President Donald J. Trump is expressing skepticism about intelligence assessments of the Russian hacking and will provide more information very soon.
The executive order issued by President Obama in retaliation of the alleged Russian interference on Presidential Election is raising a heated debate on the on the measures adopted by the US Government and its ability to provide evidence of Russian malicious cyber activities.
The US ejected 35 Russian intelligence operatives from the United States and imposed sanctions on nine entities and individuals.The US Government sanctioned the Russian intelligence services, the GRU (Russian Main Intelligence Directorate) and the FSB (Federal Security Service), four GRU officers, and three other organizations.
The report published by the US Government doesn’t provide any new info, all the information it includes were already reported in the analysis conducted by security firms such as Crowdstrike.
In June, the security research firm CrowdStrike reported on a cyber breach of the Democratic National Committee (DNS). CrowdStrike’s incident response time discovered not one, but two hacking groups that it considers “some of the best adversaries out of the all the numerous nation-state” groups the company encounters daily – COZY BEAR and FANCY BEAR.
This is exactly the same info that we have found in the JAR report published by the US Government that linked the cyber activity to a Russian threat actor designated as GRIZZLY STEPPE.
Security experts at the security firm Wordfence published an interesting report in which they analyzed the PHP malware sample and the IP addresses that the US government has provided as proof the involvement of Russian hackers in the attacks against the Presidential Election.
“We used the PHP malware indicator of compromise (IOC) that DHS provided to analyze the attack data that we aggregate to try to find the full malware sample. We discovered that attackers use it to try to infect WordPress websites. We found it in the attacks that we block.”
Experts from Wordfence traced the malware code to a tool available online, dubbed P.A.S., that claims to be “made in Ukraine.”
“One might reasonably expect Russian intelligence operatives to develop their own tools or at least use current malicious tools from outside sources,” the report says.
The report published by WordFence includes the list of IP addresses that “don’t appear to provide any association with Russia” and “are probably used by a wide range of other malicious actors.”
“The malware sample is old, widely used and appears to be Ukrainian. It has no apparent relationship with Russian intelligence and it would be an indicator of compromise for any website.” reads the report from WordFence.
The IT security industry is aware of the Russian interference, but clearly, the analysis provided by the US Government is really poor of interesting elements.
Which is the position of President-elect Donald J. Trump on the Russian hacking?
We all know that alleged Russian interference aimed to disrupt Clinton’s campaign due to the relationship between Puting and Trump.
President Donald J. Trump is expressing skepticism about intelligence assessments of the Russian hacking and the Kremlin’s interference in the election.
According to the NYT, speaking to reporters outside his Palm Beach, Fla., club, Mar-a-Lago on Saturday evening, he revealed to know of “things that other people don’t know” about the alleged hacking campaigns that targeted Presidential Election. Trump announced that he will share the information “on Tuesday or Wednesday.”
“I just want them to be sure because it’s a pretty serious charge,” said Mr. Trump.“If you look at the weapons of mass destruction, that was a disaster, and they were wrong,” he added, referring to intelligence cited by the George W. Bush administration to support its march to war in 2003. “So I want them to be sure,” the president-elect said. “I think it’s unfair if they don’t know.”
“If you look at the weapons of mass destruction, that was a disaster, and they were wrong,” he added, referring to intelligence reports that were provided the George W. Bush administration in 2003. “So I want them to be sure,” “I think it’s unfair if they don’t know.”
“And I know a lot about hacking. And hacking is a very hard thing to prove. So it could be somebody else. And I also know things that other people don’t know, and so they cannot be sure of the situation.”
“I don’t care what they say, no computer is safe,” he added. “I have a boy who’s 10 years old; he can do anything with a computer. You want something to really go without detection, write it out and have it sent by courier.”
The only sensible answer to date is that of Russian President Putin who avoided responding Obama executive order.