSpecific

Thank you for taking the time to read our article.

If you enjoyed our content, we'd really appreciate some "love" with a share or two.

And ... Don't forget to have fun!

Recommended Products

VideoPal 3 Day Trial

Video Pal is a revolutionary new app that gets you more leads, sales and profits on autopilot. Try VideoPal Risk-Free fo for 3 full days For Just $1!

WP Control App Pro - Unlimited Sites

The Ultimate wordpress management web app. Manage plugins, themes, posts, categories, users, settings, permalinks and many more.

Leave a Reply