[Home] [Headlines] [Latest Articles] [Latest Comments] [Post] [Sign-in] [Mail] [Setup] [Help]
Status: Not Logged In; Sign In
(s)Elections See other (s)Elections Articles Title: Analysis: DNC Servers Were Locally Hacked, Making Russian Interference Unlikely The Russiagate scandal has dominated headlines and airwaves for months now, with politicians and analysts lining up to pin last years election meddling on Russian spies. But an independent investigators new analysis lays the blame at the feet of a hacker closer to home. WASHINGTON, D.C. In the latest complication for the Russiagate scandal, a new analysis has suggested that files and email stolen from the Democratic National Committee (DNC) were copied to a USB drive by someone with physical access to a computer that had DNC server access, indicating that the committees records were not hacked remotely by foreign actors, as has been alleged. The DNCs stolen files were published by the hacker Guccifer 2.0, whose name is an homage to the Romanian hacker Guccifer, who gained notoriety for hacking the Bush and Rockefeller families among other U.S. government officials. Guccifer 2.0, despite professing that he is a Romanian and affiliated with no government, was cited as an agent of Russian military intelligence by the private cyber security firm Crowdstrike, which was hired by the DNC to investigate the hack. However, an independent investigator working under the pseudonym The Forensicator has released a new analysis of the metadata found in the files published by Guccifer 2.0. The analysis shows that the files, published as a .7z archive file, were transferred from the server at a speed of 23 MB/second, leading the investigator to conclude that it was unlikely that this initial data transfer could have been done remotely over the Internet. The investigator also found that the copying of the files from the DNC servers took place either over a local high-speed network (LAN) or by someone who had physical access to the computer where the data was stored. Follow Freeman's Watch @FreemansWatch More Proof Russia Did NOT Hack DNC: Files "Copied Locally" https://tmblr.co/ZwsRQd2NjPJY0 6:35 AM - 12 Jul 2017 4 4 Retweets 1 1 like Twitter Ads info and privacy In addition, The Forensicator analyzed the timestamps of the files, which were preserved from the date of the initial transfer. The timestamps from the documents were recorded in Coordinated Universal Time (UTC), but when adjusted to Eastern Daylight Time (EDT) they fell into the same range as the last modified times for the directories archived in the .rar files. Thus, it was concluded that the copying of the files took place on a computer system where EDT was in use, meaning that the said system was likely located on the eastern coast of the U.S. Related: Anthrax And Russiagate: Muellers Special Counsel Appointment Should Raise Concern In light of these findings, the party responsible for the initial hack was likely located within the U.S. at the time, suggesting that the hack was carried out by a disgruntled DNC insider or by someone located in the U.S. who may have been working with Guccifer 2.0, who was responsible for gaining access to the DNC server. This makes it unlikely that Russian military intelligence remotely hacked the DNC servers from abroad. This may explain why the DNC has repeatedly refused to hand over the hacked servers to the government for examination, as only Crowdstrike has been given access. Even the recent Congressional probes into alleged Russian interference in the 2016 election have been denied access to the servers. Follow Lou Dobbs ✔ @LouDobbs Why did DNC deny FBI access to DNC email server? Why did FBI allow denial? http://go.shr.lc/2uLNZ4S - @washtimes #MAGA @POTUS #TrumpTrain 7:00 AM - 6 Jul 2017 Photo published for DNC email server most wanted evidence for Russia investigations DNC email server most wanted evidence for Russia investigations It is perhaps the key piece of forensic evidence in Russia's suspected efforts to sway the November presidential election, but federal investigators have yet to get their hands on the hacked computer washingtontimes.com 2,560 2,560 Retweets 4,811 4,811 likes Twitter Ads info and privacy Given that the DNC hack has been central to the Russian hacker narrative, it is certainly unusual that this key piece of evidence is being withheld from investigators. This new analysis makes it highly likely that there is evidence on the servers that would also show that remote hacking of the servers was improbable. But even before The Forensicators analysis was released, there was plenty of reason to doubt the DNCs narrative regarding the hack, particularly regarding whether Russia was the culpable party. For example, the evidence Crowdstrike cited as proving that the hack was conducted by Russian military intelligence is largely speculative. The firm claimed that the techniques used in the hack were similar to those used in past hacking operations that have been attributed to Russian state actors and the profile of those targeted by said hacks closely mirrors the strategic interests of the Russian government. However, even if the exploits or tools used to conduct the hack were associated with Russia in the past, that does not necessarily make the case that the Russians were behind the hack this time. Indeed, once malware or another exploit is used, it tends to be utilized by other hackers and cyber criminals soon after. It may also be offered for sale on online black markets. Related: NYT, AP Retract Claim That 17 US Intel Agencies Agree Russia Hacked US Elections This has occurred with Russian malware before. When the Gyges malware was discovered by SentinelOne Research in 2014, it was found to share several similarities with Russian espionage malware that had been repurposed by non-state actor cybercriminals. The firm explained that the Gyges malware is an example of how advanced techniques and code developed by governments for espionage are effectively being repurposed, modularized and coupled with other malware to commit cybercrime. U.S. government-created malware has also shared a similar fate, most recently with the WikiLeaks Vault 7 revelations that the CIA lost control of its elite hacking arsenal, along with the breach of NSA hacking tools by the Shadow Brokers hacking collective. Tools from the latter were recently repurposed by the criminals responsible for the recent WannaCry ransomware attack that affected 74 nations and is said to have been one of the largest cyberattacks in history. Be Sociable, Share! Post Comment Private Reply Ignore Thread
|
||
[Home]
[Headlines]
[Latest Articles]
[Latest Comments]
[Post]
[Sign-in]
[Mail]
[Setup]
[Help]
|