cybersecurity

by

Did The FBI Ask Google For Help Identifying #NikolausCruz?

It looks like the Nikolaus Cruz who left the Youtube comment last September has a Google ID. Since this person looks like they used their actual name, I cannot help but wonder if this person filled out their personal information, too. Maybe subconsciously this Nikolaus Cruz was hoping the FBI would find him before he succeeded in becoming a “professional school shooter”. Since we are second guessing the FBI actions, did the FBI ask Google for help identifying this user?

by

Was The DNC Hack Set Up By Crowdstrike?

I'm a security monitor, I only notify people if something bad happens

As an old IT guy, I keep wondering what Crowdstrike was doing during the DNC Hack? It looks like a Lifelock commercial. Here is the Crowdstrike timeline.

Crowdstrike Timeline

  1. In 2015 Crowdstrike knows that DNC information was transmitted to Russia.
  2. On April 29th, 2016, the DNC suspects they have been hacked.
  3. On May 4th, 2016, Crowdstrike installs “monitoring software”.
  4. On June 10th, 2016, Crowdstrike changes passwords at the DNC.

If Crowdstrike knew the DNC was hacked in 2015 and information was transmitted back to Russia, why did they install a security monitor in May 2016? Why did they wait until June to actually fix the problem? It looks like Crowdstrike set up the DNC network as a “bad” honeypot. Traditionally a honeypot consists of a network site that appears to be legitimate but is actually isolated, monitored, and contains non-vital data.  Crowdstrike used the real DNC network as the lure. If Fusion GPS and Crowdstrike are the private contractors who had unsupervised access to raw FISA information on FBI systems, they had to know what the Russians were doing. Were their actions negligent, stupid, or an attempt to divert the attention from the damaging Podesta emails that the Russians were boasting about? Since the Podesta emails were far more damaging to the Clinton campaign, it looks like Crowdstrike felt it was more important to attribute the hack on the Russians than to protect the DNC data.

DNC Hack Timeline

Date Incident
6/1/2015 CrowdStrike had stated in its reports that the DNC server was penetrated sometime in the summer of 2015
11/1/2015 The FBI alerted the DNC information was being transmitted back to Russia
12/15/2015 NGP VAN released a code update to their Votebuilder application that allowed Sanders team looks at Clinton data
3/1/2016 Super Tuesday
3/9/2016 DOJ finds private contractor has access to raw FISA information on FBI systems
3/19/2016 Podesta email hacked, emails released by Wikileaks in October 2016
4/18/2016 FBI discontinued allowing their sub-contracted agent access to the raw FISA information effective April 18th, 2016
4/19/2016 Large Increase in DNC emails appearing in Wikileaks
4/24/2016 Sanders: Democratic Party hasn’t been fair to me(id:5477)
4/26/2016 Clinton and Trump Have Commanding Delegate Leads
4/29/2016 DNC Suspects Hack
4/30/2016 Mr. Papadopoulos says that he had just learned from high-level Russian officials in Moscow that the Russians had “dirt” on Mrs. Clinton in the form of “thousands of emails,”
5/4/2016 Crowdstrike Installs Monitoring Software(Falcon)
5/5/2016 Marshall No Shit email(id:7643)
5/17/2016 Wasserman Schultz Damn Liar email(id:7643)
5/21/2016 Re: Sanders: If I’m elected, DNC leader would be out(id:9999)
5/21/2016 Last email on Seth Rich’s laptop
5/22/2016 Bernie Narrative(id:11056)
5/25/2016 Last DNC Hack email in Wikileaks
6/10/2016 Crowdstrike changes passwords at DNC
6/12/2016 Julian Assange announces on June 12, 2016, that he had DNC documents
6/14/2016 DNC HACK MADE PUBLIC(Washington Post)
6/15/2016 Crowdstrike Report
6/15/2016 GUCCIFER 2.0 DNC’S SERVERS HACKED BY A LONE HACKER
6/18/2016 NEW DOCS FROM DNC NETWORK: LOTS OF FINANCIAL REPORTS AND DONORS’ PERSONAL DATA
6/21/2016 DOSSIER ON HILLARY CLINTON FROM DNC
7/5/2016 Second Guccifer 2.0 Hack
7/5/2016 First Copy of NGP VAN file
7/6/2016 TRUMPOCALYPSE AND OTHER DNC PLANS FOR JULY
7/10/2016 Seth Rich Death
10/7/2016 Wikileaks posts Podesta emails
10/26/2016 Admiral Rogers informs the FISA Court of numerous unauthorized FISA-702(17) “About Query” violations.”)
by

CyberSecurity Tips For Both Political Parties

The American people want to believe that both political parties and our journalists will not lie, cheat, steal, or tolerate those who do.  Instead they found out that:

  • Glenn Thrush is actually a political hack masquerading as a journalist.
  • From time to time Donna Brazile gets debates questions in advance and had no ethical problems passing it on to the Clinton campaign.
  • The supposedly neutral DNC was actively trying to undermine the Bernie Sanders presidential campaign despite telling everyone they were not doing that.

This loss of innocence was one of the major reasons behind the success of Mr. Trump’s “Drain the Swamp” theme. Although the intelligence community is trying to divert attention from the gross incompetence and ethical shortcomings of the DNC, Mr. Podesta, and those journalists, I feel it is my responsibility as an old IT guy to remind both political parties and journalists that you are the first line of defense in cybersecurity.  Gross stupidity can easily defeat the best cybersecurity plan. So here are my tips:

Stop Doing Ethically Stupid Stuff And Writing About It In Emails

It is better to be thought a cheater than to write an email that removes all doubt! As an example the Donna Brazile “From time to time” email could have been written a  thousand different ways that would obscure the source while preparing Ms. Clinton for the subject matter. A simple rephrasing of the question would have at least given Ms. Brazile plausible deniability as a cheater. Ms. Clinton’s worst debate answers are far better than the stigma from being caught cheating. Of course, a more ethical person would not have divulged the question to Ms. Clinton. Most of the journalists mentioned in the Wikileaks releases doing ethically stupid stuff probably regret writing about it in an email. The lesson that should have been learned is that embarrassing emails in the wrong hands are very valuable. You have just provided the reason for even more hacking attempts!

Treat All Communication Devices As Non-Secure

Whether you are in the privacy of your home or at Starbucks you should assume that someone is trying to intercept your communications. It could be the NSA, Russian intelligence, or just some script kiddie having fun.   If only a small portion of your emails are about yoga and wedding preparations, you really should not have a private email server. Who were the adults in the room advising Ms. Clinton about the security risks associated with the Secretary of State having a private email server? Brian Krebs of KrebsOnSecurity sums it up best.

There are some fairly simple, immutable truths that each of us should keep in mind, truths that apply equally to political parties, organizations and corporations alike:

  • If you connect it to the Internet, someone will try to hack it.
  • If what you put on the Internet has value, someone will invest time and effort to steal it.
  • Even if what is stolen does not have immediate value to the thief, he can easily find buyers for it.
  • The price he secures for it will almost certainly be a tiny slice of its true worth to the victim.
  • Organizations and individuals unwilling to spend a small fraction of what those assets are worth to secure them against cybercrooks can expect to eventually be relieved of said assets.