The Plot to Hack America by Malcolm Nance

Author:Malcolm Nance
Language: eng
Format: epub
Publisher: Skyhorse Publishing
Published: 2016-03-16T04:00:00+00:00

No One Is Immune

On May 20, 2015, APT28 hit the German Bundestag and started to steal data from servers after launching the Sofacy malware on the systems. After the attack, the Bundestag director Horst Risse advised the other staff to avoid opening files or links via email.50 In August 2015, APT28 launched a spear-phishing effort at EFF, the Electronic Frontier Foundation. The group attempted to use email to lure targets to a spoofed site at “electronicfrontierfoundation.org”. The official site for EFF is at “eff.org”. Oracle fixed the Java zero day.51

On July 21, 2016, on the eve of the Olympic games in Rio De Janiero, the World Anti-Doping Agency or WADA recommended banning the entirety of Russian athletes from the 2016 Olympic games.52 WADA believed that there was a systematic national effort to use and conceal illegal doping agents from the agency. WADA reached a compromise with the Russian Olympic team in which 70 percent of Russian athletes could participate, though 110 could not. Although it appeared that the matter was resolved, the CYBER BEARS unloaded on WADA with a massive FANCY BEAR spear-phishing campaign.

On August 15, 2016, stakeholders in WADA were notified of an email campaign aiming to spear-phish the members by getting them to click bogus websites that looked like official WADA portals. The watering hole domains had been recently purchased on August 8, 2016, along with additional domains not used in the strikes but perhaps held for future targeting. The domains were registered to the users as if they were in Riva, Latvia. The URLs were “wada-awa.org” and “wada-arna.org,” which were not affiliated with the organization.

FireEye and ThreatConnect53 have tied APT28 to the WADA attack.54 However, as with the DNC, the TV5Monde, and the Warsaw Stock Exchange hacks, this one was suddenly claimed by someone else. In this case the claim emanated from a Twitter account named “Anonymous Poland” and the handle @anpoland. Like Guccifer 2.0, this new Twitter channel had no back history, suggesting it was a sock puppet account created just for the operation.

Targets of the attack included athlete Yuliya Stepanova, who had her emails hacked after she stepped forward as a whistleblower on the Russian doping scandal. She personally drew the ire of Putin, who referred to her as a “Judas.” It wasn’t surprising that Russian authorities would want to retaliate as they have long shown a state interest in the success of their athletes, even if by banned or controversial methods. Grigory Rodchenkov was director of an anti-doping lab that helped Russian athletes cheat WADA controls. Rodchenkov claims that a Russian intelligence officer was assigned to observe his lab to find out what happened to athlete urine samples.55

Numerous other Russian hacks struck government, diplomatic, and civilian websites in the United States as well. In December 2014, Russian hackers breached the account of a well-known US military correspondent. As a result, the attackers took the contact information from that breach and went on to attack fifty-five other employees of a major US newspaper.56 In January 2015 three popular YouTube bloggers interviewed President Barack Obama at the White House.

Download

Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.