shoplkp.blogg.se

FANCY BEAR - which had breached the network separately in April 2016 - had hacked victims across the world, including the German Bundestag. COZY BEAR - which had been inside the DNC's system since the summer of 2015 - had previously hacked the White House and the US State Department. "They were called FANCY BEAR and COZY BEAR, and we could attribute them to the Russian government."īoth the groups had a long rap sheet. This is because of a handful of small but significant tells: data exfiltrated to an IP address associated with the hackers a misspelled URL and time zones related to Moscow. "We realised that these actors were very well known to us," Alperovitch says. Two groups, working independently, were secreting away information, including private correspondence, email databases and, reportedly, opposition research files on Donald Trump. But who? CrowdStrike checked its records, seeing whether the methods used for the hack matched any they already had on record. One question had been answered: there was definitely someone rummaging around the DNC servers. This new type of attack - bigger, bolder, but more secretive - goes undetected, often for hundreds of days, just as it did for the DNC. They're social engineering." They're also carried out by state-sponsored groups specifically set up to engage in cyberwarfare with other countries. Up to 60 per cent of the hacks we read about don't use malware, Kurtz says.

So George and I got together and said there's a better way."

"It was very hard at McAfee to do anything about it. "The threat landscape was changing dramatically," Alperovitch says. Alperovitch, 36, (pictured) who was born in Moscow and moved to the US in his teens, and his co-founder George Kurtz, 46, knew this system well - they worked on it at security giant McAfee. That was when the DNC called Alperovitch and CrowdStrike, his Washington DC-based cybersecurity company.ĬrowdStrike was born out of a frustration with the traditional way of dealing with hacks: occasionally updated anti-virus programmes looking for malicious software sent by bedroom hackers. But, by April 2016, they acknowledged something was wrong. Working flat out to make Hillary Clinton the next president of the United States, its staff ignored warnings that they'd been hacked. Dmitri Alperovitch says there are two types of organisations: "Those that know they've been hacked, and those that don't know right now, but have been hacked anyway." For the first few months of 2016, the Democratic National Committee (DNC), fell firmly into the second category.