Page 3 - Cyber Warnings
P. 3
Who Hacked the DNC and What’s the Lesson for You and Me?
Friends,
There have been so many breaches as of late (remember nearly 300M
records stolen last month, alone) that it seems any group with important
information, including emails of a political organization, can easily become a
target.
According to numerous sources, the malware used in the Democratic
National Party (DNC) email breach was created by a group known as APT 29
and the malware used is called HammerToss – both of Russian origins.
Does this mean it was the Russian government? Probably not. Really smart ‘hacktivists’ (maybe those
who are pro-Bernie Sanders) might have been so upset with what they are calling a “rigged” system in the
USA, that they could have re-used this malware and rented servers in Russia, pointing at the Russian
government or APT 29 when it might have been US-based hackers. Time will tell. What’s interesting to
me, as an INFOSEC professional, is the new methods that cyber criminals have come up with to hack. I
remember recently reading how the Israeli government developed ‘eavesdropping’ software that secretly
causes the fan speed of the cooling fan on the power supply to speed up and slow down, just enough to
be audible and each change is a different bit of data (see my related
article: http://www.cyberdefensemagazine.com/fansmitter-exfiltrating-data-from-air-gapped-devices-via-
fan-noises/ at CDM).
Now, we’re looking at malware that is a remote access Trojan (RAT), nothing new here, right? We’ll,
actually, it brilliantly uses TWITTER to transmit the stolen information and allows for remote control. Most
firewalls are not blocking traffic to and from social media outlets – especially political groups like the
DNC. Therefore, having the ability to control malware remotely and steal information, such as thousands
of emails, all through a social media platform as ‘cover’ is brilliant. This is just the beginning.
It seems to me, now is the time, more than ever, to heed @Miliefsky consistent warnings about how
STRONG ENCRYPTION is good for any nations security and helps people reclaim their privacy. The
message from the DNC experience is simple – you will be hacked, the data will be stolen so why not
make it difficult to parse or read the information by leveraging strong encryption? There are so many free
and powerful open source encryption tools from OpenPGP to OpenSSL, Stunnel, OpenCA and much
more. Do some research on best email encryption tools, best hard drive encryption tools, best file
encryption tools and you might be one step ahead of the next attacker. Yes, they will get in, but no, they
won’t be able to leverage the data without having both the public and private keys. Keep them safe and
you’re being more vigilant than the DNC or any other group with valuable data waiting to be stolen.
Read on and learn more best practices in INFOSEC in this month’s edition of Cyber Warnings.
To our faithful readers, Enjoy
Pierluigi Paganini
Pierluigi Paganini, Editor-in-Chief, [email protected]
3 Cyber Warnings E-Magazine – July 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
