Campaign says cybersecurity measures prevented hacking but disclosure raises renewed fears of foreign interference

Kamala Harris’s presidential campaign has confirmed it was warned by the FBI it had been targeted by a foreign influence campaign, triggering renewed fears over foreign interference in US elections.

The disclosure – reported by NBC – came after Donald Trump’s campaign claimed it had been hacked in an email phishing attempt, suspected to have been carried out by Iran.

The FBI has confirmed in a statement it is investigating foreign hacking attempts against the campaigns.

  • Rentlar@lemmy.ca
    link
    fedilink
    arrow-up
    7
    arrow-down
    1
    ·
    3 months ago

    Hello sir/madam,

    I have important message for you from your party leader to read from secure channel. Kindly click the link and [Make America Great Again]/[We Will Not Go Back].

    USA2024Politic.xyz/login.php

    Thank you, [Trump] [Harris] Senior Campaign Advisor

  • WhatAmLemmy@lemmy.world
    link
    fedilink
    English
    arrow-up
    7
    arrow-down
    29
    ·
    3 months ago

    Side note: I’d really like to know what evidence they have for stating that a country is “suspected”. If the only reason is that traffic was routed through a countries IP addresses, then literally anyone anywhere can do that; otherwise it’s essentially disinformation and they can “suspect” whomever is geopolitically relevant at any given time.

    • Pup Biru@aussie.zone
      link
      fedilink
      English
      arrow-up
      45
      ·
      3 months ago

      their methods are indeed significantly more sophisticated than that. explaining them accurately, however is beyond my knowledge… and i’m a principal engineer that deals with security quite regularly

      • booly@sh.itjust.works
        link
        fedilink
        arrow-up
        26
        ·
        3 months ago

        They use different heuristics to make their best guess, and to give themselves a confidence score.

        Some indicators include whether groups refuse to target certain targets, what time zones correspond with their highest activity levels, types of linguistic or grammatical markers they use, including grammatical errors (a native Russian speaker makes different types of English mistakes as a native Chinese speaker), keyboard layouts, types of punctuation, etc.

        From there, watching their techniques can kinda reveal what other groups they might learn from or cross pollinate with.

        Everything can be spoofed, of course, but maintaining a false persona for a long time is hard, and often not worth doing.

        • TWeaK
          link
          fedilink
          English
          arrow-up
          12
          ·
          3 months ago

          The best example of attribution I know of was the 2018 Winter Olympics. This was shortly after the Russian doping scandal. Russia basically made a press release and said “The Olympics is going to be hacked, people are going to blame us for it but it totally isn’t us.” The hack happened, and it bore some of the hallmark signs of Russian hackers. However, it also had signs of being Chinese and also North Korean. They basically used techniques from every major nation state hacking group to cover their tracks. In the end it was still pinned on Russia, because one of the command and control servers previously had an IP address used in a Russian cyber attack on Ukraine. The indictment was also juicy, the US called the hacking group “petulant children”.

          There’s a Darknet Diaries episode that covers it and goes into more detail:

          Darknet Diaries: 77: Olympic Destroyer

          Episode webpage: https://darknetdiaries.com/episode/77

          Media file: https://www.podtrac.com/pts/redirect.mp3/dovetail.prxu.org/7057/290978c7-55c1-43df-ac19-2cb89f96994d/b5a200ec-adad-431b-b227-c2c1dfdb01f8.mp3