Monday, October 31, 2016

In March 2016, FBI specifically warned Hillary campaign that spear phishing attempts were being made against it. Despite specific FBI warning, Hillary campaign IT worker gave go-ahead to click on spear phishing link that enabled Podesta email hack, said link was 'legitimate, imperative.' Domain was So. Pacific atoll-Smoking Gun (Hillary campaign itself enabled flood of Podesta emails, declined FBI help to prevent spear phishing access, could either drop out or create a huge diversion. Hillary seeks to divert attention from her gross negligence by rattling her US taxpayer funded sabres against her next target for bloody regime change-Putin)

.
In March 2016 the FBI specifically warned senior Hillary campaign officials that it was being targeted by spear phishing emails. The campaign declined FBI assistance on the matter. In the same month, March 2016, Hillary campaign "IT worker" declared a Podesta related spear phishing email "legitimate," approved "immediate" clicking on the tempting link, thus beginning the flood of Podesta emails, followed by a desperate need for a scapegoat (yeah, Putin, another chance to rattle sabres at him to help gin up WWIII) to divert attention from the campaign's gross negligence. It's common knowledge thatmost successful hacks today start with a phishing attack," and that "Gmail [used by Hillary campaign manager Podesta] is used for more than half of all data drop email accounts, making it the top webmail service used by attackers to receive credentials stolen via phishing." (So why is Podesta using it?) Information about spear phishing has been on the FBI website since at least 2009
 
10/28/16, "How Podesta's Gmail Account Was Breached," the smokinggun.com

"Clinton campaign staff guilty of getting duped by hackers"

"So how did John Podesta’s e-mail account get hacked? The answer to that question came into embarrassing focus this morning with the latest Wikileaks dump of correspondence stolen from the Gmail account of Hillary Clinton's campaign manager. 

On March 19, a Saturday, Podesta received an e-mail--purportedly from Google--warning him that, “Someone has your password.” The alert (seen above) informed Podesta that a sign-in attempt from an IP address in Ukraine was thwarted and that, “You should change your password immediately.” The e-mail, addressed "Hi John," included a blue “CHANGE PASSWORD” box to be clicked."...

[Ed. note: In March 2016 the FBI contacted Hillary's campaign, warned specifically that it was being targeted by "spear phishing emails." The Hillary campaign declined FBI's offer to help. A "spear phishing" link is exactly what a Hillary "IT worker" said was "absolutely imperative" to click on and thus in March 2016 enabled the flood of Podesta emails.] 

(continuing): "As TSG reported in August, similar messages were sent to the Gmail accounts of scores of other Clinton campaign officials around the time Podesta received the phony alert. An identical e-mail--containing the exact Ukrainian IP address--was received on March 22 by William Rinehart, a campaign organizer. The IP address included in the e-mails received by Podesta and Rinehart traces back to Kyivstar, Ukraine’s largest telecommunications company.

Like Rinehart, Podesta’s Gmail account was compromised by the “spear phishing” e-mail....

After the e-mail arrived in Podesta’s account, it appears that his chief of staff, Sara Latham, sought guidance from an IT worker with the Clinton campaign. After examining the “Someone has your password” e-mail, staffer Charles Delavan ...mistakenly assured Latham and Shane Hable, the campaign’s chief information officer, that, “This is a legitimate email. John needs to change his password immediately, and ensure that two-factor authorization is turned on his account.”

Delavan’s 9:54 AM e-mail included a link to an actual Google password change page.It is absolutely imperative that this is done ASAP,” he added.

Latham then forwarded Delavan’s email to Podesta and campaign staffer Milia Fisher, who had access to Podesta’s Gmail account. 

The gmail one is real wrote Latham, who instructed Fisher to change Podesta’s password since “Don’t want to lock him out of his in box!”

But instead of following the link provided by Delavan, it appears that Podesta or Fisher...clicked on the “CHANGE PASSWORD” box in the original “spear phishing” correspondence (a copy of which which was included in the e-mail chain that Saturday morning).

That link led to what appeared to be a legitimate Google page, but was actually a site designed by the hackers to capture a target’s log-in credentials. The link to the spoofed Gmail page included a lengthy underlying url with the .tk suffix, indicating that the domain created to trick Podesta was registered in Tokelau, a remote group of South Pacific atolls.

The hidden 293-character link included a string of characters containing the encoded Gmail address for Podesta (john.podesta@gmail.com).

The e-mails stolen in the Podesta hack and posted on Wikileaks show that the most recent correspondence is from March 21.

While Delavan protected his Twitter page following the publication of this story, he did offer the public some sage advice earlier this week. In an October 25 tweet, Delavan wrote, “don’t click on anything ever. delete your email account. move to the woods.” (1 page) Image above from The Smoking Gun

--------------------------------

Among comments
................................

"Scott Johnson ·


............................

Added: 7/28/16 article about March 2016 FBI warning to Hillary campaign specifically about "spear phishing." Hillary campaign declined FBI assistance on the matter when it asked for access to documents to help trace the spear phishers. (At the time Hillary was still under investigation by the FBI for possible criminal national security violations). "The Brooklyn warning also could raise new questions about why the campaign and the DNC didn’t take the matter more seriously."...

7/28/16, "FBI warned Clinton campaign last spring of cyberattack," Michael Isikoff, Yahoo News  

"The FBI warned the Clinton campaign that it was a target of a cyberattack last March, just weeks before the Democratic National Committee discovered it had been penetrated by hackers it now believes were working for Russian intelligence, two sources who have been briefed on the matter told Yahoo News. 

In a meeting with senior officials at the campaign’s Brooklyn headquarters, FBI agents laid out concerns that cyberhackers had used so-called spear-phishing emails as part of an attempt to penetrate the campaign’s computers, the sources said. One of the sources said agents conducting a national security investigation asked the Clinton campaign to turn over internal computer logs as well as the personal email addresses of senior campaign officials. 

But the campaign, through its lawyers, declined to provide the data, deciding that the FBI’s request for sensitive personal and campaign information data was too broad and intrusive, the source said. 

A second source who had been briefed on the matter and who confirmed the Brooklyn meeting said agents provided no specific information to the campaign about the identity of the cyberhackers or whether they were associated with a foreign government. The source said the campaign was already aware of attempts to penetrate its computers and had taken steps to thwart them, emphasizing that there is still no evidence that the campaign’s computers had actually been successfully penetrated. 

But the potential that the intruders were associated with a foreign government should have come as no surprise to the Clinton campaign, said several sources knowledgeable about the investigation. Chinese intelligence hackers were widely reported to have penetrated both the campaigns of Barack Obama and John McCain in 2008. 

The Brooklyn warning also could raise new questions about why the campaign and the DNC didn’t take the matter more seriously. It came just four months after the DNC had also been contacted by FBI agents alerting its information technology specialists about a cyberattack on its computers, the sources told Yahoo News. As with the warning to the Clinton campaign, the FBI initially provided no details to the DNC.... 

By mid-May, Director of National Intelligence James Clapper was telling reporters that US. Intelligence officials “already had some indications” of hacks into political campaigns that were likely linked to foreign governments and that “we’ll probably have more.” 

In a talk at the Aspen Security Forum Thursday, Clapper said the U.S. government is not “quite ready yet” to “make a public call” on who was behind the cyberassault on the DNC, but he suggested one of “the usual suspects” is likely to blame. “We don’t know enough [yet] to…ascribe a motivation, regardless of who it may have been,” Clapper said.... 

Clapper is reportedly among a number of U.S. intelligence officials who have resisted calls to publicly blame the Russians, viewing it as likely the kind of activity that most intelligence agencies engage in. “[I’m] taken aback a bit by…the hyperventilation over this,” Clapper said during his Aspen appearance, adding in a sarcastic tone, “I’m shocked somebody did some hacking. That’s never happened before.”... 

The FBI’s request to turn over internal computer logs and personal email information came at an awkward moment for the Clinton campaign, said the source, familiar with the campaign’s internal deliberations. At the time, the FBI was still actively and aggressively conducting a criminal investigation into whether Clinton had compromised national security secrets by sending classified emails through a private computer server in the basement of her home in Chappaqua, N.Y. There were already press reports, to date unconfirmed, that the investigation might have expanded to include dealings relating to the Clinton Foundation. Campaign officials had reason to fear that any production of campaign computer logs and personal email accounts could be used to further such a probe. At the Brooklyn meeting, FBI agents emphasized that the request for data was unrelated to the separate probe into Clinton’s email server. 

But after deliberating about the bureau’s request, and in light of the lack of details provided by the FBI and the absence of a subpoena, the Clinton campaign chose to turn down the bureau's request, the source said."

............................


Added: "Mrs. Clinton has clearly disqualified herself from ever coming near classified information again....Having Clinton anywhere near the White House is just not a good idea."

10/29/16, "Democrats should ask Clinton to step aside," Chicago Tribune, John Kass, opinion


"Has America become so numb by the decades of lies and cynicism oozing from Clinton Inc. that it could elect Hillary Clinton as president, even after Friday's FBI announcement that it had reopened an investigation of her emails while secretary of state? We'll find out soon enough. 

It's obvious the American political system is breaking down. 

It's been crumbling for some time now, and the establishment elite know it and they're properly frightened. Donald Trump, the vulgarian at their gates, is a symptom, not a cause. Hillary Clinton and husband Bill are both cause and effect. 

FBI director James Comey's announcement about the renewed Clinton email investigation is the bombshell in the presidential campaign. That he announced this so close to Election Day should tell every thinking person that what the FBI is looking at is extremely serious. 

This can't be about pervert Anthony Weiner and his reported desire for a teenage girl. But it can be about the laptop of Weiner's wife, Clinton aide Huma Abedin, and emails between her and Hillary. It comes after the FBI investigation in which Comey concluded Clinton had lied and been "reckless" with national secrets, but said he could not recommend prosecution. 

So what should the Democrats do now? 

If ruling Democrats hold themselves to the high moral standards they impose on the people they govern, they would follow a simple process: 

They would demand that Mrs. Clinton step down, immediately, and let her vice presidential nominee, Sen. Tim Kaine of Virginia, stand in her place. 

Democrats should say, honestly, that with a new criminal investigation going on into events around her home-brew email server from the time she was secretary of state, having Clinton anywhere near the White House is just not a good idea. 

Since Oct. 7, WikiLeaks has released 35,000 emails hacked from Clinton campaign boss John Podesta. Now WikiLeaks, no longer a neutral player but an active anti-Clinton agency, plans to release another 15,000 emails. 

What if she is elected? Think of a nation suffering a bad economy and continuing chaos in the Middle East, and now also facing a criminal investigation of a president. Add to that congressional investigations and a public vision of Clinton as a Nixonian figure wandering the halls, wringing her hands. 

The best thing would be for Democrats to ask her to step down now. It would be the most responsible thing to do, if the nation were more important to them than power. And the American news media--fairly or not firmly identified in the public mind as Mrs. Clinton's political action committee--should begin demanding it. 

But what will Hillary do? 

She'll stick and ride this out and turn her anger toward Comey. For Hillary and Bill Clinton, it has always been about power, about the Clinton Restoration and protecting fortunes already made by selling nothing but political influence. 

She'll remind the nation that she's a woman and that Donald Trump said terrible things about women. If there is another notorious Trump video to be leaked, the Clintons should probably leak it now.

Then her allies in media can talk about misogyny and sexual politics and the headlines can be all about Trump as the boor he is and Hillary as champion of female victims, which she has never been. 

Remember that Bill Clinton leveraged the "Year of the Woman."

Then he preyed on women in the White House and Hillary protected him. But the political left — most particularly the women of the left — defended him because he promised to protect abortion rights and their other agendas. 

If you take a step back from tribal politics, you'll see that Mrs. Clinton has clearly disqualified herself from ever coming near classified information again. If she were a young person straight out of grad school hoping to land a government job, Hillary Clinton would be laughed out of Washington with her record. She'd never be hired. 

As secretary of state she kept classified documents on the home-brew server in her basement, which is against the law. She lied about it to the American people. She couldn't remember details dozens of times when questioned by the FBI. Her aides destroyed evidence by BleachBit and hammers. Her husband, Bill, met secretly on an airport tarmac with Attorney General Loretta Lynch for about a half-hour, and all they said they talked about was golf and the grandkids. 

And there was no prosecution of Hillary.

That isn't merely wrong and unethical. It is poisonous.

And during this presidential campaign, Americans were confronted with a two-tiered system of federal justice: one for standards for the Clintons and one for the peasants.

I've always figured that, as secretary of state, Clinton kept her home-brew email server — from which foreign intelligence agencies could hack top secret information — so she could shield the influence peddling that helped make the Clintons several fortunes.

The Clintons weren't skilled merchants. They weren't traders or manufacturers. The Clintons never produced anything tangible. They had no science, patents or devices to make them millions upon millions of dollars. 

All they had to sell, really, was influence. And they used our federal government to leverage it. 

If a presidential election is as much about the people as it is about the candidates, then we'll learn plenty about ourselves in the coming days, won't we?"
.................
......

DNC two month computer security review began in September 2015. Experts found many flaws, made dozens of recommendations, DNC didn't act on any of them, thus allowing already present hackers to stay for nearly a year. DNC desperately needed to divert attention from themselves: "Cyber-security assessments can be a mixed blessing. Legal experts say some general counsels advise organizations against doing such assessments if they don’t have the ability to quickly fix any problems the auditors find, because customers and shareholders could have cause to sue if an organization knowingly disregards such warnings." 

7/26/16, "Democrats Ignored Cybersecurity Warnings Before Theft," Bloomberg, Michael Riley

 "The Democratic National Committee was warned last fall that its computer network was susceptible to attacks but didn’t follow the security advice it was given, according to three people familiar with the matter.

The missed opportunity is another blow to party officials already embarrassed by the theft and public disclosure of e-mails that have disrupted their presidential nominating convention in Philadelphia and led their chairwoman to resign.

Computer security consultants hired by the DNC made dozens of recommendations after a two-month review, the people said. 


Following the advice, which would typically include having specialists hunt for intruders on the network, might have alerted party officials that hackers had been lurking in their network for weeks -- hackers who would stay for nearly a year Instead, officials didn’t discover the breach until April....

Cyber-security assessments can be a mixed blessing. Legal experts say some general counsels advise organizations against doing such assessments if they don’t have the ability to quickly fix any problems the auditors find, because customers and shareholders could have cause to sue if an organization knowingly disregards such warnings."...
 




............

No comments: