The Democratic National Committee’s convention in Philadelphia was expected to be a predictable gathering focused on discrediting the opposition. Instead, the Democrats found themselves embroiled in a fast-paced spy thriller full of unexpected twists and turns. When news broke in June about the hack of the DNC’s servers, a flood of rumors was unleashed about who was responsible, what was stolen, and what the motives were. A network security analysis firm found that two separate adversaries affiliated with Russian intelligence were embedded in the DNC network. One of them had been accessing the DNC servers for nearly a year. Both Russian groups had hacked into DNC servers using malware and other specific methods they had used in previous attacks.
The attack on the DNC was devastating, with WikiLeaks publishing nearly 20,000 emails and more than 8,000 attachments from more than 100 DNC employees. The information revealed details of the DNC’s “off the record” correspondence with reporters, internal campaign information, financial contributions, personal information of donors to the Democratic Party, and damaging emails implying that the DNC was making purposeful efforts to derail Bernie Sanders’ campaign.
The Art of the Steal
As evidence quickly mounted linking Russian intelligence to the DNC breach, security experts delved into how it was accomplished. A command-and-control address was hardcoded into the malware used in the breach, and the document dump revealed traces of metadata that were translated into Cyrillic. Hackers may have also created spoofed login pages allowing them to steal employees’ credentials and gain entry into servers and PCs, allowing thieves to send information back to their own servers.
The hackers appear to have targeted staffers using “spearfishing” emails, notes that seem to be coming from a colleague or friend but that contain attachments or links that deploy malware. When security experts looked at IP addresses used by the DNC, they found the domain name misdepatment.com, which—except for the transposition of two letters—is identical to the domain name of MIS Department, the company hired by the DNC to manage its computer network. Registering a domain name similar to a legitimate domain is useful for fooling a target into believing an email has come from a trusted source, when actually it is infected with malware.
Their fine-tuned tactics have enabled the Russian groups to hack IT firms, energy companies, universities, and government agencies in the United States, Canada, Europe, and Asia. This isn’t the first time; Russian hackers breached email servers in the State Department and the White House last year, even stealing data from President Obama’s Blackberry. And this isn’t the last time, either. WikiLeaks has promised that more DNC leaks are on the way.
Strong Defenses are the Key to Security
When it comes to the election, Americans will have to rely on election officials to plug the leaks in their networks and strengthen their defenses to prevent future invasions. But private enterprises don’t have to rely on the government for security. Safe-T has a solution for businesses and the government that can keep their networks secure and their emails private.
With Safe-T Secure Email, organizations can securely send data from an application or user to any other application, user, or device through a simple web, desktop, and mobile interface. Safe-T Secure Email can be seamlessly integrated with Outlook or deployed behind the scenes in the network. Outgoing emails are authenticated, scanned, and encrypted to be sure data is shared securely. Incoming emails are decrypted, authenticated, and scanned for viruses and malware.
When an encrypted email and attachments are sent, they are stored in the sender’s Safe-T Box server and the recipient receives an email containing a link. After being authenticated by a one-time password or a username/password combination, the recipient can access the encrypted email and download attachments. And our solution is the only one that enables authentication of email users using their existing personal social network credentials.
Read the Safe-T Secure Email brief to learn more about how Safe-T Secure Email can keep emails private with automatic encryption policies. Download our white paper to learn how Safe-T can help enterprises keep their networks and data exchanges secure. Let us help you keep your emails from ending up on WikiLeaks.