Expert comment - Russian government hackers penetrated DNC, stole opposition research on Trump
June 2016 by David Gibson, VP of strategy and market development at Varonis
News broke yesterday afternoon that Russian government hackers have penetrated the computer network of the Democratic National Committee, gaining access to the entire database of opposition research on GOP presidential candidate Donald Trump. The DNC’s system was so thoroughly compromised by the intruders that they were believed to have been able to read all email and chat traffic.
The comments from David Gibson, VP of Strategy and Market Development at Varonis:
"The news is hardly a surprise. In fact we predicted this would happen.
This latest potentially damaging attack could happen to any organisation and reinforces the need to monitor all user accounts and be able to detect any access activity that’s not normal. In this case, email and chat services used by the Democratic National Committee were specifically targeted by two hacking groups who were working on behalf of the Russian government. While it is not known exactly what vulnerability was exploited to gain access, what is known is that one group’s activity on the DNC’s internal network was found to be unusual and was the impetus for calling in security auditors. The attackers remained hidden on the network for a significant amount of time (about a year) and often utilised standard windows system utilities to mask their actions.
Having a security first mindset and user behavior analytics in place (before a suspected breach) would have significantly improved the security of their internal systems and may well have prevented any loss of data."