Friendly forums for passionate Dems!
More than 93 million posts since 2001
Home Latest Greatest Videos Forums Hide ads Join up!
Home Latest Greatest
Videos Forums Help
Hide ads Join up!
Latest Discussions»Help & Search»Computer Help and Support»APT28/APT29 & Iowa Primar...»Reply #0
Welcome to DU! The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards. Join the community: Create a free account Support DU (and get rid of ads!): Become a Star Member Latest Breaking News Editorials & Other Articles General Discussion The DU Lounge All Forums Issue Forums Culture Forums Alliance Forums Region Forums Support Forums Help & Search

Computer Help and Support

Showing Original Post only (View all)
 

gredinger

(86 posts) Sat Feb 29, 2020, 08:47 AM Feb 2020

APT28/APT29 & Iowa Primary Caucus [View all]

Why does it seem that every couple years, Democrats drop the ball on technology pretty heavily?

Cozy Bear was an effective APT. Even a secure organization could be impacted by a similar attack. I'd give them a pass on this hack if it weren't for APT28 (Fancy Bear).

The thing is, we never knew the external damage. In 2016, a lot of accounts were compromised, but how much data was actually compromised?

For example, most candidates use software called "NGP VAN". This software contains a lot of private information that campaigns have access to; a lot of voter information. If credentials were compromised on these systems (two-factor authentication wasn't required at the time...), then this data was compromised. The effectiveness of this attack leads me to believe members of the DNC used the same credentials across multiple services...

Just imagine giving the opposition party every single one of your records you gathered for the past 8 years. That's effectively what would have happened in 2016, and there's not a single report saying that occurred during the attack.

It is still amazing to me that the *entire* attack was started by spearphishing. If these people actually checked what they clicked on the email, it wouldn't have occurred. Security awareness training should be mandatory for all DNC members.

----

Iowa Primary Caucus was another recent IT failure. The application failed hard. In the IT world, we do something called "postmortems"; i.e. we figure out what went wrong, how to prevent it from going wrong in the future, and learn from the mistakes.

https://landing.google.com/sre/sre-book/chapters/postmortem-culture/

The lack of transparency bothers me. Why can a private corporation release ( https://status.cloud.google.com/incident/cloud-networking/19009 ) more details on a technical failure than a private company designing software for the public and democracy?

if I were chair of the DNC, I'd demand a full postmortem, along with open sourcing the application for public review. We need more transparency in democracy, not less. Let's learn from our mistakes and remain blameless, not ignore past mistakes and cover them up.

13 replies, 3158 views
13 replies = new reply since forum marked as read
Highlight: NoneDon't highlight anything 5 newestHighlight 5 most recent replies
APT28/APT29 & Iowa Primary Caucus [View all] gredinger Feb 2020 OP
Nice conspiracy Renew Deal Feb 2020 #1
??? gredinger Feb 2020 #2
Which hack comrade? Renew Deal Feb 2020 #3
APT29.... gredinger Feb 2020 #4
Who are you suggesting it was used against? Renew Deal Feb 2020 #5
APT28/APT29 victims? gredinger Feb 2020 #6
So you have no evidence that the Iowa caucus was "hacked"? Renew Deal Feb 2020 #7
Fake Claim gredinger Feb 2020 #8
You Renew Deal Feb 2020 #9
Learn to Read gredinger Feb 2020 #10
Learn to write Renew Deal Feb 2020 #11
Congratz! gredinger Feb 2020 #12
This message was self-deleted by its author Renew Deal Feb 2020 #13
Latest Discussions»Help & Search»Computer Help and Support»APT28/APT29 & Iowa Primar...»Reply #0
Home | Latest Discussions | Greatest Discussions | Latest Videos | All Forums

About | Copyright | Privacy | Terms of service | Contact

In Memoriam

© 2001 - 2025 Democratic Underground, LLC. Thank you for visiting.