Russian Phishing Techniques – How did they get caught?

 

On Friday, July 13, Special Counsel Robert Mueller, as part of his investigation into interference with the 2016 presidential election, charged 12 Russian military intelligence officers with conducting “large-scale cyber operations to interfere with the 2016 U.S. presidential election.” The indictment contains a surprising amount of technical information about alleged Russian cyberattacks against a range of U.S. political targets, including the Democratic Congressional Campaign Committee, the Democratic National Committee, members of Hillary Clinton’s presidential campaign, the Illinois (probably) State Board of Elections, and an American election vendor, apparently VR Systems, and its government customers.

Russian officers took steps to anonymize their hacking and infrastructure, according to the Mueller indictment, trying to leave no trace of their identity as they rented servers, registered internet domain names, and set up accounts for email, Twitter, and other uses. But they didn’t do the best job compartmentalizing this infrastructure. This allowed Mueller’s team to confirm that the same people were behind a number of ostensibly distinct operations: DCLeaks, Guccifer 2.0, the spear-phishing campaign, and the hacks of the DCCC and DNC networks.

{Read the full article here}

Leave a Reply

Your email address will not be published.