The source said the computers were hacked mid-summer by either a foreign government or organization.
Another source, a law enforcement official familiar with the investigation, says federal investigators approached both campaigns with information the U.S. government had about the hacking, and the campaigns then hired private companies to mitigate the problem.
U.S. authorities, according to one of the sources, believe they know who the foreign entity responsible for the hacking is, but refused to identify it in any way, including what country.
The source, confirming the attacks that were first reported by Newsweek, said the sophisticated intrusions appeared aimed at gaining information about the evolution of policy positions in order to gain leverage in future dealings with whomever was elected.
The FBI is investigating, one of the sources confirmed to CNN. The FBI and Secret Service refused comment on the incidents. Watch Brian Todd's report on the investigation. »
The sources refused to speak on the record due to the ongoing investigation and also because it is a sensitive matter involving presidential politics.
As described by a Newsweek reporter with special access while working on a post-campaign special, workers in Obama's headquarters first detected what they thought was a computer virus that was trying to obtain users' personal information.
The next day, agents from the FBI and Secret Service came to the office and said, "You have a problem way bigger than what you understand ... you have been compromised, and a serious amount of files have been loaded off your system."
Another source, a law enforcement official familiar with the investigation, says federal investigators approached both campaigns with information the U.S. government had about the hacking, and the campaigns then hired private companies to mitigate the problem.
U.S. authorities, according to one of the sources, believe they know who the foreign entity responsible for the hacking is, but refused to identify it in any way, including what country.
The source, confirming the attacks that were first reported by Newsweek, said the sophisticated intrusions appeared aimed at gaining information about the evolution of policy positions in order to gain leverage in future dealings with whomever was elected.
The FBI is investigating, one of the sources confirmed to CNN. The FBI and Secret Service refused comment on the incidents. Watch Brian Todd's report on the investigation. »
The sources refused to speak on the record due to the ongoing investigation and also because it is a sensitive matter involving presidential politics.
As described by a Newsweek reporter with special access while working on a post-campaign special, workers in Obama's headquarters first detected what they thought was a computer virus that was trying to obtain users' personal information.
The next day, agents from the FBI and Secret Service came to the office and said, "You have a problem way bigger than what you understand ... you have been compromised, and a serious amount of files have been loaded off your system."
Some computers are too important to be networked
There is a common defensive computing thread in two recent stories.
In the first story, Newsweek reports that both presidential candidates had their campaign computers hacked from afar. As they put it:
The computer systems of both the Obama and McCain campaigns were victims of a sophisticated cyberattack by an unknown "foreign entity," prompting a federal investigation, both the FBI and the Secret Service came to the campaign with an ominous warning: "You have a problem way bigger than what you understand," an agent told Obama's team. "You have been compromised, and a serious amount of files have been loaded off your system." ... Officials at the FBI and the White House told the Obama campaign that they believed a foreign entity or organization sought to gather information... "
The second story involves a former Intel employee who allegedly stole trade secrets. As CNET's Stephanie Condon writes, the employee resigned, yet continued on the Intel payroll for a few weeks (perhaps working off vacation time). During this transition period, he started working for Intel rival AMD, yet he remained in possession of his Intel laptop and still had access to Intel's computer network. The FBI later found him in possession of "top secret" Intel files worth more than $1 billion in research and development costs.
The lesson is clear. If you have really valuable or sensitive files, don't make them remotely accessible. Cut the wire. Some files should never be available off-site.
If this means buying a new computer just to hold really sensitive files, it's money well spent.
A couple years ago, I heard someone from the hacker group 2600 give out this same advice on their radio show, Off The Hook. It made sense back then and makes even more sense now.
Windows passwords are easily hacked. Instead of relying on a Windows password for local physical security, set both a power-on password and, if the computer supports it, a hard disk password. Whole disk encryption is another option, but one that involves much more work to implement.
If you put sensitive files on a laptop computer, then consider storing it in a safe when not in use. If you have a small safe, get a small laptop or a Netbook.
Laptops need more than just cutting the Ethernet wire. To begin with, turn off the Wi-Fi radio (there is probably a switch or a function key for this). If the laptop has Bluetooth, physically turn that off too.
Then, turn off the networking features in the operating system.
On Windows, turn off file sharing for every network adapter and turn off every network protocol. Then, disable all the network adapters.
Finally, disable the underlying Windows services that handle networking. On Windows XP this would be: Wireless Zero Configuration, Server, Computer Browser, Workstation and SSDP Discovery. Then since, the machine will be off-line forever, there are quite a few other Windows XP services that won't be needed and can be disabled: Automatic Updates, Distributed Link Tracking Client, Distributed Transaction Coordinator, Net Logon, NetMeeting Remote Desktop Sharing, Network DDE, Network DDE DSDM, Network Location Awareness (NLA), Network Provisioning Service, Remote Desktop Help Session Manager, Remote Registry and WebClient. The laptop I'm writing this on also has an Infrared Monitor service. I don't know what it's for, but I keep it disabled.
All told, this isn't much work and doesn't involve much expense. Yet, it's great insurance and can leave your sensitive files better defended than those at Intel and each presidential campaign.
In the first story, Newsweek reports that both presidential candidates had their campaign computers hacked from afar. As they put it:
The computer systems of both the Obama and McCain campaigns were victims of a sophisticated cyberattack by an unknown "foreign entity," prompting a federal investigation, both the FBI and the Secret Service came to the campaign with an ominous warning: "You have a problem way bigger than what you understand," an agent told Obama's team. "You have been compromised, and a serious amount of files have been loaded off your system." ... Officials at the FBI and the White House told the Obama campaign that they believed a foreign entity or organization sought to gather information... "
The second story involves a former Intel employee who allegedly stole trade secrets. As CNET's Stephanie Condon writes, the employee resigned, yet continued on the Intel payroll for a few weeks (perhaps working off vacation time). During this transition period, he started working for Intel rival AMD, yet he remained in possession of his Intel laptop and still had access to Intel's computer network. The FBI later found him in possession of "top secret" Intel files worth more than $1 billion in research and development costs.
The lesson is clear. If you have really valuable or sensitive files, don't make them remotely accessible. Cut the wire. Some files should never be available off-site.
If this means buying a new computer just to hold really sensitive files, it's money well spent.
A couple years ago, I heard someone from the hacker group 2600 give out this same advice on their radio show, Off The Hook. It made sense back then and makes even more sense now.
Windows passwords are easily hacked. Instead of relying on a Windows password for local physical security, set both a power-on password and, if the computer supports it, a hard disk password. Whole disk encryption is another option, but one that involves much more work to implement.
If you put sensitive files on a laptop computer, then consider storing it in a safe when not in use. If you have a small safe, get a small laptop or a Netbook.
Laptops need more than just cutting the Ethernet wire. To begin with, turn off the Wi-Fi radio (there is probably a switch or a function key for this). If the laptop has Bluetooth, physically turn that off too.
Then, turn off the networking features in the operating system.
On Windows, turn off file sharing for every network adapter and turn off every network protocol. Then, disable all the network adapters.
Finally, disable the underlying Windows services that handle networking. On Windows XP this would be: Wireless Zero Configuration, Server, Computer Browser, Workstation and SSDP Discovery. Then since, the machine will be off-line forever, there are quite a few other Windows XP services that won't be needed and can be disabled: Automatic Updates, Distributed Link Tracking Client, Distributed Transaction Coordinator, Net Logon, NetMeeting Remote Desktop Sharing, Network DDE, Network DDE DSDM, Network Location Awareness (NLA), Network Provisioning Service, Remote Desktop Help Session Manager, Remote Registry and WebClient. The laptop I'm writing this on also has an Infrared Monitor service. I don't know what it's for, but I keep it disabled.
All told, this isn't much work and doesn't involve much expense. Yet, it's great insurance and can leave your sensitive files better defended than those at Intel and each presidential campaign.
more.......
Foreign hackers infiltrated the networks of John McCain and Barack Obama during the US presidential campaign.
CNN and Newsweek cited sources within both camps as reporting that hackers from an undisclosed foreign location targeted each network over the summer in an attempt to acquire information.
The report did not specify which group or nation was responsible for the attacks, but the target appears to be documents outlining the candidates' policy proposals.
The information would reportedly have been used in future policy negotiations with the winning candidate.
Following the attacks both camps reportedly hired outside consultants to seal up any security flaws, and the FBI and Secret Service are both said to be investigating the incidents.
Hacking for political reasons has emerged in recent years as a companion to traditional espionage. In 2007, Chinese government officials were accused of hacking government sites in the US, France, Germany and the UK.
Russian nationalists have also been thought to use cyber-attacks to supplement their political efforts. In the midst of conflicts with Estonia and Georgia, Russian hackers were said to be masterminding attacks on government and social infrastructure sites.
The report did not specify which group or nation was responsible for the attacks, but the target appears to be documents outlining the candidates' policy proposals.
The information would reportedly have been used in future policy negotiations with the winning candidate.
Following the attacks both camps reportedly hired outside consultants to seal up any security flaws, and the FBI and Secret Service are both said to be investigating the incidents.
Hacking for political reasons has emerged in recent years as a companion to traditional espionage. In 2007, Chinese government officials were accused of hacking government sites in the US, France, Germany and the UK.
Russian nationalists have also been thought to use cyber-attacks to supplement their political efforts. In the midst of conflicts with Estonia and Georgia, Russian hackers were said to be masterminding attacks on government and social infrastructure sites.
No comments:
Post a Comment