Posts Tagged ‘Sony Pictures’

U.S. warns again on hacks it blames on North Korea

May 30, 2018

The U.S. government on Tuesday released an alert with technical details about a series of cyber attacks stretching back to at least 2009 that it blamed on the North Korean government.

Image may contain: one or more people

The warning is the third from the Department of Homeland Security and the Federal Bureau of Investigation about hacking operations dubbed “Hidden Cobra” that the United States charges were launched by Pyongyang.

A representative with Pyongyang’s mission to the United Nations declined comment. North Korea has routinely denied involvement in cyber attacks against other countries.

The report was published as U.S. and North Korean negotiators work to resuscitate plans for a possible June 12 summit between leaders of the two nations. The FBI and DHS released reports in June and November of 2017, when relations were tense between Washington and Pyongyang due to North Korea’s missile tests.

A Department of Homeland Security official said the U.S. government is confident North Korea’s government is behind the cyber operations, which it says target the media, aerospace and financial sectors and critical infrastructure in the United States and around the globe.

“The United States takes attribution seriously and does not make this conclusion lightly,” the official said in an emailed statement.

Tuesday’s alert did not identify specific victims, though it cited a February 2016 report from several security firms that blamed the same group for a 2014 cyber attack on Sony Pictures Entertainment.

The alert provided a list of 87 IP addresses, four malicious files and two email addresses it said were associated with “Hidden Cobra.”

It described two pieces of malicious software: the self-spreading “worm” Brambul that attackers use to infect computers and malware known as Joanap, which gives hackers remote control of devices so they can steal data, install additional viruses and perform other tasks.

Hidden Cobra has used Brambul and Joanap for several years, making little change to the malware over that period, said Vikram Thakur, a senior researcher with cyber security firm Symantec Corp.

The alert could prompt the attackers to change tactics, Thakur said. “Such activity normally forces attacker groups to expend considerable resources to develop and move away from publicly known malware behavior.

Reporting by Jim Finkle in Toronto; Additional reporting by Rodrigo Campos in New York; Editing by Leslie Adler and Chris Reese



Handcuffed by sanctions, North Korea seeks cash via cyber theft

December 20, 2017

Some of the 7,000 hackers trained by Pyongyang pose as beautiful women on Facebook, strike online conversations and then send malicious ransom ware files

A man is reflected on a screen showing exchange rates of cryptocurrencies at an exchange in Seoul on December 20, 2017.

A man is reflected on a screen showing exchange rates of cryptocurrencies at an exchange in Seoul on December 20, 2017. (AFP PHOTO / JUNG Yeon-Je)

SEOUL, South Korea (AFP) — The messages are alluring, the pictures are attractive. But the women seeking to beguile South Korean Bitcoin executives could actually be hackers from Pyongyang in disguise, experts warn.

In the face of sanctions over its banned nuclear and ballistic missile programs, the cash-strapped North is deploying an army of well-trained hackers with an eye on a lucrative new source of hard currency, they sa

Its cyber warfare abilities first came to prominence when it was accused of hacking into Sony Pictures Entertainment to take revenge for “The Interview,” a satirical film that mocked its leader, Kim Jong-Un.

But it has rapidly expanded from political to financial targets, such as the central bank of Bangladesh and Bitcoin exchanges around the world, with Washington this week blaming it for the WannaCry ransomware that wreaked havoc earlier this year.

Screenshot of a ransomware exploit (Courtesy)

And a South Korean crypto currency exchange shut down on Tuesday after losing 17 percent of its assets in a hacking — its second cyber attack this year — with the North accused of being behind the first.

According to multiple South Korean reports citing Seoul’s intelligence agency, North Korean hackers approach workers at digital exchanges by posing as beautiful women on Facebook, striking online conversations and eventually sending files containing malicious code.

They also bombard executives with emails posing as job seekers sending resumes — with the files containing malware to steal personal and exchange data.

Moon Jong-Hyun, director at Seoul cybersecurity firm EST Security, said the North had stepped up online honeytrap tactics targeting Seoul’s government and military officials in recent years.

“They open Facebook accounts and maintain the online friendship for months before backstabbing the targets in the end,” Moon told a cybersecurity forum, adding that many profess to be studying at a US college or working at a research think tank.

A computer screen at the Cboe Global Markets exchange (previously referred to as CBOE Holdings, Inc.) shows Bitcoin futures prices and trades on December 19, 2017 in Chicago, Illinois. (Scott Olson/Getty Images/AFP)

Simon Choi, director of Seoul cybersecurity firm Hauri, has accumulated vast troves of data on Pyongyang’s hacking activities and has been warning about potential ransomware attacks by the North since 2016.

The United States has reportedly stepped up cyberattacks of its own against Pyongyang.

But Choi told AFP, “The North’s hacking operations are upgrading from attacks on ‘enemy states’ to a shady, lucrative moneymaking machine in the face of more sanctions.”

Pyongyang’s hackers have shown interest in Bitcoin since at least 2012, he said, with attacks spiking whenever the crypto currency surges — and it has soared around 20-fold this year.

Illustrative: Staff monitoring the spread of ransomware cyberattacks at the Korea Internet and Security Agency (KISA) in Seoul, May 15, 2017. (AFP/ YONHAP)

US cybersecurity firm FireEye noted that a lack of regulations and “lax anti-money laundering controls” in many countries make digital currencies an “attractive tactic” for the North.

Crypto currencies, it said in a September report, were “becoming a target of interest by a regime that operates in many ways like a criminal enterprise.”

It documented three attempts by the North to hack into Seoul cryptocurrency exchanges between May and July as a way to “fund the state or personal coffers of Pyongyang’s elite.”

In October, Lazarus, a hacking group linked with the North, launched a malicious phishing campaign targeting people in the bitcoin industry with a fake but lucrative job offer, according to US cybersecurity firm Secureworks.

Hacking attacks targeting digital currencies are only the latest in the long list of alleged online financial heists by the North.

The North is blamed for a massive $81 million cyber-heist from the Bangladesh Central Bank (BCB) in 2016, as well as the theft of $60 million from Taiwan’s Far Eastern International Bank in October.

Map locates top 20 countries affected in the first hours of the global ransomware cyberattack in May 2017. (AP)

Although Pyongyang has angrily denied the accusations — which it described as a “slander” against the authorities — analysts say the digital footprints left behind suggest otherwise.

The attack on the BCB was linked to “nation-state actors in the North,” cyber security firm Symantec said, while the Taiwanese bank theft had some of the “hallmarks” of Lazarus, according to the British defense firm BAE Systems.

Proceeds from such actions are laundered through casinos in the Philippines and Macau or money exchanges in China, said Lim Jong-In, a cyber-security professor at Korea University in Seoul, making it “virtually impossible” to trace.

The global WannaCry ransomware attack in May infected some 300,000 computers in 150 nations, encrypting their files and demanding hundreds of dollars from their owners for the keys to get them back.

Experts say that young hacking talents are handpicked at school to be groomed at elite Kim Chaek University of Technology or Kim Il Sung Military University in Pyongyang, and now number more than 7,000.

This file photo taken on August 9, 2017, shows pedestrians walking past a huge screen in Tokyo displaying news footage of North Korean leader Kim Jong-Un. (AFP PHOTO / Kazuhiro NOGI)

They were once believed to be operating mostly at home or in neighboring China, but analysis by cyber security firm Recorded Future noted “significant physical and virtual North Korean presences” in countries as far away as Kenya and Mozambique.

FireEye CEO Kevin Mandia put the North among a quartet of countries — along with Iran, Russia and China — that accounted for more than 90 percent of cybersecurity breaches the firm dealt with.

Its hackers, he said, were “interesting to respond to and hard to predict.”


It’s Official: North Korea Is Behind WannaCry

December 19, 2017

The massive cyberattack cost billions and put lives at risk. Pyongyang will be held accountable.

North Korean leader Kim Jong Un (Korea News Service via Associated Press)

Cybersecurity isn’t easy, but simple principles still apply. Accountability is one, cooperation another. They are the cornerstones of security and resilience in any society. In furtherance of both, and after careful investigation, the U.S. today publicly attributes the massive “WannaCry” cyberattack to North Korea.

The attack spread indiscriminately across the world in May. It encrypted and rendered useless hundreds of thousands of computers in hospitals, schools, businesses and homes. While victims received ransom demands,…
U.S. declares North Korea carried out massive WannaCry cyberattack

By  December 18 at 9:55 PM

The Washington PostThe Trump administration on Monday evening publicly acknowledged that North Korea was behind the WannaCry computer worm that affected more than 230,000 computers in over 150 countries earlier this year.As a result, the administration will be calling on “all responsible states” to counter North Korea’s ability to conduct cyberattacks and to implement all “relevant” United Nations Security Council sanctions, according to a U.S. official familiar with the matter.“The [WannaCry] attack was widespread and cost billions, and North Korea is directly responsible,” Thomas P. Bossert, Trump’s homeland security adviser, said in an op-ed published in the Wall Street Journal on Monday. “We do not make this allegation lightly. It is based on evidence. We are not alone with our findings, either.”

He is expected to issue a public statement Tuesday morning.

North Korea was widely suspected to have created the virus, paired with ransomware that encrypted data on victims’ computers and demanded money to restore access. Until now, the U.S. government had not publicly stated as much.

In June, The Washington Post reported that the National Security Agency had linked North Korea to the creation of the worm. In October, the British government declared that it believed North Korea was the culprit. The following month, the CIA issued a similar classified assessment, which has not been previously reported.

The official noted that the U.S. government has released technical details of North Korean cyber-tools and operational infrastructure and has worked with other countries to lessen North Korea’s ability to conduct further tests or generate illicit funding.

The May 12 global attack hit critical sectors, including health care, “potentially putting lives at risk,” said the official, who spoke on the condition of anonymity to discuss a move not yet public. This follows a pattern of disruptive and harmful cyber-activity by the reclusive country. Leader Kim Jong Un has pushed to develop hacker forces as a low-cost, high-impact tool that can rattle the nerves and damage the systems of more powerful nations.

In November 2014, North Korea hacked Sony Pictures’ networks, disrupting computer systems, stealing and releasing corporate emails and demanding that the studio cancel the release of a satirical film depicting Kim’s assassination. The attack led to economic sanctions from the Obama administration.

The WannaCry attack, the official said, “demonstrates the importance of basic cyber hygiene, including keeping systems patched and up to date, as well as the need for strong cooperation between public and private sectors to share information, prevent and mitigate cyberthreats.”

The Security Council sanctions on North Korea focus on its activities to develop a nuclear weapon. The administration, however, seems to be linking North Korea’s general pattern of bad behavior, including in cyberspace, to the call to implement all sanctions.

Democratic lawmakers criticized the disparity in the administration’s response to Russian hacking in the 2016 election and its reaction to North Korea’s cyber activities. “President Trump is handling the intelligence assessments regarding North Korea and Russia completely differently, staging an elaborate media roll-out to press on sanctions against North Korea while at the same time discrediting the assessment by these very same intelligence agencies that the Kremlin interfered with our election,” said Rep. Elijah E. Cummings (D-Md.), ranking member on the committee on oversight and government reform.

Josh Dawsey and Tom Hamburger contributed to this report.


HBO Cyberattack Is ‘Seven Times Worse’ Than The Sony Hack — Video and sound files — 1.5 terabytes of data

August 3, 2017
 No automatic alt text available.

The latest HBO hacking scandal is shaping up to be much, much worse than a few leaked Game of Thrones episodes.

Now the FBI is getting involved, according to the latest update from the Hollywood Reporter. The cyberattack that occurred earlier this week compromised around 1.5 terabytes of data, which, it turns out, is seven times the amount of data that was leaked during the 2014 Sony hack (around 200 gigabytes of data).

Image result for news for bigger than sony pictures

What makes this hack even more frightening is that, according to multiple sources, there has been no ransom declared. That means the hackers’ motivation may have less to do with money and more to do with a political agenda, harnessing the power to release potentially compromising data (including internal memos and email correspondence) for HBO and its investors.

As of now, the only data that’s been released by the hacker group—going by the Game of Thrones-referencing alias “little.finger66″—is the script of an upcoming episode of the aforementioned television show, along with full episodes of Ballers and Room 104. But that hardly amounts to the 1.5 terabytes that could theoretically be unleashed.

“If not for video and sound, a corporation the size of HBO might fit [entirely] in a terabyte, including all the email and spreadsheets ever written or stored,” Farsight Security CEO Paul Vixie told the Hollywood Reporter. Video and sound files, meanwhile, take up much more space on their own, It’s still unclear whether the hackers took mostly video content (episodes of Game of Thrones and other popular HBO series) or printed content (documents, emails, etc.); FBI officials working with HBO have declined to elaborate. But their possession of a script hints that they have access to text-based files, which could be far more damaging to HBO’s internal operations than a few episode leaks. (Game of Thrones already has a huge pirating problem.)

Another widely-reported hacking incident occurred earlier this summer, when a collective known as TheDarkOverlord released all 10 episodes of the new Orange Is the New Black season before its official June release on Netflix. But in that case, it was only the television episodes, not internal documents, that were stolen, and there was a ransom involved. The HBO hack much more closely resembles the Sony security breach, which led to Sony co-chairman Amy Pascal stepping down from her position and may have even affected the 2016 election.

For the moment, all HBO can do is continue their investigation, and hope that little.finger66 doesn’t plan on releasing information far more damning than the upcoming deaths in Westeros.

See also:

WannaCry Malware Has Strong Links to Group Tied to North Korea, Symantec Says

May 23, 2017

Symantec’s analysis showed substantial commonalities with prior Lazarus attacks and WannaCry’s tools and techniques

The WannaCry attack ultimately infected more than 200,000 computers in more than 100 countries.

The WannaCry attack ultimately infected more than 200,000 computers in more than 100 countries. PHOTO: RITCHIE B. TONGO/EUROPEAN PRESSPHOTO AGENCY

May 23, 2017 1:57 a.m. ET

A group linked to North Korea is highly likely behind this month’s global ransomware assault, and the attack more closely resembles the behavior of a crime ring rather than a government-orchestrated campaign, a cybersecurity researcher said.

In a blog post late Monday, Symantec Corp., a cybersecurity firm, said the WannaCry ransomware carried “strong links” to Lazarus, a group security experts suspect was behind the theft of $81 million last year from the Bangladesh central bank and a 2014 hack of Sony Pictures Entertainment. U.S. officials have said they believe North Korea orchestrated the Sony SNE +0.45% attack—which North Korea has denied—and federal prosecutors are building cases that would accuse Pyongyang of involvement in the Bangladesh heist.

Cybersecurity researchers, including Alphabet Inc.’s GOOGL +0.87% Google unit, Kaspersky Lab ZAO and Comae Technologies, had previously drawn parallels between a variant of WannaCry and code used in previous attacks attributed to Lazarus. But those initial reports were cautious about drawing deeper conclusions about how the digital clues related to Lazarus or North Korea.

Little is known about Lazarus, though cybersecurity researchers say the group has been active since 2009. Its initial efforts were focused on Asia, but the group has begun targeting global banks.

Symantec’s new analysis showed “substantial commonalities” with prior Lazarus attacks and WannaCry’s tools and techniques, as well as network infrastructure used in the attack. That makes it “highly likely that Lazarus was behind the spread of WannaCry,” Symantec said. There was also a series of smaller attacks using the WannaCry software in February, March and April, before a widespread assault this month that hit computer networks around the world.

Symantec didn’t address whether North Korea was directly involved with the latest WannaCry assault. Cybersecurity experts have said other hackers could have copied the code in question, meaning the WannaCry malware could have originated from groups other than Lazarus. But even if Lazarus were the culprit, the group could have unleashed the malware without North Korean orders, they say. It is unclear who leads or funds Lazarus.

North Korea’s official state media on Monday denied that Pyongyang had a hand in the WannaCry attack, lambasting South Korean press reports suggesting North Korean involvement as “misinformation” and a “dirty and despicable smear campaign.”

The WannaCry attack, which began on May 12, ultimately infected more than 200,000 computers in more than 100 countries. The malware worm exploited vulnerabilities inMicrosoft Corp.’s Windows systems, attacking machines that didn’t have up-to-date security patches.

The previous versions of WannaCry were used in smaller, targeted attacks, dating as far back as Feb. 10, Symantec said, when a single company and 100 computers were infected. Subsequently, the malware targeted a handful of organizations in March and April. Symantec didn’t identify the affected firms.

But the May attack rippled across the globe because of a bug in the Windows operating system that allowed hackers to take WannaCry global, Symantec said. The prior WannaCry versions required more steps to be spread, such as stealing credentials or copying the malware computer to computer, Symantec said.

That Windows exploit, called EternalBlue, was made public in April, when a shadowy hacking group released documents and hacking tools it says it stole from the U.S. National Security Agency. That leak of the Windows vulnerability “was what allowed the attackers to turn WannaCry into a far more potent threat,” Symantec said. Microsoft had issued a patch for the vulnerability on March 14 but not all computers had the update.

Security researchers say nation-state cyberattacks tend to target foreign intelligence, though North Korea has been suspected of a growing number of attacks targeting banks. The WannaCry attack demanded around $300 payments in bitcoin—with few victims ponying up—pointing more toward low-level crime rings than one organized by a nation-state hacker, cybersecurity experts say.

UK Helped Fund North Korea Amid Sony Hack, Nuclear Weapons, ICBM Development

April 18, 2017

The Foreign Office handed over the taxpayers’ money after the 2014 hack on film studio Sony Pictures

Image may contain: 1 person, smiling


THE UK has handed Kim Jong-un £740,000 in aid – a chunk of which will help beleaguered North Korean journalists ‘connect to the web’.

Most of the taxpayers’ money was paid to the nuke-wielding crackpot country by the Foreign Office after the 2014 Sony Pictures hack.


The aid is part of a project to help increase interaction with the unpredictable hermit state and international media organisations, reports the Mirror.

The project is also aiming to open up news reporting in the propaganda-infested communist country in which most of the population have little or no access to the internet.

Luddite North Korean journos will receive £22,650 from the British government while teachers in the totalitarian regime are getting £350,000 of taxpayers’ money.

Dictator Kim’s cash windfall totalling £740,000 was revealed by the Department for International Development who released the figures.

The rest of the money is made of aid for the ‘rural disabled’, funding for ‘entrepreneur workshops’ and a scheme which will help teach Korean officials understand ‘UK values’.

In 2014, the portly despot is alleged to have hacked film studio Sony Pictures after being angered by the comedy movie The Interview which centred on a fictional plot to kill the North Korean leader.

The hack was followed by terror threats against theatres screening the film resulting in the studio pulling the movie from general release.

A Foreign Office spokeswoman said: “The projects we carry out in North Korea are part of our policy of critical engagement, and are used to promote British values and demonstrate to the North Korean people that engaging with the UK and the outside world is an opportunity rather than a threat.

“We conduct a range of small-scale project work, many of which help to improve the lives of the most vulnerable members of society.”


Kim Jong-un, North Korean leader 

In his pursuit of nuclear weapons, Kim Jong-un, the North Korean leader, has put himself on a collision course with the US CREDIT: WONG MAYE-E/AP


UK ‘gave millions in foreign aid’ to North Korean regime now threatening nuclear war

North Korea has received more than £4 million in foreign aid from the UK in just six years despite the country’s status as an international pariah, according to reports.

Tensions with the communist regime ruled by dictator Kim Jong-un have escalated after it said it would conduct weekly missile tests and warned that “all-out war” would result from US military action.

Meanwhile, Mike Pence, the US vice-president, told Pyongyang not to test Donald Trump’s resolve as fears of a military conflict continue to grow over North Korea’s pursuit of nuclear weapons.

Read the rest:


Sony Pictures expects nearly $1 billion movie business write-down in the fiscal third quarter — “Sony doesn’t have a firm grip on the movie business”

January 30, 2017


© AFP/File | Sony cited a decline in DVD and Blue-ray sales and an expected reduction in film probability for a near $1 billion write-down

TOKYO (AFP) – Sony will take a write-down of nearly $1 billion in the fiscal third quarter, the company said Monday, blaming expected weaker profits in its movie business following a decline in the DVD market.The Tokyo-based electronics and entertainment giant said the charge amounted to 112.1 billion yen ($980 million) and it comes weeks after the departure of Sony’s entertainment division boss Michael Lynton.

“The downward revision was primarily due to a lowering of previous expectations regarding the home entertainment business, mainly driven by an acceleration of market decline,” Sony said in a statement.

“The decline in the DVD and Blue-ray market was faster than we anticipated,” Takashi Iida, a Sony spokesman, told Bloomberg News.

Sony also cited an expected reduction in film profitability.

The company said it was evaluating the impact on its financial results and would deliver new annual forecasts on Thursday when it announced earnings for the three months through December.

“There has been a suspicion in the market that Sony doesn’t have a firm grip on the movie business, but still the amount is a surprise,” Kazunori Ito, an analyst at Morningstar Investment Services, told Bloomberg.

“That said, with Lynton?s departure and this write-down, all the bad news is out and the attention can turn on their plan for the coming fiscal year,” he added.

In a separate announcement, Sony reported the sale of a little more than five-percent stake in Japanese medical information site M3 to Goldman Sachs for about 37 billion yen.

The company that gave the world the Walkman has been working to stay profitable under a painful restructuring that has included layoffs and asset sales after years of huge losses.

Russia’s D.N.C. Hack Was Only the Start

January 10, 2017

Imagine the headlines if, in 2015, Russian agents had leapt out of a van at 2 a.m. in Southeast Washington and broken into the Democratic National Committee offices using sophisticated tools and techniques to steal tens of thousands of documents, including the names and Social Security numbers of donors and employees, and confidential memorandums about campaign strategy for the presidential election.

The world would have been aghast. It would have been, people would say, worse than Watergate.

Something similar did, in fact, happen at the D.N.C. two years ago, and it was worse than Watergate. This wasn’t just one party spying on the other; these were hackers under orders from President Vladimir V. Putin of Russia who were trying to “undermine public faith in the U.S. democratic process,” according to a report released Friday by the office of the director of national intelligence. But the immediate reaction to the break-in was nothing like what followed Watergate.

That’s because most of us don’t think of hacking as a crime like breaking and entering. Before the D.N.C. break-in, I thought of hacking as a prank by mischievous tech-savvy people to get revenge. When North Koreans hacked Sony Pictures in 2014 in retaliation for making the satire “The Interview,” I was much more disturbed by the embarrassing things the movie executives said in emails to one another than by how easy it was for a dictator to punish critics in the United States. It wasn’t until I lived through the Russian hackings of Democratic staff members and organizations that I realized how dangerous such an attitude could be.

I saw it firsthand in July, when I was asked about the first wave of stolen documents on ABC’s “This Week” and CNN’s “State of the Union.” I thought it was a bombshell — Russians hacked into the Democratic National Committee! — but my alarm was dismissed by the news media and our opponents as merely campaign spin, feigned distress meant to dodge real questions about how the embarrassing messages might hurt Hillary Clinton’s prospects.

This perception has to change. I’m not referring to the D.N.C. incident in particular, but about cybercrimes in general. Unless we realize how vulnerable we are, we are playing into the hands of foreign aggressors like Mr. Putin.

The chilling effect of these attacks can be very public, and very personal. But they can also be more subtle, impeding dialogue within an organization. For all the fanfare we give the internet for freeing speech, when it is weaponized against you, it can also be used to stifle speech. At the D.N.C., certain conversations could take place only on an encrypted phone app, which made communicating more complicated logistically.

Skeptics, including President-elect Donald J. Trump, have compared the hacks to leaks to the news media. They’re not the same. A leak occurs when someone who is authorized to have information gives it to a reporter without authorization. The “Access Hollywood” video of Mr. Trump talking about assaulting women was a leak. When someone on my staff shared a memo about our campaign launch without permission, that was a leak. Leaks are frustrating, and they happen all the time.

What Mr. Putin did by dumping Democrats’ emails wasn’t a leak; it was an attack with stolen information.

Until we start to see these situations in this light, “Moscow’s longstanding desire to undermine the U.S.-led liberal democratic order,” as the national intelligence office report called it, will remain potent, and the democratic process will remain vulnerable. The news media needs to spend at least as much time reporting on the source of these foreign-led cybercrimes as they do on the contents.

This isn’t a partisan issue, as Republican senators like John McCain and Lindsey Graham have already made clear. Mr. Putin and Kim Jong-un of North Korea aren’t registered Democrats or Republicans — they’re anti-American, and they want to hurt democracy itself. To justify what Mr. Putin did, or to blame the victim, as Mr. Trump and his staff have chosen to do, simply leaves them, and all of us, under threat, because the next attack may be aimed not at a political party, but at the White House or the Pentagon.

Of course, Americans need to do a better job protecting ourselves. Law enforcement needs to create better bridges between the intelligence services that monitor attacks and the individuals and organizations they affect. There are very few protocols for the F.B.I. and C.I.A. to alert and assist potential victims. Our democratic structures — elections equipment and officials, elected officials and candidates, activists and reporters — must be elevated as a priority.

At the time of the D.N.C. attack, water treatment plants, nuclear power plants and even casinos were on the Department of Homeland Security’s “critical infrastructure” list. Voting equipment was added last Friday, but we must do much more to protect the people who animate our democratic process. Imagine how stolen information could be (or already has been) used to influence or corrupt officeholders, or voters themselves.

Watergate inspired greater vigilance in the press and prompted major reforms to safeguard our democratic institutions. We need to do that again.

Putin: No idea who hacked US Democratic Party

September 2, 2016

Image may contain: 2 people

“Thanks for the emails. Did you get my donation?”

Putin: No idea who hacked US Democratic Party
By Jack Stubbs | MOSCOW

Russian President Vladimir Putin said he did not know who was behind the hacking of U.S. Democratic Party organizations but the information uncovered was important, Bloomberg news agency reported on Friday.

In an interview two days before a G20 meeting in China with U.S. President Barack Obama and other world leaders, Putin said it might be impossible to establish who engineered the release of sensitive Democratic Party emails but it was not done by the Russian government.

“Does it even matter who hacked this data?” Putin said. “The important thing is the content that was given to the public.”

“There’s no need to distract the public’s attention from the essence of the problem by raising some minor issues connected with the search for who did it,” he added. “But I want to tell you again, I don’t know anything about it, and on a state level Russia has never done this.”

The hacked emails, released by activist group WikiLeaks in July, appeared to show favoritism within the Democratic National Committee (DNC) for presidential nominee Hillary Clinton and prompted the resignation of the body’s chairwoman.

A computer network used by Clinton’s campaign, and the party’s fundraising committee for the U.S. House of Representatives were also hacked.

Clinton, who polls show as leading Donald Trump in the campaign for the U.S. presidential election in November, has said Russian intelligence services conducted a cyber attack against her party. Some officials have suggested Moscow is trying to influence the U.S. election.

Putin dismissed the allegations. “We have never interfered, are not interfering and do not intend to interfere in domestic politics,” he said.

Image may contain: 1 person

Edward Snowden

“We will carefully watch what happens and wait for the election results. Then we are ready to work with any American administration, if they want to themselves.”

Relations between Russia and United States hit a post-Cold War low in 2014 over the Ukraine crisis, and Washington and Moscow have since clashed over diverging policies in Syria.

Obama said in August he would discuss the cyber attack with Putin if Russia was responsible, but it would not “wildly” alter the two countries’ relationship.

The U.S. election contest has been hard fought and frequently dominated by both candidates’ attitudes toward Russia.

Clinton has rounded on her Republican rival Trump for his perceived praise of Putin and what she says is an “absolute allegiance” to Russia’s foreign policy aims. Trump, in return, has said Clinton’s own close ties to the Russian president deserve greater scrutiny.

Image may contain: 1 person

Julian Assage

Putin said both candidates were using shock tactics and that playing “the anti-Russian card” was short-sighted.

“I wouldn’t like for us to follow their example,” he said. “I don’t think they are setting the best example.”

(Reporting by Katya Golubkova,; Writing by Jack Stubbs,; Editing by Angus MacSwan and Mark Trevelyan)


Does Wikileaks help Russia? How documents leaked by Julian Assange ‘often benefit the Kremlin’

No automatic alt text available.

–Wikileaks published thousands of emails between officials in the DNC
–Democrats and security experts say emails were likely hacked by Russia
–Now analysis of Wikileaks disclosures claims to have discovered that the majority of leaks are harmful to the West, and often benefit the Kremlin
–Wikileaks has denied the majority of the findings, claiming it has published 650,000 documents critical of Russia

PUBLISHED: 20:25 EST, 1 September 2016 | UPDATED: 22:58 EST, 1 September 2016

When Wikileaks launched in 2006, its stated aim was to help expose ‘illegal or immoral’ behavior by the West and crack down on authoritarian regimes ‘in Russia, China, and Central Eurasia’.

But now claims have emerged that while the publisher, run by Julian Assange, has been critical of those regimes – most of its leaks have targeted the West, often to the benefit of Russia.

Central to this theory, put forward by the New York Times, is the recent hack of DNC emails on the eve of the Democratic Conference which the party believes is linked to Russian security services.

Some 20,000 documents published by Wikileaks exposed DNC officials helping Hillary Clinton through the primary process at the expense of rival Bernie Sanders.

The leak hamstrung the first day of the conference and forced the resignation of chairwoman Debbie Wasserman Schultz.

Democrats have called for an investigation into whether Russia was behind the hack, and the FBI is believed to be looking into the possibility.

While the government has not yet said who was behind the leak, cybersecurity experts including Matt Tait, founder of Capital Alpha Security, have said the hackers appear to be Russian.

He told Politifact: ‘The consensus that Russia hacked the DNC is at this point very strong, albeit not unanimous.

‘The consensus that Russia hacked the DNC in support of Trump is, by contrast, plausible, but something for which the jury at this stage is very much still out.’

But the Times also goes into events in Assange’s past which they say shows his links with the Kremlin.


Julian Assange and Wikileaks have been accused of benefiting Russia with their information leaks, while failing to properly condemn Putin's regime 

Putin has supported Assange, including after his 2010 arrest and 2012 detention in the Ecuadorian Embassy (pictured)

Julian Assange and Wikileaks have been accused of benefiting Russia with their information leaks, while failing to properly condemn Putin’s regime


Central to the allegations is the DNC email leak which led to the resignation of Debbie Wasserman Schultz (pictured), and allegations that the data was provided by Russia 

Central to the allegations is the DNC email leak which led to the resignation of Debbie Wasserman Schultz (pictured), and allegations that the data was provided by Russia


Read more:
Follow us: @MailOnline on Twitter | DailyMail on Facebook

In 2010 Assange was arrested in London on allegations of rape stemming from Sweden and released on bail.

He described the arrest as a plot to extradite him to the US where he could be investigated over the diplomatic cables leak, which greatly harmed American relations with the rest of the world while Clinton was Secretary of State.

A day later, Putin gave a press conference in which he defended Assange, questioned why he had been arrested, and used information in the cables to attack the West.

Putin also called the charges against Assange ‘politically motivated’ and said he is being ‘persecuted for spreading the information he received from the US military regarding the actions of the USA in the Middle East, including Iraq.’

Russian officials have also suggested that Assange be given a Nobel Prize, and in 2012 paid to stream his TV show on state-backed network Russia Today.

The Times also claims that Assange was offered a visa by Russia in 2011, though Wikileaks has denounced this as false.

The paper also points out that, when NSA whistleblower Edward Snowden was fleeing the US in 2013, it was Assange who suggested he fly through Russia along with another Wikileaks reporter.

Assange had also suggested that it would be safer for Snowden to stay in Russia, as opposed to his original plan which involved traveling to South America.

Putin has called the charges against Assange ‘politically motivated’ while other Russian officials have called for him to be given a Nobel Prize

In fact Snowden did end up staying in Russia, but only after the State Department revoked his passport, leaving him unable to travel.

Putin has called the charges against Assange 'politically motivated' while other Russian officials have called for him to be given a Nobel Prize

Putin has called the charges against Assange ‘politically motivated’ while other Russian officials have called for him to be given a Nobel Prize


However, US officials seem to agree that Assange has no direct ties to the Russian security services or the Kremlin (pictured)


Read more:
Follow us: @MailOnline on Twitter | DailyMail on Facebook

The Times also mentions Assage’s criticisms of NATO, his support for Britain to leave the European Union, his apparent support for Putin’s intervention in Ukraine and leaks that almost derailed negotiations on the Trans-Pacific Partnership as evidence that his views tie in with those of the Kremlin.

However, the paper also points out that ‘among United States officials, the emerging consensus is that Mr. Assange and WikiLeaks probably have no direct ties to Russian intelligence services.’

In its response, Wikileaks has refuted much of the New York Times piece, saying it has published 650,000 documents on Russia, most of which is critical.

It accuses other parts of the report of repeating ‘conspiracy theories’ and says they are ‘not journalism’.

The statement adds: ‘The New York Times Editorial Board has endorsed Hillary Clinton, however this is not disclosed in the article.

‘The lead author, Jo Becker last retweeted Hillary Clinton (a smiling and dancing campaign animation), on March 3.

‘The other author, Eric Schmitt, has previously written in the New York Times, other robust investigative reports, for example, that Mr. Assange is a “bag lady” with “filthy socks” who “smells”. He was made Pentagon Correspondent in 1990.’



Sony Pictures hackers linked to breaches in China, India, Japan

February 25, 2016
Homepage | Wed Feb 24, 2016 8:08am EST


The perpetrators of the 2014 cyber attack on Sony Pictures Entertainment were not activists or disgruntled employees, and likely had attacked other targets in China, India, Japan and Taiwan, according to a coalition of security companies that jointly investigated the Sony case for more than a year.

The coalition, organized by security analytics company Novetta, concluded in a report released on Wednesday that the hackers were government-backed but it stopped short of endorsing the official U.S. view that North Korea was to blame.

The Obama administration has tied the attack on Sony Corp’s (6758.T) film studio to its release of “The Interview,” a comedy that depicted the fictional assassination of North Korean leader Kim Jong Un.

Novetta said the breach “was not the work of insiders or hacktivists.”

“This is very much supportive of the theory that this is nation-state,” Novetta Chief Executive Peter LaMontagne told Reuters. “This group was more active, going farther back, and had greater capabilities and reach than we thought.”

Novetta worked with the largest U.S. security software vendor Symantec Corp (SYMC.O), top Russian security firm Kaspersky Lab and at least 10 other institutions on the investigation, a rare collaboration involving so many companies.

They determined that the unidentified hackers had been at work since at least 2009, five years before the Sony breach. The hackers were able to achieve many of their goals despite modest skills because of the inherent difficulty in establishing an inclusive cyber security defense, the Novetta group said.

LaMontagne said the report was the first to tie the Sony hack to breaches at South Korean facilities including a power plant. The FBI and others had previously said the Sony attackers reused code that had been used in destructive attacks on South Korean targets in 2013.

The Novetta group said the hackers were likely also responsible for denial-of-service attacks that disrupted U.S. and South Korean websites on July 24, 2009. The group said it found overlaps in code, tactics and infrastructure between the attacks.

Symantec researcher Val Saengphaibul said his company connected the hackers to attacks late last year, suggesting the exposure of the Sony breach and the threat of retaliation by the United States had not silenced the gang.

The coalition of security companies distributed technical indicators to help others determine if they had been targeted by the same hackers, which Novetta dubbed the Lazarus Group.

(Reporting by Joseph Menn; Editing by Tiffany Wu)