10.132.101.151

Subscribe to our mailing list

What Topic Matters Most To You?
View Privacy Policy

The Top 7 Most Shocking Details From The 2016 Cyber Breach

The typo that doomed the Clinton campaign, the DNC “Help Desk” didn’t know if the FBI was serious, and Obama knew all along…

DNC Hack

The New York Times published a lengthy exposé this week that sought to explain “How Russian cyberpower invaded the U.S.” Check out the top 7 most shocking excerpts from that report below:

1. THE TYPO

Given how many emails Mr. Podesta received through this personal email account, several aides also had access to it, and one of them noticed the warning email, sending it to a computer technician to make sure it was legitimate before anyone clicked on the “change password” button.

“This is a legitimate email,” Charles Delavan, a Clinton campaign aide, replied to another of Mr. Podesta’s aides who had noticed the alert. “John needs to change his password immediately.”

With another click, a decade of emails that Mr. Podesta maintained in his Gmail account — a total of about 60,000 — were unlocked for the Russian hackers. Mr. Delavan, in an interview, said that his bad advice was a result of a typo: He knew this was a phishing attack, as the campaign was getting dozens of them. He said he had meant to type that it was an “illegitimate” email, an error that he said has plagued him ever since.

2. THE (UN)HELP(FUL) DESK

When Special Agent Adrian Hawkins of the Federal Bureau of Investigation called the Democratic National Committee in September 2015 to pass along some troubling news about its computer network, he was transferred, naturally, to the help desk.

Yared Tamene, the tech-support contractor at the D.N.C. who fielded the call, was no expert in cyberattacks. His first moves were to check Google for “the Dukes” and conduct a cursory search of the D.N.C. computer system logs to look for hints of such a cyberintrusion. By his own account, he did not look too hard even after Special Agent Hawkins called back repeatedly over the next several weeks — in part because he wasn’t certain the caller was a real F.B.I. agent and not an impostor.

“I had no way of differentiating the call I just received from a prank call,” Mr. Tamene wrote in an internal memo, obtained by The New York Times, that detailed his contact with the F.B.I.

3. OBAMA KNEW

Mr. Obama was briefed regularly on all this, but he made a decision that many in the White House now regret: He did not name Russians publicly, or issue sanctions. There was always a reason: fear of escalating a cyberwar, and concern that the United States needed Russia’s cooperation in negotiations over Syria.

“We’d have all these circular meetings,” one senior State Department official said, “in which everyone agreed you had to push back at the Russians and push back hard. But it didn’t happen.”

4. NO COUNTER STRIKES

In a series of “deputies meetings” run by Avril Haines, the deputy national security adviser and a former deputy director of the C.I.A., several officials warned that an overreaction by the administration would play into Mr. Putin’s hands.

“If we went to Defcon 4,” one frequent participant in Ms. Haines’s meetings said, using a phrase from the Cold War days of warnings of war, “we would be saying to the public that we didn’t have confidence in the integrity of our voting system.”

5. DNC ACCESS VIA DCCC

During this second wave, the hackers also gained access to the Democratic Congressional Campaign Committee, and then – through a virtual private network connection – to the main computer network of the D.N.C.

The F.B.I. observed this surge of activity as well, again reaching out to Mr. Tamene to warn him. Yet [D.N.C. tech-support contractor Yared] Tamene still saw no reason to be alarmed: He found copies of the phishing emails in the D.N.C.’s spam filter. But he had no reason, he said, to believe that the computer systems had been infiltrated.

6. WATERGATE 2.0

Like another famous American election scandal, it started with a break-in at the D.N.C. The first time, 44 years ago at the committee’s old offices in the Watergate complex, the burglars planted listening devices and jimmied a filing cabinet. This time, the burglary was conducted from afar, directed by the Kremlin, with spear-phishing emails and zeros and ones.

7. FLASHBACK

Their first major attack was detected on Oct. 7, 1996, when a computer operator at the Colorado School of Mines discovered some nighttime computer activity he could not explain. …

Investigators gave it a name — Moonlight Maze — and spent two years, often working day and night, tracing how it hopped from the Navy to the Department of Energy to the Air Force and NASA. In the end, they concluded that the total number of files stolen, if printed and stacked, would be taller than the Washington Monument.

Whole weapons designs were flowing out the door, and it was a first taste of what was to come: an escalating campaign of cyberattacks around the world.