It was the third trigger of the recession indicator in less than two weeks.Bondsread more
Overstock CEO Partick Byrne has resigned from the e-commerce company after making controversial comments about his role in the "Deep State."Technologyread more
U.S. manufacturer growth slowed to the lowest level in almost 10 years in August, the latest sign that the trade war may be exacerbating the economic slowdown.Marketsread more
Automakers are trying to deal with President Trump's efforts to roll back Obama-era fuel efficiency rules.Autosread more
ARM rates are all over the place lender to lender because they are a very small percentage of new loan originations, around 6% of total mortgage application volume, according...Real Estateread more
"The president is not backing down," says CNBC's Jim Cramer, referring to Trump's repeated calls for the Fed to cut rates while talking tough on China.Economyread more
Philadelphia Fed President Patrick Harker said he doesn't see the case for additional stimulus after the Federal Reserve's July rate cut.The Fedread more
Stocks fell, giving up earlier gains as investors wondered whether the Federal Reserve will cut interest rates next month.US Marketsread more
"My sense was we've added accommodation, and it wasn't required in my view," George tells CNBC's Steve Liesman.Investingread more
Former Prudent Bear Fund manager David Tice is urging investors to brace for a massive downturn.Trading Nationread more
Samsung's Galaxy Note 10+ packs everything you need and more into a phone.Technologyread more
The 12 Russian operatives indicted by the Justice Department waged a campaign of well-executed espionage and novel technical engineering, coupled with rudimentary computer attacks.
That last part is key. Their tools may have been top-notch and their manipulation may have been slick, but the mode of entry was old-school and beatable, according to experts.
According to the Justice Department, the Russians used spear-phishing as one of their primary attack techniques. Spear-phishing refers to an email targeted at an important person — or a “big fish” — who can provide entry to a cache of the most important data. It starts with basic reconnaissance (like looking at Facebook and LinkedIn profiles) to create a portrait of a prominent individual, then using that portrait to create an email that he or she is sure to click on. In the Democratic National Committee hack in 2016, those emails were just spoofed to look like security updates from Google, according to the indictment.
To prevent this type of attack, the DNC could have done much more in terms of “basic cyber hygiene,” according to Amit Yoran, a founding member of the U.S. Computer Emergency Response Team, the arm of Homeland Security that reacts to major cyberattacks in the U.S. Patching systems and using two-factor authentication, which involves verifying a person’s identity using more than simply a password, would have greatly mitigated the damage the Russian agents could do, he said.
Not only does it show how preventable the incidents surrounding the attacks on the DNC could have been but the increasingly integral role private-sector companies have on the front lines of national defense, he said.
The Russians allegedly took a multi-pronged approach to the Democrats’ congressional and presidential campaigns, as well as the elections systems in several U.S. states. According to the indictment, a software vendor was the conduit to one attack against the voting registration system in Florida.
When the DNC realized they’d been hacked, they called in an American consulting firm to help. That company, which was not named in the indictment, removed many instances of malware left on DNC machines by the Russians.
However, that firm didn’t rid the committee’s servers of all instances of the malware, according to the Justice Department. Some malware remained, according to the indictment, and the Russians continued operating. Also, in the process of working on DNC computers, the consulting firm made their presence known to the attackers. Typically, that is not something a cybersecurity response firm wants to do.
The Russians were then able to find “countermeasures” to get around those defenses, prosecutors said.
For corporations watching and wondering what this might mean for the private sector: “At the most basic level, you’ve got to be able to defend yourself,” said Yoran, who now serves as chief executive of cyber-risk management company Tenable. “The rule of law isn’t well established in cyberspace. You’ve got to put in place reasonable protections and reasonable measures.”
Government agencies have increasingly been relying on private companies to both protect against and help assist in mitigating attacks from other nations, said Tom Kellermann, chief cybersecurity officer for security software company Carbon Black and a former information security officer with the World Bank. Kellermann estimated 90 percent of the country’s critical infrastructure is owned by the private sector. “Critical infrastructure” is a Department of Homeland Security term referring to 16 industry sectors including finance, the chemical sector, the communications industry, energy and critical manufacturing.
In early 2017, elections infrastructure was also added to that definition as a result of the attacks from Russia, giving DHS greater agency to assist state governments in readying for the next series of attacks. But in practice, that purview has extended only to the state attorneys general, not the companies supplying them with technology, voting machines, cloud services and databases.
According to people familiar with the matter, during the time revelations were surfacing about the attacks against the DNC, the committee decided to use private firms rather than take assistance from Homeland Security. (A spokesperson for the DNC disputes this, saying they did not hear from DHS until August, and that they provided materials when requested.) Kellermann said that the attacks illustrate how a better partnership between government agencies and the private sector, including better visibility into how attacks are taking place across industries and agencies at once, could help reduce the damage of incidents like this in the future.