There is a good article in Reuters today [http://www.reuters.com/article/us-usa-cyber-democrats-reconstruct-idUSKCN10E09H ] about the DNC hack and the delay on getting security professionals into the place when they were first told about "unusual activity" on their computers. I have made contact with various political offices, big businesses, and other government agencies to tell them that we thought they should look for suspicious activity in their computers and they all respond in about the same way: "We will check on that." The tone us usually a "yeah-yeah-yeah" brush-off like "we know what we are doing over here" even if the evidence is pretty solid they don't. It is not possible to tell them everything, since certain aspects of an investigation like this are classified. They involve a foreign entity getting into US computers, and being detected by the US Government. If a contractor reports it we could tell them it was reported to us that the source was xxx country, but most of the time it isn't done that way. Better not to tell them too much or it tips off the other side that you know they are hacking and from where.
Most businesses are smart enough to know that when the FBI says "check that network for suspicious activity" they are not telling them on a whim or some general threat from anywhere. They go and get their security staff and start running checks. They us usually find the problem pretty quickly, or if they don't, they get more security and outside help. These are not kids hacking from Cleveland when the FBI calls.
It is apparent the DNC, at least by the dates in this article, did not exactly jump to the task and they are now complaining (as others have too) that they were not given enough information to find the intruder. That is like saying, "You didn't tell us exactly where to look or what to look for." The same things were said about OPM's hack.
From June of 2015 until May of 2016, they didn't call professionals in to look at the "suspicious activity", and now they are taking the heat from donors and political allies who are fretting about what was in the hands of Wikileaks and about to be published. In a year of hackers going around in the systems, we can probably say "everything they had" with a good degree of confidence. Some of them are innocent of wrong-doing but don't want to be known as contributors to Hillary. That is sad for them that this happened. Others were relying on the Hillary machine to protect that donation and they might be ratted out. It is hard to feel sorry for them.
I thought back to the Fortune 100 CIO who told me honestly that he really didn't want to have to go through all that was required to get damage from a hack out of the system and was looking for another way to get out of that. After getting only silence from us, he laughed, saying "OK, I'll do it," and he hung up.
No comments:
Post a Comment