General Discussion
Related: Editorials & Other Articles, Issue Forums, Alliance Forums, Region ForumsHow A Single Typo Led To The Unraveling Of Hillary Clintons Campaign
An obvious phishing scam and a hasty email allowed hackers into campaign chair John Podestas inbox
One of the worst and most public email hacks in political history began with a typo, a report in The New York Times revealed on Tuesday.
An aide to Hillary Clintons campaign chair, John Podesta, saw a warning email in his inbox back in March, claiming to be from Google. Podesta needed to change his Gmail password immediately, the email said.
http://img.huffingtonpost.com/asset/crop_6_0_694_375,scalefit_630_noupscale/585072121200009509eef206.gif
Most adult internet users know by now never to click a link in emails like this ― phishing is fairly common. Even unsophisticated tech types are hip to the scam. So, before responding, Podestas aide showed the email to another staffer, a computer technician.
And, well, what happens next should be a lesson to anyone who types and sends emails and texts without reading them first. (Thats everybody who emails and texts.)
From the Times (bolding is HuffPosts):
This is a legitimate email, Charles Delavan, a Clinton campaign aide, replied to another of Mr. Podestas aides, who had noticed the alert. John needs to change his password immediately.
With another click, a decade of emails that Mr. Podesta maintained in his Gmail account a total of about 60,000 were unlocked for the Russian hackers. Mr. Delavan, in an interview, said that his bad advice was a result of a typo: He knew this was a phishing attack, as the campaign was getting dozens of them. He said he had meant to type that it was an illegitimate email, an error that he said has plagued him ever since.
The email hack was a huge distraction at the end of the presidential campaign, serving as fodder for Republican attacks and diverting the attention of key players on Clintons team. The Podesta email hack was separate from an equally damaging attack on the Democratic National Committee.
MORE:
http://www.huffingtonpost.com/entry/hillary-clinton-typo_us_58505fe4e4b0e411bfd415e2
BeyondGeography
(39,389 posts)That's way beyond a typo. Someone needs to explain to me how a typo leads to a follow-up sentence that validates the typo. I think I'm going with "catastrophic brain fart."
oberliner
(58,724 posts)He was saying the email was legit.
You can see the exchange on Wikileaks.
Dave Starsky
(5,914 posts)You know how when you keep trying to type "shit" and your phone keeps changing it to "shiskabab"? Poor guy's phone just replaced the word "illegitimate" with an entire paragraph.
This is another thing I blame Republicans for: They've gotten away with "fooling" people with their obvious nonsense for so long, that now everyone thinks they can do it.
Glassunion
(10,201 posts)oberliner
(58,724 posts)If you look at the exchange, he was saying the message from Gmail was legit.
LisaL
(44,974 posts)Why did he tell John to change the password?
HoneyBadger
(2,297 posts)Brings to mind the security issues of the Podesta hack.
Breaking into an insecure laptop or router to take over M's monitor is quite possible. The question is, why would a hacker be able to do it again and again to the same damn laptop? As O'Donnell asked incredulously, "Who the hell allows a chief of station to use a compromised laptop?" The point is, as soon as she got the first taunt, Q or some other cybersecurity expert would immediately retrieved M's computer and taken it offline, because it was no longer secure. Extremely unlikely that she would she have gotten subsequent nastygrams from Silva.....
It was not a typo.
Read the exchange on Wikileaks and you will see that this is not true.
Hortensis
(58,785 posts)If this pfish hadn't worked, another almost certainly would have, and whether the poor guy has any excuse at all is irrelevant.
FAR MORE IMPORTANT is the FBI's neglect to properly notify the DNC that Russian intelligence had hacked their computer system. By not "properly" in this case, note that one agent called one mid-level IT manager, who didn't believe the call was from the FBI and never returned the few followup calls. YET, all the while the FBI continued to monitor Russian activity, it never attempted to speak with anyone higher up and never visited the DNC offices a couple blocks away to discuss Russia's entry into the 2016 election against the Democratic Party.
Note that Russia also hacked and released emails for a number of Democratic congressional candidates in tight races.
NY Times: The Perfect Weapon: How Russian Cyberpower Invaded the U.S.
http://www.nytimes.com/2016/12/13/us/politics/russia-hack-election-dnc.html?hp&action=click&pgtype=Homepage&clickSource=story-heading&module=a-lede-package-region®ion=top-news&WT.nav=top-news
This article also (briefly) points out how useful the media were to Russia's attack.
blue neen
(12,335 posts)Read the NYTimes article this morning. It's chilling and sobering. Everyone in our government needs to wake the hell up.
The Russians will use their information against anyone they want, Democrats or Republicans.
RobinA
(9,902 posts)but g-mail? Why is he using g-mail for this kind of thing?
HoneyBadger
(2,297 posts)Depending on the size and significance of your organization, you can contract with Google to run your email (and everything else), but it is still called gmail, albeit not the same exact gmail product that you get for free. Many universities do this. Partially because Google charges so little that it is cheaper than running email in house. Google does it to get their foot in the door and influence the next generation of managers into reliance on the Google ecosystem. I have no way of knowing whether or not the DNC did the same though.
rug
(82,333 posts)Where are the grammar nazis when you need one?