Discussion: Microsoft Detected And Dismantled Six Phony Political Sites By Russian Hackers

Reports indicate that Microsoft permanently disabled their hard drives with the dreaded “Windows 10 upgrade” virus.

13 Likes

And FaceBook will institute postcard verification of Russian hacker pages and adverts…

1 Like

Twitter immediately provided the ousted hackers with new Twitter accounts.

5 Likes

Well, good on Microsoft. It’s nice to know enormous corporations are being forced to pick up the slack against these threats to our democracy in the face of a leadership-free, incompetent administration.

Oh, did i say “it’s nice”? That was supposed to read “it’s horrifying.”

7 Likes

If this don’t scare the crap out of you, nothing will…

7 Likes

I assume these sites were on Microsoft servers but the article does not say.

1 Like

This is gonna so enrage POTUS. First the angry tweets denouncing this interference, and then more sanctions. Mark my words. Just you watch. Any second now…

1 Like

:cold_sweat::cold_sweat::cold_sweat:

Of course, this kid is 10x smarter than Trump and his clown car crew. So this is all 10 bridges too far for their intellect. All they know is the Russians are cheating for them, not against them, so they won’t lift a finger to stop it.

I just hope we have brilliant geeks invisibly cheating against them by the 1,000’s. I know I’m going low here, but we aren’t going to win a gun fight with a club. I personally am ready for an army of bright blue cyber assault rifles. With a gazillion magazines and silencers.

1 Like

Which begs the question: Why don’t these kids help do something about cyber attacking the Russian hackers to help stop them and perhaps hack the Russian bad actors themselves? Shouldn’t IC be making use of this talent?

I’m totally over being afraid of fucking Russians, I want to see some serious push back. I’m hoping it is already happening under the public radar but this sitting duck BS to their nefarious cyber activity is really getting on my nerves and pissing me off.

5 Likes

Passing along stories like this IS the problem, vis a vis the Russian angle and more generally in passing along highly misleading reports like this one. An informed reading of this event is found here:

http://www.moonofalabama.org/2018/08/microsoft-promotes-russia-scare-to-gain-insider-access-to-campaign-information.html#more

Only sites opposing Trump were hacked? I’m shocked! Shocked, I say!

1 Like

More likely that the URLs were embedded in email addresses that were flagged and then quarantined in O365/Exchange Online – or if a document with those addresses & malware were detected being uploaded to someone’s OneDrive or SharePoint, a forensics trace would find where the actual web servers were hosted (and if they were in MSFT Azure, then MSFT would shut them down).

And the organization promoting free & fair elections that Putin kicked out of Russia…

1 Like

From the WP article:

…After discovering the sites recently, Microsoft said, it sought to obtain a court order to transfer the domain names to its own servers, a legal tactic that the company’s security division has used a dozen times since 2016…

elsewhere in the article:

The cases have been brought under trademark infringement…

I have some doubts about this report. Of course, once one can log into an account with enough security to muck around with a database, any mayhem is possible. The question is: how did these “hackers” get in? Were they given the password? Was it acquired by easy “phishing”? Accounts that have enough power to do damage should be protected at least by “good” passwords, or even better techniques. People who have the necessary credentials should have the training to properly protect their access. Databases can be protected by encryption and then require further credentials to access. Even so, authorized users do have to be trained on basic security procedures. The vulnerabilities are almost all related to human error or insufficient training - or malfeasance. So that is a big risk. But if the exposure were as serious as the article implies, every bank and other financial insitution would have been drained of all its assets in the past 40 years. More to the point, many more elections would have been hacked - not by Russians but by dishonest domestic partisans.

People like Jonn Podesta, who gave up his password to phishers, should not be in charge of election databases - unless they are willing to learn proper security procedures. I have worked with online systems for 40 years, and professionals have been concerned with security for that whole time (and longer). Security is far, far better now than it used to be. But it’s the end users (database administrators) who need the proper training to use the existing security mechanisms. It’s not rocket science. Clearly, financial institutions have been able to sufficiently educate their relevant personnel - even the lowest level ones.

It occurs to me now that there are other relevant vulnerabilities.Just now I had a “bad gateway 502” error trying to save this reply. That indicates overload on TPM servers. (They really need more server power.) But conditions like that can also allow hackers to get in, since server overload can be caused by “denial of service attacks”. There are still ways to protect systems, but more sophistication is required. And there are software bugs too, but software vendors are constantly stamping those out. The window of risk is always there. But it takes very good luck for hackers to find the open windows and unlocked doors. The scenarios illustrated in the Politico article aren’t anything like the “real world”.