How Russia hacked the Democrats email

**bsm2** · 12-15-2020, 03:58 PM

Re: How Russia hacked the Democrats email

Russian intelligence agency hacked into the Department of Homeland Security in addition to the Treasury, Commerce and Defense Departments. U.S. officials were unaware of the breach, which took place in the spring, until last week.

**SalesServiceGuy** · 12-15-2020, 04:21 PM

Re: How Russia hacked the Democrats email

Originally posted by bsm2

Russian intelligence agency hacked into the Department of Homeland Security in addition to the Treasury, Commerce and Defense Departments. U.S. officials were unaware of the breach, which took place in the spring, until last week.

FireEye, a prominent cybersecurity company that was breached in connection with the incident, said in a blog post that other targets included “government, consulting, technology, telecom and extractive entities in North America, Europe, Asia and the Middle East.”

“If it is cyber espionage, then it one of the most effective cyber espionage campaigns we’ve seen in quite some time,” said John Hultquist, FireEye’s director of intelligence analysis.

The cybersecurity unit at Dept of Homeland Security, known as CISA, has been upended by President Donald Trump’s firing of head Chris Krebs after Krebs called the presidential election the most secure in American history. His deputy and the elections chief have also left.

... there are going to be consequences to this. I expect US Cyber Command will give Russia a hard knock sometime soon. Of course, we will never hear about it unless the US wants it to be made public.

**bsm2** · 12-15-2020, 04:26 PM

Re: How Russia hacked the Democrats email

Originally posted by SalesServiceGuy

FireEye, a prominent cybersecurity company that was breached in connection with the incident, said in a blog post that other targets included “government, consulting, technology, telecom and extractive entities in North America, Europe, Asia and the Middle East.”

“If it is cyber espionage, then it one of the most effective cyber espionage campaigns we’ve seen in quite some time,” said John Hultquist, FireEye’s director of intelligence analysis.

The cybersecurity unit at Dept of Homeland Security, known as CISA, has been upended by President Donald Trump’s firing of head Chris Krebs after Krebs called the presidential election the most secure in American history. His deputy and the elections chief have also left.

... there are going to be consequences to this. I expect US Cyber Command will give Russia a hard knock sometime soon. Of course, we will never hear about it unless the US wants it to be made public.

Look for President Biden and NATO Allies to impose severe sanctions on Russia and send a clear message to Putin. Dont F with us again.

**SalesServiceGuy** · 12-15-2020, 09:49 PM

Re: How Russia hacked the Democrats email

Massive suspected Russian hack is 21st century warfare

Avlon: Massive suspected Russian hack is 21st century warfare - CNN Video

CNN's John Avlon breaks down the recent data breach of multiple federal agencies by what US officials suspect are Russian-linked hackers and how President Trump has responded to Russian breaches in the past.

A defense official told CNN that an assessment is still underway to determine what impact there has been, if any, on Department of Defense networks. Acting Defense Secretary Christopher Miller was expected to receive a briefing on the attacks Monday, an official added.

If any defense networks were compromised, US Cyber Command "is postured for swift action," a spokesperson said, adding that they "are in close coordination with our interagency, coalition, industry, and academic partners to assess and mitigate this issue."

As part of its response, the government put into effect Presidential Policy Directive 41, an Obama-era plan for executing a Federal Government response to any cyber incident, whether involving government or private sector entities. For significant cyber incidents, the directive also establishes a plan for coordinating a response between the agencies and it requires the Departments of Justice and Homeland Security to assist entities affected by cyber incidents.

While US officials believe that a Russia-linked entity or Russian individuals are responsible for the attacks, they have not yet finalized their designation on which actors are responsible, a senior administration official said.

**SalesServiceGuy** · 12-15-2020, 09:59 PM

Re: How Russia hacked the Democrats email

Microsoft and industry partners seize key domain used in SolarWinds hack

By seizing the domain, Microsoft and its partners hope to identify all victims, but are also preventing attackers from escalating intrusions in currently infected networks.

Microsoft and industry partners seize key domain used in SolarWinds hack | ZDNet

Microsoft and a coalition of tech companies have intervened today to seize and sinkhole a domain that played a central role in the SolarWinds hack, ZDNet has learned from sources familiar with the matter.

Earlier today, a coalition of tech companies seized and sinkholed avsvmcloud[.]com, transferring the domain into Microsoft's possession.

Sources familiar with today's actions described the takedown as "protective work" done to prevent the threat actor behind the SolarWinds hack from delivering new orders to infected computers.

Even if the SolarWinds hack became public on Sunday, the SUNBURST operators still had the ability to deploy additional malware payloads on the networks of companies that failed to update their Orion apps and still have the SUNBURST malware installed on their networks.

In SEC documents filed on Monday, SolarWinds estimated that at least 18,000 customers installed the trojanized Orion app update and most likely have the first-stage SUNBURST malware on their internal networks.

However, the hackers do not appear to have taken advantage of all these systems and only carried out a handful of carefully-orchestrated intrusions into the networks of high-profile targets.

This was confirmed in a report on Monday from US security firm Symantec, which said that it discovered the SUNBURST malware on the internal networks of 100 of its customers, but it did not see any evidence of second-stage payloads or network escalation activity.

Similarly, Reuters also reported on Monday, confirmed with independent sources by ZDNet, that many companies that installed the trojanized Orion app update did not discover evidence of additional activity and escalation on internal networks, confirming that hackers only went after high-profile targets.

Since Sunday, when the SolarWinds hack came to light, the number of confirmed victims has grown to include:

US cybersecurity firm FireEye
The US Treasury Department
The US Department of Commerce's National Telecommunications and Information Administration (NTIA)
The Department of Health's National Institutes of Health (NIH)
The Cybersecurity and Infrastructure Agency (CISA)
The Department of Homeland Security (DHS)
The US Department of State

Currently, the avsvmcloud[.]com domain redirects to an IP address owned by Microsoft, with Microsoft and its partners receiving beacons from all the systems where the trojanized SolarWinds app has been installed.

This technique, known as sinkholing, is allowing Microsoft and its partners to build a list of all infected victims, which the organizations plan to use to notify all affected companies and government agencies.

"This is not the first time a domain associated with malware has been seized by international law enforcement and even by a provider," ExtraHop CTO Jesse Rothstein told ZDNet in an email, referring to Microsoft's previous takedown and sinkholing efforts against the Necurs and TrickBot botnets.

Current takedown and sinkholing efforts also include representatives for the Federal Bureau of Investigation and the Cybersecurity and Infrastructure Security Agency, looking to find other US government agencies that might have been compromised.

Due to SolarWinds' extensive US government clientele, government officials are treating the SolarWinds compromise as a national security emergency. A day before the SolarWinds breach became public, the White House held a rare meeting of the US National Security Council to discuss the hack and its repercussions.

Indicators of compromise and instructions on how to discover and deal with a SUNBURST malware infection are available from Microsoft, FireEye, and CISA.

**SalesServiceGuy** · 12-16-2020, 07:06 PM

Re: How Russia hacked the Democrats email

An interesting discussion by ex CIA officer Malcolm Nance on the recent cyber attacks on the USA.

Malcolm Nance: We're letting them eat our lunch. - YouTube

**bsm2** · 12-17-2020, 07:34 PM

Re: How Russia hacked the Democrats email

Guess Who's Back
Russia Russia Russia
JOINT STATEMENT BY THE FEDERAL BUREAU OF INVESTIGATION (FBI), THE CYBERSECURITY AND INFRASTRUCTURE SECURITY AGENCY (CISA), AND THE OFFICE OF THE DIRECTOR OF NATIONAL INTELLIGENCE (ODNI)

Joint Statement by the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Office of the Director of National Intelligence (ODNI)

**SalesServiceGuy** · 12-17-2020, 08:26 PM

Re: How Russia hacked the Democrats email

Originally posted by bsm2

Guess Who's Back
Russia Russia Russia
JOINT STATEMENT BY THE FEDERAL BUREAU OF INVESTIGATION (FBI), THE CYBERSECURITY AND INFRASTRUCTURE SECURITY AGENCY (CISA), AND THE OFFICE OF THE DIRECTOR OF NATIONAL INTELLIGENCE (ODNI)

Joint Statement by the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Office of the Director of National Intelligence (ODNI)

The Russians have not been directly connected with this attack yet. It will take awhile for cyber forensics to conclusively identify the attackers but all indications are that this was a Russian attack on US gov't infrastructure. In the world of Cyber warfare it is possible to shift the blame from the originator of the attacker to an innocent 3rd party.

The thought is that Trump has historically been soft to respond to any kind of Russian aggression so in the last days of his Administration now is the best time to attack.

**BillyCarpenter** · 12-17-2020, 08:28 PM

Re: How Russia hacked the Democrats email

The LIE is that Trump has been soft on Russia. The TRUTH is that Obama was soft on Russia....and ISIS, China, Mexico...you name it. Obama is a pussy.

PS - Lest we forget about Iran. Obama was a big, smelly pussy on them. Stunk to high heaven.

**Copier Addict** · 12-17-2020, 10:03 PM

Re: How Russia hacked the Democrats email

Originally posted by BillyCarpenter

The LIE is that Trump has been soft on Russia. The TRUTH is that Obama was soft on Russia....and ISIS, China, Mexico...you name it. Obama is a pussy.

PS - Lest we forget about Iran. Obama was a big, smelly pussy on them. Stunk to high heaven.

Trump practically swooned every time he saw Putin. He admires Putin and wanted to be him.

**BillyCarpenter** · 12-17-2020, 10:06 PM

Re: How Russia hacked the Democrats email

Originally posted by copier addict

Trump practically swooned every time he saw Putin. He admires Putin and wanted to be him.

Stop watching CNN. We know Obama was a pussy on Russia and everyone else. Proof:

**SalesServiceGuy** · 12-17-2020, 10:14 PM

Re: How Russia hacked the Democrats email

If the Russians were behind last weekend's cyber attack on the USA, President Trump has 33 days left to at least make a public statement condemning this attack.

In a political move, President Trump, five weeks ago fired by tweet the head of CISA and his subordinates, responsible for defence of the USA against cyber election attacks, for stating the 2020 elections were successfully completed without any foreign interference.

This effectively created a perfect opportunity for a cyber strike.

**BillyCarpenter** · 12-17-2020, 10:17 PM

Re: How Russia hacked the Democrats email

Originally posted by SalesServiceGuy

If the Russians were behind last weekend's cyber attack on the USA, President Trump has 33 days left in to at least make a public statement condemning this attack.

Hey, bro, remember when Obama was president and he told Russia to "cut it out" over them meddling in the election.

He really told Putin. What a pussy.

**SalesServiceGuy** · 12-17-2020, 10:34 PM

Re: How Russia hacked the Democrats email

The Trump Presidency will end as it began with all roads leading to Putin.

**BillyCarpenter** · 12-17-2020, 10:38 PM

Re: How Russia hacked the Democrats email

Originally posted by SalesServiceGuy

The Trump Presidency will end as it began with all roads leading to Putin.

All roads will lead to trump getting on his private plane and flying him to one of his mansions and you still living in the freezing cold of Canada. Truth.

How Russia hacked the Democrats email

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment