Russia's hackers took only a week to pry into Clinton camp 

One outside expert who reviewed the data said it showed how even the well-defended Clinton campaign fell prey to phishing.

Published: 04th November 2017 12:18 AM  |   Last Updated: 04th November 2017 12:18 AM   |  A+A-

Former Secretary of State Hillary Clinton. (Photo | AP)

By Associated Press

WASHINGTON: Nineteen thousand lines of raw data associated with the theft of emails from Hillary Clinton campaign staffers show how the hackers managed the election-shaking operation.

Minute-by-minute logs gathered by the cybersecurity company SecureWorks and recently shared with The Associated Press suggest it took the hackers just over a week of work to zero in on and penetrate the personal Gmail account of campaign chairman John Podesta.

One outside expert who reviewed the data said it showed how even the well-defended Clinton campaign fell prey to phishing, a basic cyberespionage technique that uses bogus emails to harvest passwords.

"They were the most security-aware campaign that I'm aware of," said Markus Jakobsson, the chief scientist at email security company Agari. "And yet this happened." emails were locked down using two-factor authentication, a technique that uses a second passcode to keep accounts secure. Other measures included the automatic deletion of most messages after 30 days and phishing drills for staff. Security awareness even followed the campaigners into the bathroom, where someone put a picture of a toothbrush under the words: "You shouldn't share your passwords either."

But hackers who began their break-in attempts on March 10, 2016, with random emails to obsolete addresses quickly learned their way around the campaign's address book, first targeting senior staffers at work before switching to their Gmail inboxes, some of which had not been protected with two-factor authentication.

On March 19 the hackers appear to have broken into Podesta's personal inbox, setting the stage for weeks of embarrassing disclosures.

Overall, the AP documented well over 400 attempts to break into Clinton staffers and Democratic operatives between March and May of 2016 — an illustration of what Jakobsson said was a key principal behind most phishing attempts.

"If you try enough, sooner or later you'll be lucky," he said.



The AP's reporting has shown how the hackers who hit Podesta acted globally in close alignment with the Russian government's interests — backing assessments made by U.S. intelligence agencies that Russian spies were responsible. Here's a review of the evidence:

The hackers worked business hours, Moscow time

They created nearly all their links from 9 a.m. to 6 p.m., Moscow time, according to AP's analysis of the data. They were busiest in the midday hours and took weekends off.

Russian rivals and global trouble spots dominate the targeted countries

At least 573 individuals or groups were targeted in the United States, which has been a focus of Russian spying since the Soviet era. Ukraine, where Russia is backing separatist rebels against the government in Kiev, came in second with 545 targets.

Other countries that were the focus of the operation were former Soviet state Georgia; Syria, where Russia has been backing the government in a bloody civil war; and Russia itself, where many government opponents were targeted. The AP has identified people in 116 countries whose accounts were targeted.

Weeks after the hack, a Trump adviser was told that emails were in Russian hands

In recently unsealed court documents, a former Trump campaign foreign policy adviser said he was told by a professor closely connected to the Russian government that the Kremlin had obtained thousands of emails with "dirt" about Clinton.

Experts who've examined the list say it's Russia

"It doesn't seem plausible that there is another country that would look to target the exact same set of people," said SecureWorks senior security researcher Rafe Pilling.


Disclaimer : We respect your thoughts and views! But we need to be judicious while moderating your comments. All the comments will be moderated by the editorial. Abstain from posting comments that are obscene, defamatory or inflammatory, and do not indulge in personal attacks. Try to avoid outside hyperlinks inside the comment. Help us delete comments that do not follow these guidelines.

The views expressed in comments published on are those of the comment writers alone. They do not represent the views or opinions of or its staff, nor do they represent the views or opinions of The New Indian Express Group, or any entity of, or affiliated with, The New Indian Express Group. reserves the right to take any or all comments down at any time.

flipboard facebook twitter whatsapp