back to article US midterms barely over when Russians came knocking on our servers (again), Democrats claim

Russian hackers attempted to infiltrate the Democratic National Committee (DNC) just after the US midterm elections last year, according to a new court filing. The attack in November 2018 was previously reported as targeting a number of organizations including law enforcement, defense contractors, and media companies, but the …

  1. Donn Bly

    Always blaming Russia

    My servers are targeted on a weekly, if not daily, basis from IP addresses in a variety of countries - especially Russia, South Africa, China, and India. It is such a routine occurrence that I don't even bother to take action unless they are doing something that causes me other problems.

    Unlike the DNC however, I realize that these are probably not state actors but just compromised systems that are part of a botnet, and probably not even being controlled by an organization headquartered in the same country as the compromised machines.

    It baffles me why a competent IT security person would even try to connect a nationality to an attack based on the limited information found in logs and message headers. Still, the lawyers and the media want to keep blaming Russia -- when it just as likely to be a 14 year old kid in Albuquerque New Mexico hooked into his neighbor's WiFi.

    1. BillG Silver badge
      Mushroom

      Re: Always blaming Russia

      I get the same thing, on a weekly basis I log attacks on my websites from IP addresses allegedly from China, Russia, and the Philippines among others. Nothing to see here, move along.

      1. robidy

        Re: Always blaming Russia

        Not sure if you've read the court filing but the theft of internal Amazon architecture isn't a list of Russian IP addressses...I think you're in Friday night beer goggles mode. The are also the best part of 111 pages of stuff not listing web site probes from Russian IP's.

        We all see port scans everyday...that's not a problem they are on about.

        1. Anonymous Coward
          Anonymous Coward

          Re: Always blaming Russia

          --> 220-domain.com ESMTP Mon, 21 Jan 2019 11:52:52 -0600

          --> 220 Brace yourself, this might make your eyes water

          <-- EHLO [185.211.245.170]

          EHLO/HELO response delayed 10 seconds

          --> 250-domain.com Hello [185.211.245.170], pleased to meet you

          --> 250-ETRN

          Location Screening hiding AUTH from country Russia

          --> 250-8BITMIME

          --> 250-ENHANCEDSTATUSCODES

          --> 250-STARTTLS

          --> 250 SIZE

          Connection closed

    2. whoseyourdaddy

      Re: Always blaming Russia

      Umm.. I'm pretty sure spammers don't care what country you are in.

      All spammers are more interested in selling me penis pills, Anderson Windows, ADT security, TrumpCare, Keto diet plans and dating for Senior Citizens, things I will never, never, ever, ever, as long as I am breathing give one cent to unless I pulled it out of my unclean ass.

      Anderson and ADT. Remember those two brands.

      The thing about spear-fishing email, I'm confident it doesn't take the CERN experts to figure out where it came from and who it benefits. I'm sure there's a whole industry around tracing down the who, what, and why.

      Soo.....

      1. Donn Bly

        Re: Always blaming Russia

        The thing about spear-fishing email, I'm confident it doesn't take the CERN experts to figure out where it came from and who it benefits. I'm sure there's a whole industry around tracing down the who, what, and why.

        The thing about spear-phishing is that it NEVER comes from where they say it comes from. That is, after all, the point of the phish. I can send a message and make it look like it came from any number of countries, doing so is trivial to anybody who knows what they are doing. The harder part is getting around SPF, domain keys, and message signing so that the phishing messages don't end up in a spam folder.

        As to who it benefits -- You can try to guess who it benefits but all you would really be doing is bias confirmation. This week the DNC wants the bad guys to be Russian, so they will ignore any evidence that says otherwise or interpret any evidence to justify their conclusion. Next week it they could want it to be a Trump staffer or North Korea and make the same case. Do you really think that ONLY the Russians would be interested in a tap on DNC internal communications?

        In order to really track it and find origin you have to set some bait for them to take, and then follow it back. You have to gain access to the mail server where the replies to their messages go to see if the server has been compromised, and then trace whomever accesses the mailbox to trace it back. You have to see if the machines used to access the server have been compromised, and go back further. They would have to establish a dialog with the phisher to keep them on the line so that all of this could happen without them finding out. All of that is very time consuming, expensive, and requires cooperation from friendly judges issuing warrants and lots of IT people sworn to secrecy.

        None of that has occurred, therefore they are guessing and don't REALLY want the facts because the facts may not support their accusations. They are more interested in controlling perception for the purposes for political persuasion than they are establishing fact. Of course they are a political organization, and that is what political organizations do (no matter what side of the isle). Nothing unusual, just the normal day-to-day operations of a political organization.

      2. stiine Bronze badge

        Re: Always blaming Russia

        Bullshit. No spammer is going to try haking some minor-caste in India who makes $1650/year. There'd be no fucking point. 66% of senators and 41% of House members are millionaires, so wouldn't that be a fucking nice target for ....just about everyone? In addition, they write laws, I'm sure they don't read them because some of them seem to have trouble making sense, even when trying to read from a prepared statement, so if you could change sentence by adding a 'not' or add a decimal place, wouldn't that be a fucking joke.

    3. sisk Silver badge

      Re: Always blaming Russia

      Eh, considering that it's the DNC being targeted state actors are actually more likely than teenage kids. You can also usually tell the difference between a state actor in a PFY pretty easily. Attacks by state actors tend to be more sophisticated and actually threaten to get in. Attacks by PFYs usually don't make it past the firewall - assuming it's competently configure of course - or do so in such a noisy manner that they announce their presence at every step along the way. If the attack was competent and successful it was probably a state actor.

  2. Someone Else Silver badge

    In typically robust inaccurate, incorrect and, of course, factually bereft language, the Trump campaign has dismissed the case as a "sham lawsuit about a bogus Russian collusion claim filed by a desperate, dysfunctional and nearly insolvent Democratic Party."

    There, FTFY

    1. ITS Retired

      Our so-called two party system is so corrupt, neither can figure which way is up, even if they had a helium filled balloon, on a string, ready to release.

      1. #define INFINITY -1 Bronze badge

        You could apply logic as well. For instance, assume:

        a) a good economy is attractive,

        b) a good economy results from policy decisions,

        c) a country is the sum of its people, and

        d) each citizen carries a (varying) fractional part of their native country's policy/history (the converse of c).

        We can conclude that to maintain your good economy, you need to prevent countries merging with yours; i.e. you need to a good ingress filter.

        1. jmch Silver badge

          "you need to a good ingress filter"

          Yeah, like "no brown people" for example?

          1. stiine Bronze badge

            how true

            We don't want anyone who has ties to mainland China because there's a better than even chance that the only reason they are here is for corporate espionage.

      2. Someone Else Silver badge

        Define "up".

  3. vtcodger Silver badge

    It's what spies do?

    Seems to me that the Russian equivalent of the NSA would be sadly remiss if they WEREN'T regularly trying to break into the DNC and RNC servers, as well as a wide variety of state, US government,US military, law enforcement and Military Industrial Complex servers. That, I believe, is what intelligence agencies do nowadays.

    However, I suppose any weird scenario on could conjure up COULD be in play. I can't imagine what the point of the court action against Russia is, but that doesn't mean there isn't a point buried somewhere in the murky depths of international law and the US legal system.

    Or maybe the Democrats are just trying to somehow score political points against a President and political opposition for whom they have roughly zero affection.

    1. a_yank_lurker Silver badge

      Re: It's what spies do?

      Any competent spookhaus is going to try to get information from major players of a potential adversary. However, I would expect them to not be so clumsy as to leave breadcrumbs pointing directly at them for the main effort. A 'clumsy' effort may be to stir the pot, to tell the target (this case the donkeys) that they are around to mess with their minds. Given the donkey fixation on Crazy Ivan, if was Ivan I would make a few 'clumsy' efforts to rattle the donkeys and hopefully get them fixated on the easy on whilst I go behind them.

      1. Jack of Shadows Silver badge

        Re: It's what spies do?

        Any competent spookhaus is going to be gathering information from their "friends" as well. The NSA certainly practices that often.

    2. sisk Silver badge
      Headmaster

      Re: It's what spies do?

      Since the NSA is technically banned from operating outside the US (not that I believe for a moment that stops them) I think what you mean is the Russian equivalent of the CIA.

  4. Walter Bishop Silver badge
    Mushroom

    One hundred and eleven mentions of Wikileaks in that document

    WikiLeaks And Russian Intelligence discuss a plan to use stolen DNC documents to disrupt The Democratic National Conventionref

    Nonsense, my analysis of this and other works of fiction, such as Russia stole the election through FACEBOOK adverts, is that the neocon faction in Washington concocted this in order to explain away how Trump won the election and also as part of it's long term campaign to discredit Wikileaks.

    While the lawsuit does not claim that President Trump or his campaign team knew about either hacking attempt, it references the Trump campaign's and the president's repeated denials of links with Russian intelligence figures.”

    Yea, Trump is a Russian mole being controlled from the Kremlin cause he's being blackmailed by Putin using the golden-shower video. The same video Putin carelessly passed onto a Christopher Steele of the MI6 :]

    Or else what we're witnessing is a palace coup being staged by the deep-state and carried on in full view and with the help of some useful idiots in the media.

    1. Anonymous Coward
      Anonymous Coward

      Re: One hundred and eleven mentions of Wikileaks in that document

      Don't forget, the only reason trump won the republican nomination in the first place is because the Hillary campaign positioned him by strategically eliminating his opponents with well-timed leaks of damaging information. They thought they could steamroller him, as they believed he was the weakest candidate in the group.

      Turns out voters don't like being manipulated that way and voted for him out of spite.

      1. Qwertius

        Re: One hundred and eleven mentions of Wikileaks in that document

        Out of spite ? Nah - -- the key moment in the entire election ?

        When Hillary called all the Blue collar workers --- a bunch of deplorables.

  5. Nick Kew Silver badge
    1. Anonymous Coward
      Anonymous Coward

      Re: Any bets?

      Oh those nasty unDemocrats. Prefer to risk WW3 for their own political games.

      1. stiine Bronze badge
        Mushroom

        Re: Any bets?

        Hell yes, I'd love to have a chance to kill a bunch of people without having to worry about the consequences.

  6. MonsieurTM

    Yet again we Russia being blamed in a well-written article that on the face of it appears to be sound. Yet again no evidence is presented. Yet again we are asked to believe in "evil Russia". This is now a troll. Stop repeating the troll "Russia bad".

    Russia does not gave the technical kniow-how to perform such influence on the most technologically advanced nation in the world! This is absurd.

  7. bombastic bob Silver badge
    Coat

    Russian hackers attempted to infiltrate the Democratic National Committee

    TOO LATE!

    (they've already become communists)

    /me runs from the rotten veggies being tossed my way

    1. Voyna i Mor Silver badge

      Re: Russian hackers attempted to infiltrate the Democratic National Committee

      Stick to the IT stuff where you make sense, Bob, it's been abundantly clear for years that you wouldn't recognise a communist if they came after you with an icepick.

      Nancy Pelosi is what the world outside the USA and Israel calls a "right wing politician."

  8. HKmk23

    Most Yanks are so thick...

    eg; Who else needed a label "Do not iron this shirt while wearing it"?

    When they have nothing else to say the Demoprats revert to "there is a red under the bed".

    Trump with all his faults is the best President they have had since Teddy Roosevelt, he has in half a term put their economy back on its feet and although no-one likes to admit it he is also right about the Wall.....why should you not be able to lock your front and back doors? You can still give asylum to people with a genuine need but there is no requirement in the world to have an open house for every terrorist or drug pusher.

    1. Voyna i Mor Silver badge

      Re: Most Yanks are so thick...

      Joe McCarthy was a Republican. So was J Edgar Hoover. That rather invalidates your second sentence.

      (They were also Trump-scale barking but in the absence of Twitter it wasn't noticed nearly so much.)

    2. Voyna i Mor Silver badge

      Re: Most Yanks are so thick....why should you not be able to lock your front and back doors?

      When you're the descendants of the burglars that broke in in the first place and took over, and now you don't want other people coming in.

  9. Qwertius

    The fact that the Democrats continue to refuse access to their servers - tells me all I need to know.

  10. Anonymous South African Coward Silver badge

    fail2ban anybody?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019