adamparent - Fotolia

Typo allowed Russian hackers to access US Democratic Party emails

Typographical mistake in an email warning of a phishing attack on the US Democrats led to thousands of private emails being accessed and published by Russian-backed hackers

Russian hackers were able to publish thousands of emails stored in the Gmail account of Hillary Clinton’s US presidential campaign chairman after a typo meant that a phishing email was allowed to penetrate systems.

According to an investigation by the New York Times, a typo in an email from Clinton campaign aide Charles Delavan warning a colleague that an email sent to a private account of campaign chairman John Podesta was a phishing attack, led to it being labelled legitimate instead of illegitimate.

“This is a legitimate email. John [Podesta] needs to change his password immediately, and ensure that two-factor authentication is turned on his account,” said Delavan’s email. It recommended that this should be done as soon as possible.

The mistake gave hackers access to 60,000 emails in Podesta’s private Gmail account, which they then published.

US intelligence officials claimed the emails were given to Wikileaks by the Russian government-backed hackers, which released them to coincide with the run-up to the US election. News of the leak was heavily used by Donald Trump’s campaign team.

Earlier this month, in a joint statement, the US Department of Homeland Security (DHS) and the Office of the Director of National Intelligence on Election Security accused government-led Russian hackers of stealing and publishing emails from political organisations, such as the Democratic National Committee, and said: “Only Russia's senior-most officials could have authorised these activities.”

Their statement read: “The US intelligence community is confident that the Russian government directed the recent compromises of emails from US persons and institutions, including from US political organisations. The recent disclosures of alleged hacked emails on sites like DCLeaks.com and WikiLeaks and by the Guccifer 2.0 online persona are consistent with the methods and motivations of Russian-directed efforts.

“These thefts and disclosures are intended to interfere with the US election process. Such activity is not new to Moscow – the Russians have used similar tactics and techniques across Europe and Eurasia, for example, to influence public opinion there.”

Read more on Hackers and cybercrime prevention

CIO
Security
Networking
Data Center
Data Management
Close