Security News

7 potential explanations behind the DNC email leak

Gracie Roberts, 26 July 2016

How could a team of hackers have gotten access to DNC emails? Filip Chytry discusses seven potential security gaps that could explain the recent DNC email leak.

DNC.png

Many of you have likely been keeping up with recent news about the resignation of Democratic National Committee chairwoman Debbie Wasserman Schultz following a large email leak from WikiLeaks. An article from ZDNet summarizes the event in the following statement:

“The leak from WikiLeaks on Friday included 19,000 emails in a searchable database. Some alleged emails sent from the accounts of Democratic National Committee officials were trying to weaken [Bernie] Sander's campaign for the nomination, with one thread even targeting his religion.”

 In further describing the origin of the hack, the article goes on to say:

“WikiLeaks didn't disclose how it obtained the emails. The leak comes after Russian hackers gained access into the DNC computer system last month, and the Clinton campaign believes the country provided the emails to WikiLeaks to sabotage the campaign against Donald Trump.”

How did the DNC email leak happen?

Our team has dug deeper into the facts in an attempt to pinpoint what has been taking place behind the scenes of these ongoing DNC hacks. Avast’s Manager of Mobile Threat Intelligence, Filip Chytry, has outlined seven potential methods that the team of hackers could have used to carry out these significant breaches:

Filip Chytry1)      Duplicate passwords: There’s a good chance that DNC officials had been using the same password on multiple accounts, meaning that hackers would have been able to access the officials’ email accounts after previously uncovering the passwords elsewhere.

2)      Spearphishing: In this case, the team of hackers would have crafted a tailor-made phishing campaign specifically targeted at DNC officials. If this method was used, the hackers would have needed to monitor the online behavior of the DNC for some time and craft a campaign preying on any potential vulnerabilities.  

3)      System vulnerabilities: It’s a given that different types of operating systems contain a variety of various vulnerabilities. The system used by the DNC may contain a few of the thousands of vulnerabilities that we’re currently aware of.

4)      Unsecure mobile apps: It’s possible that sensitive data from DNC officials was leaked onto an unsecured server. This can happen when installing a large number of permission-hungry apps that collect (and potentially distribute) personal information.

5)      Compromised email server: It’s safe to assume that the DNC uses their own private email server, as this should decrease the chances of that server becoming compromised. However, there is a chance that the hackers targeted the DNC server and compromised it in order to access email content.

6)      Wi-Fi spying: In the case that DNC officials ended up in close proximity to the team of hackers, the cybercrooks could have intercepted their Wi-Fi connection and targeted a payload into their devices to gain access.

7)      DDoS password attack: This attack method would consist of repeatedly guessing the password to the DNC email server. Although the probability that the team of hackers made use of DDoS in this case is not entirely impossible.

For comprehensive information about the Democratic National Committee email leak, check out CNN’s article, which discusses the fact that the DNC had been warned about the potential presence of hackers in their computer network months before the Democratic party made an effort to resolve the problem. Once they brought in a security firm to aid the situation, it might have already been too late to curb the damage done by hackers. Although the specific method used by the group of hackers remains unclear, it’s quite likely that they made use of more than one method and have been active for a long time.