Cyber Security Articles & News

WATCH THIS: Phishing for political secrets: Hackers take aim at midterm campaigns

Campaign 2018: Election Hacking is a weekly series from CBS News about the cyber-threats and vulnerabilities of the 2018 midterm election.

The best hacks are always the simplest.

When Russian hackers successfully attacked Hillary Clinton's presidential campaign chairman John Podesta in 2016, they didn't need to use crippling ransomware or a complex zero-day exploit. Instead, the Russians used one of the oldest tricks in the hacker playbook: Email phishing.

"Phishing is all about the bad guy — the attacker — sending a malicious email to a victim and fooling that person either to click on a link within the email or open up an attachment," said hacker and computer security consultant Kevin Mitnick in an interview with CBS News. "When the victim [clicks the link or opens the attachment] their computer ends up being compromised and malware is installed so the bad guy has full control."

The goal of phishing attacks like those aimed at the Clinton campaign in 2016, says Mitnick, is to swipe sensitive information or to implant malware that will give the attacker access to the entire network. Once inside, hackers can move laterally across the computer system and swipe information from multiple email accounts, copy intellectual property, and cause irreparable damage.  

The Russian hackers sent Podesta an email that looked like it was coming from Gmail, prompting him to change his password. When he clicked the button in the email, says Mitnick, Podesta entered his username and password, inadvertently revealing his login credentials to the Russians. "Then the Russians had access to all his email, downloaded it, and gave it over to Julian Assange at WikiLeaks and we know the rest of the story," says Mitnick.

To watch the video and read the whole interview please visit the source.

Source: CBS NEWS

Topics: election hacking, email phishing, fake domains, WikiLeaks, Claire McCaskill, computer security consultant, hackers, Hillary Clinton, John Posesta, Julian Assange, keynote speaker, malicious email, malware, Azure cloud platform, Black Hat cybersecurity conference, Kevin Mitnick

Latest Posts

Kevin offers three excellent presentations, two are based on his best-selling books. His presentations are akin to technology magic shows that educate and inform while keeping people on the edge of their seats. He offers expert commentary on issues related to information security and increases “security awareness.”

5 Holiday Cybersecurity Tips To Prepare Your Organization

Protecting your organization from outside threats should always be a top priority. However, you may need to shore up your security as we approach the ..

Read more ›

Spear Phishing vs Phishing: Recognizing the Difference

Since the dawn of the internet, there have been threat actors looking to exploit systems, steal data, and compromise the integrity and reputation of p..

Read more ›

Kevin Mitnick Security Awareness Training: Microsoft Teams

Kevin Mitnick — founder of Mitnick Security and Knowbe4’s Chief Hacking Officer — helps organizations find and remediate vulnerabilities through penet..

Read more ›
tech-texture-bg