A Follow-up Look into Mueller’s Dire Warnings

434
Daily Brian / Flickr Mueller To Subpoena Trump This Isn...
Daily Brian / Flickr

In his mid-week statement, Robert Mueller not only clarified the conclusion of his Report [pg 182, Vol II of II]:

IV. CONCLUSION

[…] Based on the facts and the applicable legal standards, we are unable to reach that judgment.  Accordingly, while this report does not conclude that the President committed a crime, it also does not exonerate him.

But Mueller warned us TWICE about the “threats” that faced our nation in 2016 and very real “threats” that still face us, as look ahead for next election, to somehow ‘right the ship’ …

[…] Russian intelligence officers who were part of the Russian military launched a concerted attack on our political system.

The indictment alleges that they used sophisticated cyber techniques to hack into computers and networks used by the Clinton campaign. They stole private information, and then released that information through fake online identities and through the organization WikiLeaks. The releases were designed and timed to interfere with our election and to damage a presidential candidate.

And at the same time, as the grand jury alleged in a separate indictment, a private Russian entity engaged in a social media operation where Russian citizens posed as Americans in order to interfere in the election.

[…]

I will close by reiterating the central allegation of our indictments—that there were multiple, systematic efforts to interfere in our election.

That allegation deserves the attention of every American.

Thank you.

Since that Mueller history recap and future warning, did not really provide a “course correction” roadmap, I thought I’d dig in the Mueller Report itself, to spotlight our previous vulnerabilities, and exactly what techniques the Russian “Military operations” employed to attack our Democracy (and usher-in the age of Trump).  How Putin’s GRU helped one Candidate gain an advantage over another, that Putin had a long-standing grudge match with.

It was almost like the nation’s back-door was left unlock, while we all went on a two-week vacation.

Report On The Investigation Into Russian Interference In The 2016 Presidential Election

Volume I of II — Special Counsel Robert S. Mueller, III

2. Intrusions Targeting the Administration of U.S. Elections

In addition to targeting individuals involved in the Clinton Campaign, GRU officers also targeted individuals and entities involved in the administration of the elections.  Victims included U.S. state and local entities, such as state boards of elections (SBOEs), secretaries of state, and county governments, as well as individuals who worked for those entities.[186]

The GRU also targeted private technology firms responsible for manufacturing and administering election-related software and hardware, such as voter registration software and electronic polling stations.[187] The GRU continued to target these victims through the elections in November 2016.

While the investigation identified evidence that the GRU targeted these individuals and entities, the Office did not investigate further. The Office did not, for instance, obtain or examine servers or other relevant items belonging to these victims. The Office understands that the FBI, the U.S. Department of Homeland Security, and the states have separately investigated that activity.

By at least the summer of 2016, GRU officers sought access to state and local computer networks by exploiting known software vulnerabilities on websites of state and local governmental entities.

GRU officers, for example, targeted state and local databases of registered voters using a technique known as “SQL injection,” by which malicious code was sent to the state or local website in order to nun commands (such as exfiltrating the database contents). [188]

In one instance in approximately June 2016, the GRU compromised the computer network of the Illinois State Board of Elections by exploiting a vulnerability in the SBOE’s website.  The GRU then gained access to a database containing information on millions of registered Illinois voters,[189] and extracted data related to thousands of U.S. voters before the malicious activity was identified.[190]

GRU officers [REDACTED … REDACTED] that scanned state and local websites for vulnerabilities.  For example, over a two-day period in in July 2016, GRU officers [REDACTED … REDACTED]  for vulnerabilities on websites of more than two dozen states. [REDACTED … REDACTED] [REDACTED … REDACTED]
[REDACTED … REDACTED] [REDACTED … REDACTED] [REDACTED … REDACTED] [REDACTED … REDACTED] [REDACTED … REDACTED] [REDACTED … REDACTED] Similar [REDACTED … REDACTED] for vulnerabilities continued through the election.

Unit 74455 also sent spearphishing emails to public officials involved in election administration and personnel at companies involved in voting technology. In August 2016, GRU officers targeted employees of [REDACTED … REDACTED] a voting technology company that developed software used by numerous U.S. counties to manage voter rolls, and installed  malware  on the company network.

Similarly, in November 2016, the GRU sent spea1phishing emails to over 120 email accounts used by Florida county officials responsible for  administering the 2016 U.S. election.[191]

The spearphishing emails contained an attached Word document coded with  malicious software (commonly referred to as a Trojan) that permitted the GRU to access the infected computer.[192]

The FBI was separately responsible for this investigation. We understand the FBI believes that this operation enabled the GRU to gain access to the network of at least one Florida county government. The Office did not independently verify that belief and, as explained above, did not undertake the investigative steps that would have been necessary to do so.

It was recently disclosed that at least 2 Florida County voting systems were compromised by Russian GRU attackers. For some odd reasons, the FBI still doesn’t want to tell us which ones. (It’s not like Putin doesn’t already know!?!)

Could be they’re afraid of how that thread will unravel, if they let the Voters of America found out just how vulnerable our worn-out, 19th-century Voting-machine systems really are?

As any knowledgeable hacker team will tell you (after a few beers) — it’s the ‘Social Engineering’ aspect of their trade, that gets them the most bang for their buck.

The good thing (for us lovers of Democracy), about these “personnel mining” exploits, is that Campaign workers and volunteers can be trained to avoid them.

Tip 1)  — NEVER click on any attachment that you do not know the source of.  Ignore until verified.

Another good thing is that Campaign tech administrators can also take steps to harden their Database and Network systems.

Tip 2,3,4,5)  — Replace all passwords, with Strong Passwords.  Replace default database passwords with Strong Passwords. Take precautions to close down SQL Injection opportunities in your forms (ie limit field length). Check you system logs and database logs for unusual activity.  At least daily.  After being hacked, force a password change — FOR Everyone.  Also, use encryption on your websites. And Virus software too.

Without these basic precautions, the back-door will still be left unlocked.  Which soon leads to the front door and windows being unlocked too.  (Party down at the DNC!)

Once again Mueller’s findings on the Topic of Campaign vulnerabilities:

A. GRU Hacking Directed at the Clinton Campaign

1. GRU Units Target the Clinton Campaign

Two military units of the GRU carried out the computer intrusions into the Clinton Campaign, DNC, and DCCC:  Military Units 26165 and 74455.[110] Military Unit 26165 is a GRU cyber unit dedicated to targeting military, political, governmental, and non-governmental organizations outside of Russia, including in the United States.[111] The unit was sub-divided into departments with different specialties.

One department, for example, developed specialized malicious software (“malware”) while another department conducted large-scale spearphishing campaigns.[112] [REDACTED … REDACTED] a bitcoin mining operation to secure bitcoins used to purchase computer infrastructure used in hacking operations.[113]

Military Unit 74455 is a related GRU unit with multiple departments that engaged in cyber operations.

Unit 74455 assisted in the release of documents stolen by Unit 26165, the promotion of those releases, and the publication of anti-Clinton content on social media accounts operated by the GRU.

Officers from Unit 74455 separately hacked computers belonging to state boards of elections, secretaries of state, and U.S. companies that supplied software and other technology related to the administration of U.S. elections.[114]

Beginning in mid-March 2016, Unit 26165 had primary responsibility for hacking the DCCC and DNC, as well as email accounts of individuals affiliated with the Clinton Campaign:[115]

[…]

— GRU officers also sent hundreds of spearphishing emails to the work and personal email accounts of Clinton Campaign employees and volunteers. Between March 10, 2016 and March 15, 2016, Unit 26165 appears to have sent approximately 90 spearphishing emails to email accounts at hillaryclinton.com .  Starting on March 15, 2016, the GRU began targeting Google email accounts used by Clinton Campaign employees, along with a smaller number of dnc.org email accounts.[117]

The GRU spearphishing operation enabled it to gain access to numerous email accounts of Clinton Campaign employees and volunteers, including campaign chairman John Podesta, junior volunteers assigned to the Clinton Campaign’s advance team, informal Clinton Campaign advisors, and a DNC employee.[118]

GRU officers stole tens of thousands of emails from spearphishing victims, including various Clinton Campaign-related communications.

— — — — —

[112] A spearphishing email is designed to appear as though it originates from a trusted source, and solicits information to enable the sender to gain access to an account or network, or causes the recipient to download malware that enables the sender to gain access to an account or network. Netyksho Indictment, P 10.

[113] Bitcoin mining consists of unlocking new bit coins by solving computational problems. [REDACTED … REDACTED] kept its newly mined coins in an account on the bit coin exchange platform CEX.io.  To make purchases, the GRU routed funds into other accounts through transactions designed to obscure the source of funds. Netyksho Indictment, P 62.

Given the Mulvaney back-channel directive to Trump Administration directors — NOT to bring up the topic of Election Hacking and the Hardening Election systems, anywhere within hear-shot of Donald Trump —  I seriously doubt enough is being done to make our next Election safer than the last.

If anything, Putin’s GRU Military Units are getting smarter, and more knowledgeable, with more sock-puppets and more back-door keys — tucked away in their spy-hacker tool-kits, for when they need them.

All the while the American people are whistling past the hackers’ graveyard, at midnight. Hoping not to stir up those hidden keyboard-warriors, that are just waiting to go “bump in the night.”  At Putin’s (and now Parscale’s WhatsApp ??) command.

What in the world would stop them? Waiting for 2020 to “solve our Trump lawless problem”, has trouble and tragedy (and Reruns) written all over it.

— — —

I open up the floor for more Network and Database safety tips, from those of gurus here, more trained in the subject than I, lowly ‘programming grunt’ that I am.   I am hardly well-versed on the state of the art System Hardening topics.  (Neither are our County Voting Officials, I suspect.)

Anyways the floor is yours. Geek away.   Mueller implores us to.

160808152948-hacking-voting-machines-780x439.jpg
Pay no attention to Gremlins in the Machines.

What, me worry?

Thank you to all who already support our work since we could not exist without your generosity. If you have not already, please consider supporting us on Patreon to ensure we can continue bringing you the best of independent journalism.

Leave a Comment

1 Comment on "A Follow-up Look into Mueller’s Dire Warnings"

avatar
  Subscribe  
newest oldest most voted
Notify of
David Bishop
Guest
David Bishop

We will be hacked in 2020, inevitably. Impeachment investigations have to be started now.