The information security community is abuzz about the DHS/FBI Joint Analysis Report which was published on December 29th, 2016. The report investigates if Russia interfered with the U.S. election process through hacks on the Democratic National Committee, the Democratic Congressional Campaign Committee, and Clinton Campaign Chief John Podesta. All you need to know in the report is the first 3 pages.
The reporting is very lacking and more than half of it are actionable recommendations for future reference. It does reveal that the largest vulnerable attack target is the people, through spearphishing campaigns. I can almost guarantee that the majority of companies will have the take away that more money is needed in technical safeguards and not focus on the education of people to identify and report phishing attacks. Though it’s clearly identified that attackers were able to phish their targets, social engineer them to use a fraudulent password changing service to harvest credentials, the report does not list educating their staff as the number 1 mitigation strategy.
Did Russia do it? Quite possibly… Was it the Russian Federal Security Service? Not 100% sure.
Read more
- https://blog.knowbe4.com/russia-hacking-america-started-with-phishing-attacks
- https://www.bloomberg.com/news/articles/2016-12-30/russia-s-grizzly-steppe-cyberattacks-started-simply-u-s-says
- http://arstechnica.com/security/2016/12/did-russia-tamper-with-the-2016-election-bitter-debate-likely-to-rage-on/
- http://nymag.com/selectall/2016/12/what-is-grizzly-steppe-fancy-bear-and-the-dnc-hack.html