Details of Kremlin's phishing expedition
The hackers who disrupted the U.S. presidential election last year had ambitions that stretched across the globe, targeting the emails of Ukrainian officers, Russian opposition figures, U.S. defense contractors and thousands of others of interest to the Kremlin, according to an AP package by Raphael Satter, Jeff Donn and Desmond Butler:
- Why it matters: "The hackers were closely aligned with the interests of the Russian government."
- The lead: "The FBI failed to notify scores of U.S. officials that Russian hackers were trying to break into their personal Gmail accounts despite having evidence for at least a year that the targets were in the Kremlin's cross-hairs."
- "Even senior policymakers discovered they were targets only when informed by The Associated Press, a situation some described as bizarre and dispiriting."
- The previously unpublished digital hit list obtained by AP provides "the most detailed forensic evidence to date of the ambitious hackers who disrupted the U.S. presidential election in 2016."
- AP drew on a database of 19,000 malicious links collected by the cybersecurity firm Secureworks, dozens of rogue emails and interviews with more than 100 hacking targets.
- Follow the hackers.
Anatomy of hacking Hillary:
- "The Clinton campaign was no easy target; several former employees said the organization put particular stress on digital safety."
- "Work emails were protected by two-factor authentication, a technique that uses a second passcode to keep accounts secure. Most messages were deleted after 30 days and staff went through phishing drills.
- "Two-factor authentication may have slowed the hackers, but it didn't stop them.
- "After repeated attempts to break into various staffers' hillaryclinton.com accounts, the hackers turned to the personal Gmail addresses. It was there on March 19 that they targeted top Clinton lieutenants — including campaign manager Robby Mook, senior adviser Jake Sullivan and political fixer Philippe Reines."