Hillary Clinton’s campaign chairman, John Podesta, reportedly clicked on a phishing email that led to the theft of tens of thousands of emails after an aide mistakenly wrote to him that it was a “legitimate”—rather than “illegitimate”—message.
That error has haunted Clinton campaign aide Charles Delavan ever since, the New York Times reported Tuesday in a lengthy look at the Russian-directed hacks of Democratic organizations and operatives.
In recent days, unnamed intelligence officials have told several media outlets that the thefts of emails from the Democratic National Committee, Podesta and others were directed by the Russian government with the express goal of aiding Donald Trump’s candidacy (the FBI reportedly disagrees and believes the Russian government merely sought to sow doubt about the legitimacy of the electoral process).
The Times’ investigation found the attacks were exacerbated by costly mistakes on the part of the Clinton campaign, DNC and FBI.
For example, the report states a tech support contractor at the DNC, Yared Tamene, performed only cursory searches for signs of a hack after being initially contacted by FBI special agent Adrian Hawkins in Sept. 2015 with a warning that the DNC’s servers had been compromised. Despite several more calls in following weeks, Tamene didn’t intensify his efforts.
“I had no way of differentiating the call I just received from a prank call,” Tamene wrote in an internal memo obtained by the Times, referring to Hawkins. “I did not return his calls, as I had nothing to report.”
Hawkins never emailed Tamene out of fear the hackers would know they were being tracked, according to the report. Both Tamene and the FBI declined to comment to the Times for its story.
Tamene’s memo reveals he installed a “robust set of monitoring tools” in April, months after being initially notified of the hacking threat. Then on the eve of the White House Correspondents dinner, Amy Dacey, then chief executive of the DNC, was finally alerted to an unauthorized person with administrator-level clearance in the DNC’s system.
The DNC then hired CrowdStrike to quietly rebuild its system from scratch and search for foreign intruders. Within a day, the firm had identified the breach as originating in Russia. It further attributed the hack to two groups, “Cozy Bear,” or “the Dukes,” a group which Hawkins had asked Tamene to monitor in his original September phone call, and “Fancy Bear,” which first infiltrated Democratic Congressional Campaign Committee computers in March and then moved on to the DNC.
By then, it was too late.
This post has been updated.
Seems to me like it’s not too hard to figure out if a random phone call is coming from the FBI or not. Like maybe asking which office the Agent works from and telling them you’ll call back through the Agency. I mean, we’re talking about a person who is paid to provide IT security services.
If they thought “Fancy Bear” was bad, just wait til they see “Huggy Bear”
I can’t take this anymore. One click on an email brought us President Donald Trump?
Can we #SpiritCook Podesta?
Everyone forgets about Podesta, the first one to start the shiny thing deflection. The phishing scam is a small part of Podesta as a collaborator. Wiki leaks docs show his cell phone user name to be jpodesta and his password to be (yup) password. And he also lost his phone once in a cab in NYC.
I don’t use the word ‘collaborator’ in the same sense as Fred Koch but the Podesta family has been in the political lobbying business for decades and has also had financial dealings in Russia. Even Podesta’s daughter was involved in a Russian company stock manipulation scam!
The beat goes on.
I’ll bet it was the one that says:
I almost fell for that one, myself…