United States 13-page report released: secret Russian hackers involved in United States elections, hack-IT information
On December 30, the United States Department of Homeland Security and FBI announced 13 page-Russian hackers involved United States report of the elections, this is the United States official named in the report for the first time a country dictates a malicious hacker attacks.
US media said, this is the United States Government National Conference of members of the Democratic Party "being black" behavior, and Russia military institutions--such as the Russian Federal Security Service (FSB) and Russia General Staff Intelligence Directorate (GRU) associated with it.
Network attacks: manufactured false identity attack
Reports said Russia intelligence unit has been the United States Government and the national launch hacker attacks, unit members sometimes manufacture false identities over a network, making victims mistakenly attacked others. For instance Democrat this year summer encounter stolen e-mail, although published by a man claiming to be Guccifer 2.0 on the Web, but United States officials say the incident was in fact and Russia about.
Mail fraud accounts and passwords
Reports also pointed out that Russia intelligence agencies use to cheat victims of fake e-mail account and password. The summer of 2015, is the use of the Security Council of the Russian Federation approach invaded democratic County Convention system, the spring of 2016, Russia Intelligence Directorate of the invasion was again using the same techniques. Reports that these attacks use fake e-mail appear real authority. At the end of the November election a few days later, Russia Intelligence Unit launched a similar mail attacks.
For the unknown network attack, United States this official report provided for the private sector to identify and prevent hacking methods. To this end, the United States national security services have to incorporate this information into their own sharing system, once found similar threats will automatically and immediately warned related companies and government units, United States officials have two Russia intelligence unit of malware samples used, provide antivirus software company.
Two hackers to perform an intrusion
According to the New York times the report resolved the Russia hacking email some of the steps of the Democratic Party. Reported that, with Russia two information hacker organization units – the Russian Federal Security Service (FSB) the hacker "cozy bears" (Cosy Bear), Russian General Staff Intelligence Directorate (GRU) relating to hacking and "fancy bear" (Fancy Bear) play an important role.
Predecessor of the FSB is a former member of the Soviet-era national security (KGB). It is learnt that the hacking group associated with the Russian FSB, most likely in July 2015, China had invaded the Democratic Party member servers, then nearly 1 year have not been found.
Investigators found another hacking group associated with the GRU, known as "fancy bear" or "Advanced long-term threats to 28" (A.P.T.28). March 2016, the Organization became the second invasion of democratic County Committee server hacking. Reported that the democratic County Committee email is open, "fancy bear" plays an important role. In addition, investigators believe that hacking group "DC Leaks", "Guccifer 2.0" has appeared in June this year, the Democrats stolen documents from being made public.
"Email gate" scandal, US media reported according to the files released by the hacker, expand the effect of hacker attacks. Even the media also called "Guccifer 2.0" and "DC Leaks" confidential documents directly to them.
美国公布13页报告:揭秘俄黑客介入美国选举 - 黑客 - IT资讯
12月30日,美国国土安全部和FBI公布13页俄利用黑客介入美国选举的报告,这是美国首次在官方报告中点名某国主使恶意黑客攻击。
美媒称,这是美国政府正式将民主党中国委员大会“被黑”的行为,和俄罗斯军事机构——比如俄罗斯联邦安全局(FSB)和俄罗斯总参谋部情报总局(GRU)关联在一起。
网袭方式:制造假身份发动攻击
报告表示,这些俄罗斯情报单位一直对美国政府和国民发动黑客攻击,单位的成员有时还会在网络上制造假身份,使受害者误以为发动攻击的人是他人。例如民主党今年夏天遭遇窃取的电子邮件,虽然由一名自称为Guccifer 2.0的人公布在网络上,但美国官员认为该事件事实上和俄罗斯有关。
假邮件骗取账号与密码
报告还指出,俄罗斯情报机构利用假电子邮件来骗取受害者的账号和密码。2015年夏季,俄罗斯联邦安全局就是利用该手法入侵了民主党中国代表大会系统,2016年春季,俄罗斯情报总局再次利用同样的手法进行了入侵。报告称,这些攻击中所使用的假电子邮件看起来都来自真实的官方机构。在11月大选结束几天后,俄罗斯情报单位又发动一次类似的邮件攻击。
对于不明网袭,美国的这份官方报告提供了供私人企业辨认和防止黑客入侵的方法。为此,美国国家安全部门已经将这些资讯纳入自己的分享系统,一旦发现类似威胁会立即自动警告相关公司和政府单位,美国官员也将两个俄罗斯情报单位用的恶意软件样本,提供给杀毒软件公司。
两黑客组织执行入侵
《纽约时报》根据这份报告解析了俄罗斯黑客攻击民主党邮箱的一些步骤。报道认为,与俄罗斯两个情报单位有关的黑客组织——俄联邦安全局(FSB)有关的黑客组织“舒适熊”(Cosy Bear)、俄总参谋部情报总局(GRU)有关的黑客组织“花俏熊”(Fancy Bear)起到了重要作用。
FSB前身是前苏联时期的国家安全委员(KGB)。据悉,与俄FSB有关的黑客组织,很可能于2015年7月曾入侵民主党中国委员服务器,随后近1年都未被发现。
调查人员发现,另一与GRU有关的黑客团体,被称为“花俏熊”或“先进长期威胁28”(A.P.T.28)。2016年3月,该组织成为第二个入侵民主党中国委员会服务器的黑客组织。报道认为,民主党中国委员会电邮被公开,“花俏熊”扮演了重要角色。此外,调查人员认为,黑客组织“DC Leaks”、“Guccifer 2.0”先后于今年6月出现,民主党被窃文件从此遭到公开。
面对“邮件门”丑闻,全美媒体都根据黑客公布的文件进行过报道,扩大了黑客攻击的效果。甚至有媒体还要求“Guccifer 2.0”和“DC Leaks”直接将机密文件交给他们。