National: Hackers are putting U.S. election at risk | Bruce Schneier/CNN

Russia has attacked the U.S. in cyberspace in an attempt to influence our national election, many experts have concluded. We need to take this national security threat seriously and both respond and defend, despite the partisan nature of this particular attack. There is virtually no debate about that, either from the technical experts who analyzed the attack last month or the FBI which is analyzing it now. The hackers have already released DNC emails and voicemails, and promise more data dumps. While their motivation remains unclear, they could continue to attack our election from now to November — and beyond. Like everything else in society, elections have gone digital. And just as we’ve seen cyberattacks affecting all aspects of society, we’re going to see them affecting elections as well. What happened to the DNC is an example of organizational doxing — the publishing of private information — an increasingly popular tactic against both government and private organizations. There are other ways to influence elections: denial-of-service attacks against candidate and party networks and websites, attacks against campaign workers and donors, attacks against voter rolls or election agencies, hacks of the candidate websites and social media accounts, and — the one that scares me the most — manipulation of our highly insecure but increasingly popular electronic voting machines.

National: FBI probes hacking of Democratic congressional group – sources | Reuters

The FBI is investigating a cyber attack against another U.S. Democratic Party group, which may be related to an earlier hack against the Democratic National Committee, four people familiar with the matter told Reuters. The previously unreported incident at the Democratic Congressional Campaign Committee, or DCCC, and its potential ties to Russian hackers are likely to heighten accusations, so far unproven, that Moscow is trying to meddle in the U.S. presidential election campaign to help Republican nominee Donald Trump. Hacking of the party’s emails caused discord among Democrats at the party’s convention in Philadelphia to nominate Hillary Clinton as its presidential candidate. The newly disclosed breach at the DCCC may have been intended to gather information about donors, rather than to steal money, the sources said on Thursday.

Editorials: After DNC hack, the case for paper ballots | Glenn Reynolds/USA Today

Somebody — probably, though not certainly, Vladimir Putin’s intelligence apparatus — has hacked the Democratic Committee’s email servers and released some of what it found via the Wikileaks site. As Harvard law professor Jack Goldsmith notes, this is something new: Although meddling in foreign elections is old stuff for intelligence agencies (including our own), this sort of email release is unprecedented. As disruptive as the DNC email release has been, there’s room for something much worse: A foreign government could hack voting machines, shut down election computers, or delete or alter voter registration information, turning Election Day into a snarled mess and calling the results into question regardless of who wins. Worse yet, hackers are already working on this. Voting systems rely on trust. Voters have to trust that their own vote is recorded and counted accurately; they also have to trust that the overall count is accurate, and that only eligible voters are allowed to vote. (When an ineligible voter casts a vote, it cancels out the vote of a legitimate voter every bit as much as if his or her ballot had simply been shredded.) The problem is that electronic systems — much less the Internet-based systems that some people are talking about moving to — can’t possibly provide that degree of reliability. They’re too easy to hack, and alterations are too easy to conceal. If the powers-that-be can’t protect confidential emails, or government employees’ security information, then they can’t guarantee the sanctity of voting systems.

Editorials: Did Putin Try to Steal an American Election? | Nicholas Kristof/The New York Times

Some foreign leaders settle for stealing billions of dollars. Russia’s president, Vladimir Putin, may have wanted to steal something even more valuable: an American presidential election. As our election takes a turn that could be drawn from a Cold War spy novel (except it would be too implausible), Putin has an obvious favorite in the race: Donald Trump. “It’s crystal clear to me” that Putin favors Trump, says Michael McFaul, a Stanford professor who was ambassador to Russia until 2014. “If I were Putin, I would rather deal with Trump, too, given the things he has said about foreign policy.” Look, Democratic Party leaders exchanged inappropriate emails showing bias for Hillary Clinton over Bernie Sanders, and a hacker’s disclosure has properly triggered a ruckus. But that scandal pales beside an effort apparently by a foreign dictatorship to disrupt an American presidential election. It also seems scandalous to me that Trump on Wednesday effectively invited Russia to hack into Clinton’s computers for deleted emails from when she was secretary of state, saying at a press conference, “Russia, if you’re listening, I hope you’re able to find the 30,000 emails that are missing.” Yes, Trump is entertaining. But increasingly, the antonym of “gravitas” is “Trump.” Clinton could have responded by inviting Russia to hack into Trump’s computers and release his tax returns; she didn’t because the hack would be illegal and her plea would be unpresidential.

National: Trump Asks Russia to Dig Up Hillary’s Emails in Unprecedented Remarks | Wired

Donald Trump’s Schadenfreude in the DNC’s embarrassing email leak is standard practice in America’s messy electoral politics. Today, though, his casual request that Russian hackers dig up Hillary Clinton’s emails—sent while she was U.S. Secretary of State—for his own political gain has sparked a new level of outrage among cybersecurity experts. As the controversy continues to swirl around a likely-Russian hack of the Democratic National Committee, Trump responded to a reporter’s question at a press conference Wednesday by inviting Russia to do him another favor: collect and leak the emails that Clinton deleted from the private server she ran during her time as Secretary of State. “Russia, if you’re listening, I hope you’re able to find the 30,000 emails that are missing. I think you’ll be rewarded mightily by our press,” he said. He later circled back to the same theme, telling reporters that “If Russia or China or any other country has those emails, to be honest with you, I’d love to see them.” Some have dismissed the comment as a joke, though his repetition of the request seemed sincere. Either way, Trump’s comments represent a dangerous first, according to amazed members of the cybersecurity community: A politician actively soliciting political help from foreign government hackers.

National: Spy Agency Consensus Grows That Russia Hacked D.N.C. | The New York Times

American intelligence agencies have told the White House they now have “high confidence” that the Russian government was behind the theft of emails and documents from the Democratic National Committee, according to federal officials who have been briefed on the evidence. But intelligence officials have cautioned that they are uncertain whether the electronic break-in at the committee’s computer systems was intended as fairly routine cyberespionage — of the kind the United States also conducts around the world — or as part of an effort to manipulate the 2016 presidential election. The emails were released by WikiLeaks, whose founder, Julian Assange, has made it clear that he hoped to harm Hillary Clinton’s chances of winning the presidency. It is unclear how the documents made their way to the group. But a large sampling was published before the WikiLeaks release by several news organizations and someone who called himself “Guccifer 2.0,” who investigators now believe was an agent of the G.R.U., Russia’s military intelligence service.

National: DNC Seeks Dismissal of Lawsuit Alleging Donor Deception | Wall Street Journal

Claims that Democratic Party leaders conspired to squash the presidential primary campaign of Sen. Bernie Sanders have not only led to a party shake-up but have sparked class-action litigation. A trove of hacked party emails posted by WikiLeaks show that Democratic National Committee officials had worked to undermine the underdog campaign of Mr. Sanders. Weeks before the firestorm erupted, culminating in the resignation of party chief Debbie Wasserman Schultz, a group of plaintiffs brought a lawsuit in federal court alleging that DNC “actively concealed its bias” from its donors and Democrats backing Mr. Sanders. The plaintiffs, about 150 of whom are identified in the lawsuit, are mostly Sanders supporters and include a number of DNC donors.

Estonia: Cyber threats prompt Estonia to set up UK data centre | Financial Times

Fearful of Russian cyber attack or invasion, the Baltic state of Estonia is planning to make a virtual copy of itself — in Britain.
Negotiations are under way between Tallinn and London for Estonia to back up terabytes of data — everything from birth records and the electoral roll to property deeds, banking credentials and the entire government bureaucracy — to deposit in a secure location in the UK, according to Estonian officials. Estonia already uses its embassies abroad to house servers to safeguard copies of government files. But amid an escalation of tensions with Moscow and growing concerns about cyber attacks from its eastern neighbour, Tallinn is now planning a far more ambitious set of contingency measures. It is a project that speaks to anxieties in the region, as well as the nature of statehood itself — and war — in an increasingly digitised world. “We have a very aggressive neighbour and we need to be sure that whatever happens to our territory in the future, Estonia can survive,” said Taavi Kotka, the government’s cyber chief. “In Estonia we already vote over the internet, we pay taxes over the internet — there’s almost nothing now we don’t do digitally.”

Russia: In D.N.C. Hack, Echoes of Russia’s New Approach to Power | The New York Times

Of the questions raised by charges that Russia was involved in the release of hacked Democratic National Committee emails, at least one — why would Russia do such a thing? — can be answered with a little-noticed but influential 2013 Russian military journal article. “The very rules of war have changed,” Gen. Valery V. Gerasimov, the chief of the general staff, wrote in the Military-Industrial Courier. The Arab Spring, according to General Gerasimov, had shown that “nonmilitary means” had overtaken the “force of weapons in their effectiveness.” Deception and disinformation, not tanks and planes, were the new tools of power. And they would be used not in formally declared conflicts but within a vast gray between peace and war. Those ideas would appear, the next year, in Russia’s formal military doctrine. It was the culmination of a yearslong strategic reorientation that has remade Russian power, in response to threats both real and imagined, into the sort of enterprise that could be plausibly accused of using cyberattacks to meddle in an American presidential election. Like so many military rethinks, what became known as the Gerasimov Doctrine began as an effort to solve a seemingly urgent problem.

National: Behind Democrats’ email leak, U.S. experts see a Russian subplot | Reuters

If the Russian government is behind the theft and release of embarrassing emails from the Democratic Party, as U.S. officials have suggested, it may reflect less a love of Donald Trump or enmity for Hillary Clinton than a desire to discredit the U.S. political system. A U.S. official who is taking part in the investigation said that intelligence collected on the hacking of Democratic National Committee (DNC) emails released by Wikileaks on Friday “indicates beyond a reasonable doubt that it originated in Russia.” The timing on the eve of Clinton’s formal nomination this week for the Nov. 8 presidential election has raised questions about whether Russia may have been trying to hurt her, to help Trump, her Republican rival, or to fan populist sentiment against establishment politicians as it has sought to do across Europe in recent years.

National: Database Of All US Voters Available For Sale At $7,800 On The Dark Web | TechWorm

In recent times, all data breaches that are taking place are finding its way to the principal black market known as ‘Dark Web’. One can easily find any kind of data that they are looking for here. It is now learnt that a hacker is trying to sell a database that supposedly contains registration records for voters in all 50 US states, Tech Insider reported. A seller using the pseudonym of ‘DataDirect’ is offering US voters’ registration records on the dark net marketplace “The Real Deal.” The Real Deal, a popular site many cyber criminals use for buying and selling everything from illegal drugs to zero-day software exploits. The seller is offering US voters’ records for each state at 0.5 BTC (around USD 340). The seller is also ready to offer the records at a “bulk rate” of 12 Bitcoin, or about $7,800. “US voter registration records. Selling the DB on a State-by-State basis. 0.5 BTC per state (you must tell me which State you want. Some people think it’s unfair to make each State cost the same amount because some States are much bigger than others. I think it’s just easier this way.” states the item description.

Editorials: What is Old, and New, and Scary in Russia’s Probable DNC Hack | Jack Goldsmith/Lawfare

While there is nothing new in one nation using its intelligence services to try to influence an election in another, doing so by hacking into a political party’s computers and releasing their emails does seem somewhat new. The combination of pilfering sensitive information and then “weaponiz[ing] Wikileaks” or some similar organization will surely recur. The possibilities do not end there. Foreign governments could “hack a voting machine,” “shut down the voting system or election agencies,” “delete or change election records,” “hijack a candidate’s website,” “dox[] a candidate,” “and target campaign donors.” (See also here.)

Wisconsin: Election Commission Working To Fix Voter Website Glitches | Green Bay Press-Gazette

Barely two weeks before the next statewide election day, the people who run Wisconsin’s new voting information website are making last-minute changes in an effort to ensure that the site does what it says it will. The month-old site, MyVote.Wi.Gov, was undergoing updates and outright fixes Friday afternoon in advance of the Aug. 9 primaries. And upgrades are likely to continue this week, State Elections Commission officials said. The biggest Friday fix repaired a glitch that made it so no one in Green Bay could look up his or her polling place via the site. Officials with the Elections Commission worked with the Green Bay City Clerk’s Office to solve the problem after being alerted by a USA TODAY NETWORK-Wisconsin reporter that part of the site wasn’t working for anyone with a Green Bay address.

Editorials: Putin’s suspected meddling in a U.S. election would be a disturbing first | The Washington Post

Credit for the internecine furor that disrupted the Democratic Party on the eve of its convention should go to Vladimir Putin. As The Post has reported, cybersecurity experts say Russian intelligence operatives were likely responsible for the hacking of the Democratic National Committee’s computer network, as well as for leaking to the Moscow-friendly WikiLeaks website some 20,000 emails. The trove appeared online Friday, just in time to create discord between supporters of Hillary Clinton and Bernie Sanders as they headed to Philadelphia. To no one’s surprise, the emails showed that DNC staffers opposed the attempt of the socialist Mr. Sanders to take over the party. Chair Debbie Wasserman Schultz was forced to announce her resignation, and — as Russia likely intended — Ms. Clinton’s campaign took a hit. Mr. Putin’s regime has tried to intervene in the internal politics of numerous European countries, from Ukraine and Moldova to Italy and France. But the evident attempt to meddle in a U.S. presidential election is a first. That may reflect the reckless aggressiveness Mr. Putin has embraced in foreign affairs since returning to the presidency in 2012. It likely also reveals Moscow’s judgment that it stands to reap a geopolitical windfall if Donald Trump is elected president.

National: As Democrats Gather, a Russian Subplot Raises Intrigue | The New York Times

An unusual question is capturing the attention of cyberspecialists, Russia experts and Democratic Party leaders in Philadelphia: Is Vladimir V. Putin trying to meddle in the American presidential election? Until Friday, that charge, with its eerie suggestion of a Kremlin conspiracy to aid Donald J. Trump, has been only whispered. But the release on Friday of some 20,000 stolen emails from the Democratic National Committee’s computer servers, many of them embarrassing to Democratic leaders, has intensified discussion of the role of Russian intelligence agencies in disrupting the 2016 campaign. The emails, released first by a supposed hacker and later by WikiLeaks, exposed the degree to which the Democratic apparatus favored Hillary Clinton over her primary rival, Senator Bernie Sanders of Vermont, and triggered the resignation of Debbie Wasserman Schultz, the party chairwoman, on the eve of the convention’s first day. Proving the source of a cyberattack is notoriously difficult. But researchers have concluded that the national committee was breached by two Russian intelligence agencies, which were the same attackers behind previous Russian cyberoperations at the White House, the State Department and the Joint Chiefs of Staff last year. And metadata from the released emails suggests that the documents passed through Russian computers. Though a hacker claimed responsibility for giving the emails to WikiLeaks, the same agencies are the prime suspects. Whether the thefts were ordered by Mr. Putin, or just carried out by apparatchiks who thought they might please him, is anyone’s guess.

National: Clinton campaign — and some cyber experts — say Russia is behind email release | The Washington Post

A top official with Hillary Clinton’s campaign on Sunday accused the Russian government of orchestrating the release of damaging Democratic Party records in order to help the campaign of Republican Donald Trump — and some cyber security experts in the U.S. and overseas agree. The extraordinary charge came as some national security officials have been growing increasingly concerned about possible efforts by Russia to meddle in the election, according to several individuals familiar with the situation. Late last week, hours before the records were released by the website Wikileaks, the White House convened a high-level security meeting to discuss reports that Russia had hacked into systems at the Democratic National Committee.

Russia: How Putin Weaponized Wikileaks to Influence the Election of an American President | Defense One

Close your eyes and imagine that a hacking group backed by Russian President Vladimir Putin broke into the email system of a major U.S. political party. The group stole thousands of sensitive messages and then published them through an obliging third party in a way that was strategically timed to influence the United States presidential election. Now open your eyes because that’s what just happened. On Friday, Wikileaks published 20,000 emails stolen from the Democratic National Committee. They reveal, among other things, thuggish infighting, a push by a top DNC official to use Bernie Sanders’ religious convictions against him in the South, and attempts to strong-arm media outlets. In other words, they reveal the Washington campaign monster for what it is. But leave aside the purported content of the Wikileaks data dump (to which numerous other outlets have devoted considerable attention) and consider the source. Considerable evidence shows that the Wikileaks dump was an orchestrated act by the Russian government, working through proxies, to undermine Hillary Clinton’s Presidential campaign. “This has all the hallmarks of tradecraft. The only rationale to release such data from the Russian bulletproof host was to empower one candidate against another. The Cold War is alive and well,” Tom Kellermann, the CEO of Strategic Cyber Ventures told Defense One.

Editorials: Beware of Robots Telling You How to Vote | Mark Buchanan/Bloomberg

Voting is partially a social endeavor, in which people consider the opinions of others when making up their own minds. Increasingly, though, they’re being influenced by an inhuman force: software robots specifically designed to deceive them. Lest democracy be undermined, humans need help in distinguishing their brethren from the bots. Two years ago, in a report filed with the U.S. Securities and Exchange Commission, the social networking site Twitter estimated that more than 23 million of its active user accounts were being run by “bots” — software agents or bits of code that act on their own to respond to news and world events. They interact with real users, never revealing their true nature.

National: Guccifer 2.0: What Could Happen Next? | Information Security Buzz

We described the current state of the Guccifer 2.0 purported disclosures as leaking documents of minimal intelligence value for possible political points in the U.S. and reinforcing Kremlin themes to a Russian audience about the failings of democracy and the West. Here, we outline a couple of different trajectories for the Guccifer 2.0 persona and identify some of the indicators that would help us determine which path we’re on. … To have a substantial impact on the U.S. media, we assess Guccifer 2.0 would have to release documents that otherwise would have been used for higher priority intelligence objectives. If a release like this were to happen, it would be closer to the election as a final coup de grâce to push late media coverage in a way that benefits Russia’s desired outcome. If this scenario is part of a plan, we would expect to see efforts to make Guccifer 2.0 a more trusted interlocutor over the next few months by releasing higher quality documents or verifiable claims that establish his bona fides. However, if some external shock changes the Russian calculus, we might not see that on-ramp. In other words, the on-ramp would be indicative, but a lack of on-ramp does not necessarily preclude this outcome.

Illinois: Hackers penetrate Illinois voter registration database | The Southern

The Illinois State Board of Elections’ online voter registration system remained down Thursday afternoon in the wake of a cyberattack last week. The attack on the statewide Illinois Voter Registration System occurred July 12, and the system was shut off July 13 as a precaution once the board realized the severity of the attack, according to a message sent to local election authorities. Hackers exploited “a chink in the armor in one small data field in the online registration system,” said Ken Menzel, the board’s general counsel.

Arizona: Investigators find no evidence of voter database hack; system back online | KPHO

After more than a week of forensic analysis, cybersecurity investigators found no signs of hacker infiltration into the state’s voter registration database and have brought the system back online, the Arizona Secretary of State’s Office announced. The system was taken offline for nine days after the FBI found a “credible and serious” threat to the database, which contains personal information about the more than 3 million registered voters in the state. The system was restored Thursday. “We have not found any evidence of malware or command and control software in the voter registration system and have restored its use,” Secretary of State Michele Reagan said in a statement.

Australia: Cyber sector adamant e-voting is too costly and complex | Financial Review

Start-up entrepreneurs, tech industry leaders and politicians are at loggerheads with the cyber security sector, which remains adamant that electronic voting is too costly and complex. The debate has erupted in response to the recent election saga, where it has taken the Australian Electoral Commission more than a week to finish counting the votes. Prime Minister Malcolm Turnbull and Opposition leader Bill Shorten joined the debate on Sunday, both mentioning the need to find an e-voting solution in their victory and concession speeches, respectively. Senior security analyst at cyber security firm Checkpoint, Raymond Schippers, told The Australian Financial Review it would be too difficult to adequately secure an e-voting system. “The amount of attacks over the internet is insane. In an instant someone could compromise 10,000 computers. And without the voter ever knowing, someone could change their vote and no one would ever be able to confirm it was changed,” he said.

National: Cyber Vulnerabilities Threaten 2016 Election | Risk & Insurance

Nearly two-thirds (64 percent) of registered voters believe the 2016 presidential campaign will be compromised by a cyber breach in some way, according to a poll conducted by data security firm PKWARE and Wakefield Research. Their concerns are not unwarranted; at a time when breaches and data theft make headlines on a regular basis, much of the voting process remains unprotected. “There is a lot of vulnerability in paperless voting systems, whether they are direct reporting electronic machines, or email return ballots,” said Pamela Smith, president of Verified Voting, a nonprofit organization that advocates for accuracy, transparency and verifiability of elections. Most polling places use paper ballots that are tabulated by a scanner. Even if the scanner goes haywire, there is a paper record of voters’ intent and officials can take a manual count. In fully paperless systems, no such backup exists. “In a situation like that, there’s no way to demonstrate that the software is working properly. If something seems amiss or there is an unexpected outcome, you really wouldn’t have a way to go back and correct it because you don’t have an independent record of voter intent,” Smith said. Electronic systems, then, offer a prime target for hackers looking to influence elections.

Arizona: Online voter registration system down, computer compromised | Tucson News Now

A cyber-security issue affecting the state’s voter registration system has not been resolved, according to the Arizona Secretary of State’s blog page. The July 5 post is an update to a June 30 post saying the FBI alerted that “a credential related to the Voter Registration System had been compromised.” Further investigation revealed a county computer had been compromised by malicious software, according to the blog. Pima County Recorder, F. Ann Rodriguez confirmed that the county computer that was compromised is not a Pima County computer. Rodriguez said in two conference calls with county recorders across the state, the Secretary of State’s office explained security experts were working with the system vendor to make sure voter information was not accessed or otherwise tampered with. As a result, the Secretary of State, Michele Reagan, decided to take the voter registration site offline. This now affects two important processes.

National: Cybersecurity Experts Go to Washington | BU Today

Officially, it was a cybersecurity briefing on Capitol Hill hosted by Jean Morrison, Boston University provost, and the Congressional Cybersecurity Caucus, but it felt a little like a college freshman-level computer science seminar. Sharon Goldberg, a College of Arts & Sciences associate professor of computer science, was explaining some of the deep insecurities built into the internet, and why they matter. Her students were a group of Congressional aides and interns and other Hill staffers. They had crowded into a room in the Cannon House Office Building recently on their lunch hour and were taking copious notes so they could better inform policymakers, who are scrambling these days to catch up with technical reality. “The internet was designed several decades ago as a network for universities, for graduate students to send each other emails, to do scientific computing—not for what it’s doing today,” said Goldberg, one of three cybersecurity experts who addressed the briefing. It was a time, she added, “when basically everyone on the internet believed they could all trust each other because they were all graduate students playing with computers.”

Editorials: Electronic voting may be risky, but what about vote counting? | Robert Merkel/The Conversation

Several advantages of online voting were identified in a recent post by Conversation columnist and software researcher David Glance who backed the introduction of such a scheme in Australia. He is correct that an online voting system would be faster, more convenient and have fewer accidental informal votes. It would also reduce the donkey vote problem (though the “donkey vote” bias can also be dealt with by the use of Robson rotation on printed ballots). But in my view he dismisses the very real risks not only of actual election tampering, but something equally important – the confidence that Australian elections aren’t being tampered with. A vote-counting system not only needs to be secure against threats to its integrity, it needs to be seen to be secure against such threats. The right technologies, deployed in the right way, can assist with speeding up vote counts without putting the integrity of our voting system at risk. The place for that technology is not as a replacement for the paper ballot.

Arizona: Security concerns shut down parts of secretary of state’s elections site | The Arizona Republic

Parts of the Arizona secretary of state’s website are down for unspecified security-related maintenance, angering some candidate campaigns that received belated notice. The portion of the site dealing with online contributions to the public campaign-finance system was shut down Tuesday evening, said Matt Roberts, a spokesman for Secretary of State Michele Reagan. But it was only Wednesday morning that the office sent a notice to the Clean Elections candidates using the site’s online service for gathering the $5 contributions necessary to qualify for public financing. “Why wouldn’t you notify the candidates first?” asked Chad Campbell, a consultant for the campaign of Corporation Commission candidates Tom Chabin and Bill Mundell.

Russia: Is Moscow trying to influence Trump-Clinton race? | The Hill

The unknown identity of a mysterious hacker claiming to be the sole architect behind the infiltration of the Democratic National Committee (DNC) has raised fears that Russia may be trying to influence the U.S. election. The idea sounds like the work of conspiracy theorists — but both security and foreign policy experts say it fits with a historical pattern of Russian intelligence operations. “I think it would naive of us to rule that out,” said Jason Healey, a director at the Atlantic Council who has worked on cyber defenses at the White House. The hack comes as the Senate is weighing its annual intelligence policy bill, which would establish a committee specifically to counter “active measures by Russia to exert covert influence.” The firm that investigated the breach for the DNC attributed the attack to the Russian government and most onlookers originally interpreted it as traditional espionage — a straightforward way of gathering intelligence about the American political landscape, something the U.S. itself does.

National: Clinton Foundation Said to Be Breached by Russian Hackers | Bloomberg

The Bill, Hillary and Chelsea Clinton Foundation was among the organizations breached by suspected Russian hackers in a dragnet of the U.S. political apparatus ahead of the November election, according to three people familiar with the matter. The attacks on the foundation’s network, as well as those of the Democratic Party and Hillary Clinton’s presidential campaign, compound concerns about her digital security even as the FBI continues to investigate her use of a personal e-mail server while she was secretary of state. Clinton Foundation officials said the organization hadn’t been notified of the breach and declined to comment further. The compromise of the foundation’s computers was first identified by government investigators as recently as last week, the people familiar with the matter said. Agents monitor servers used by hackers to communicate with their targets, giving them a back channel view of attacks, often even before the victims detect them.

National: “Guccifer” leak of DNC Trump research has a Russian’s fingerprints on it | Ars Technica

We still don’t know who he is or whether he works for the Russian government, but one thing is for sure: Guccifer 2.0—the nom de guerre of the person claiming he hacked the Democratic National Committee and published hundreds of pages that appeared to prove it—left behind fingerprints implicating a Russian-speaking person with a nostalgia for the country’s lost Soviet era. Exhibit A in the case is this document created and later edited in the ubiquitous Microsoft Word format. Metadata left inside the file shows it was last edited by someone using the computer name “Феликс Эдмундович.” That means the computer was configured to use the Russian language and that it was connected to a Russian-language keyboard. More intriguing still, “Феликс Эдмундович” is the colloquial name that translates to Felix Dzerzhinsky, the 20th Century Russian statesman who is best known for founding the Soviet secret police. (The metadata also shows that the purported DNC strategy memo was originally created by someone named Warren Flood, which happens to be the name of a LinkedIn user claiming to provide strategy and data analytics services to Democratic candidates.) Exhibit B is this opposition research document on Donald Trump, the presumptive Republican presidential nominee. Exhibit B is also written in Word. Several of the Web links in it are broken and contain the error message “Error! Hyperlink reference not valid.” But in a PDF-formatted copy of the same document published by Gawker a few hours before Guccifer 2.0’s post went live, the error messages with roughly the same meaning appear in Russian. The most likely explanation is that the Russian error messages are an artifact left behind when the leaker converted the Word document into a PDF. That kind of conversion would be expected if the leaker’s PC was set up to use Russian.