The Trump Hack Could Extend Far Beyond a Hack-and-Leak
When news first broke that Donald Trump’s campaign says it has been hacked, I started drafting a post on applying the lessons of past ratfucks.
The alleged hack was first reported by Politico, which says some person using an AOL account reached out and shared documents, including the vetting materials pertaining to JD Vance and Marco Rubio.
On July 22, POLITICO began receiving emails from an anonymous account. Over the course of the past few weeks, the person — who used an AOL email account and identified themselves only as “Robert” — relayed what appeared to be internal communications from a senior Trump campaign official. A research dossier the campaign had apparently done on Trump’s running mate, Ohio Sen. JD Vance, which was dated Feb. 23, was included in the documents. The documents are authentic, according to two people familiar with them and granted anonymity to describe internal communications. One of the people described the dossier as a preliminary version of Vance’s vetting file.
The research dossier was a 271-page document based on publicly available information about Vance’s past record and statements, with some — such as his past criticisms of Trump — identified in the document as “POTENTIAL VULNERABILITIES.” The person also sent part of a research document about Florida Sen. Marco Rubio, who was also a finalist for the vice presidential nomination.
Trump’s bouncer-spox, Steven Cheung, claims the hack was done by Iran, citing a Microsoft report released Friday describing the compromise by Iran of the email account of a “former senior advisor,” which the IRGC then used to attempt to compromise a current high-level official.
Yet another Iranian group, this one connected with the Islamic Revolutionary Guard Corps, or IRGC, sent a spear phishing email in June to a high-ranking official on a presidential campaign from the compromised email account of a former senior advisor. The email contained a link that would direct traffic through a domain controlled by the group before routing to the website of the provided link. Within days of this activity, the same group unsuccessfully attempted to log into an account belonging to a former presidential candidate. We’ve since notified those targeted.
A pity for the Trump campaign that Cheung is a habitual liar, so we can’t trust anything he says, and Politico’s authentication appears to rely exclusively on word of mouth from those who have the documents, not digital authentication.
Still, it’s distinctly possible. The FBI certainly seems to believe the IRGC is trying to assassinate Trump.
The lessons I was going to propose in my draft post were the following:
- Vice President Harris should eschew assigning her senior-most staff to exploiting these emails like Trump did in 2016.
- But only after Trump, Don Jr, and Mike Pompeo apologize for their enthusiastic use of hacked emails in 2016.
- The same 51 former spooks who warned that the Hunter Biden laptop had the earmarks of a foreign influence operation should write a similar letter here, emphasizing (as they did in their Hunter Biden letter) the import of resisting foreign efforts to influence a presidential election. Maybe Peter Strzok and Andy McCabe could join in. Chris Krebs, who already has weighed in validating the seriousness of the threat, but who was fired for telling the truth about the 2020 election, can join too. They should send it to Politico, which first reported this story, but CC Jim Jordan, who says even writing such a letter is an abuse of First Amendment protected free speech.
- Donald Trump must provide all the affected servers to the FBI, stat.
It’s the last one that was going to be my punch line. Partly because of misleading (arguably inaccurate) Jim Comey testimony, and partly because a wide swath of people had an incentive to do Russia’s bidding, for eight years people, including many in Congress, have been suggesting that a hacking victim must give all the servers that were hacked to law enforcement — the actual servers, not forensic images — otherwise the FBI’s investigation would be suspect.
They were wrong on several counts. But they were loud and insistent.
Fine. Based on that precedent, Trump must hand over his campaign servers to the same FBI that has criminally investigated him, including his campaign finance shenanigans, immediately.
That’s what I was going to write when Politico’s Alex Isenstadt, who is not a journalist competent to report a hack-and-leak story, was the only one who had written this up.
But then WaPo wrote it up, with Trump-whisperer Josh Dawsey and horserace journo Isaac Arnsdorf bylined, but also Ellen Nakashima and Shane Harris, the latter two of whom are exceptional reporters for a story about hacking.
That story had two additional details that made me rethink the potential impact of this. First, it revealed that Trump didn’t tell the FBI about the hack.
People familiar with the matter said the campaign separately concluded earlier this summer its email system had been breached but did not disclose it publicly or to law enforcement. The people said some officials were told to take more protective measures on their email accounts. At the time, campaign officials communicated to others that they weren’t sure who hacked the emails.
It’s not even clear whether Trump got an outside contractor — and if so, if it was someone more competent than Rudy Giuliani, whom Trump once pitched as a cybersecurity expert — to help clean up this mess. It took Crowdstrike and the DNC over a month to attribute the Russian hack, but they never fully cleaned it up. And persistent attacks continued through the election. That is, even with a respected outside contractor, the Democrats were wasting energy on whack-a-mole defense efforts for the remainder of the election.
Against that background, WaPo’s description of what the persona shared becomes more alarming.
On Thursday, The Washington Post was also sent a 271-page document about Vance from a sender who called himself Robert and used an AOL email account. Dated Feb. 23 and labeled “privileged & confidential,” the document highlighted potential political vulnerabilities for the first-term senator. Two people familiar with the document confirmed it was authentic and was commissioned by the campaign from Brand Woodward, a law firm that represents a number of prominent Trump advisers in investigations by state and federal authorities.
The document drew from publicly available information, including past news reports and interviews with the senator. The campaign commissioned several reports of other candidates, too, the advisers said.
The sender would not speak on the telephone with a Post reporter but indicated they had access to additional information, including internal campaign emails and documents related to Trump’s court cases. [my emphasis]
First, Brand Woodward did the campaign’s vetting.
Stan Woodward represents, along with others, Walt Nauta, Kash Patel, and Peter Navarro in various Trump-related criminal investigations, as well as some seditionists. He’s a great fit for Trump insofar as he’s good at generating outrage over manufactured slights — though in front of regular judges, those complaints usually collapse. Multiple filings in the documents case suggest that Woodward has a tenuous relationship with digital technology.
The role of Stan Brand, Woodward’s partner, has been assiduously hidden, except insofar as he has made claims about cases to the press on-the-record without disclosing the tie to Woodward.
Now, WaPo has confirmed that the Microsoft description — of a former advisor pwned and using that person’s email account, an attempt to hack “a high-official” still on the campaign — pertained to the Trump campaign. Given that description, there’s no reason to believe that Woodward or Brand were affected.
But there’s nevertheless a problem with hiring Brand Woodward to do your candidate vetting. To be clear: Brand is absolutely qualified to do that kind of thing. He’s got a long record of doing so in congress. But even Trump appears to have concerns about major issues the vetting process missed, to say nothing of his donors.
Over the past two weeks, Mr. Trump has fielded complaints from donors about his running mate, JD Vance, as news coverage exploring Mr. Vance’s past statements unearthed — and then exhaustively critiqued — remarks including a lament that America was run by “childless cat ladies.”
Mr. Trump dismissed out of hand donors’ suggestions that he replace Mr. Vance on the ticket. But Mr. Trump privately asked his advisers whether they had known about Mr. Vance’s comments about childless women before Mr. Trump chose him.
There were better choices to vet candidates, but if Trump wants to let a thin team vet the surly troll he picked to be his running mate, that’s his own business.
My alarm about the news that Brand Woodward starts, however, by the way that the Trump campaign has muddled various functions, criminal and civil defense with campaign finance and, now, candidate vetting. It creates a legal morass, one that — if Trump loses this election — could lead to more legal trouble down the road.
Maybe that’s why Trump didn’t call the FBI.
But it also means that some people — most notably, Susie Wiles and Boris Epshteyn, along with Woodward and Brand — are playing multiple functions. Wiles is the one who decides who gets their criminal defense bills paid, she’s also the one who decides how to spend campaign cash, and she was a big backer of the JD pick.
When people play overlapping functions like that, it means that a hack targeted at them for one function — say, candidate vetting — may strike a gold mine of documents pertaining to another function — say, criminal defense.
WaPo’s reference to “documents related to Trump’s court cases” — Politico quoted the persona offering a “variety of documents from [Trump’s] legal and court documents to internal campaign discussions” — may ultimately pertain exclusively to Trump’s electoral court cases. If it does, those could be some of the most newsworthy out there, since Trump’s electoral court cases pose a direct threat to democracy.
But what if they don’t? What if these documents pertain to what those overlap people — people like Wiles or Epshteyn, and they’re only two of the most obvious –know about Trump’s criminal cases? What if they pertain to claims that witnesses have made to the FBI about where documents got moved or what was included in them? What if they pertain to the actual documents Trump stole, starting with the US strategic plan against Iran that Trump shared with Mark Meadows’ ghost writers?
Trump has not firewalled his campaign from a criminal case involving the most sensitive documents of the US government, meaning a well-executed hack targeted at his campaign may turn into an intelligence bonanza.
If Iran plans to make things difficult for Trump, the problems may extend well beyond what documents get leaked. As they did in 2016, this could mean that Trump wastes resources having to serially defend against hacking attempts via a range of different platforms. It could mean that Iran does what Russia did, hack key strategic models to optimize other kinds of fuckery later in the election. Because — unlike Russia — Iran is actively trying to kill Trump, not just defeat him, hacked documents may also facilitate efforts like those charged against Asif Merchant, manufacturing fake protests to create distractions to facilitate an assassination attempt.
The question of how to approach this news, if it is further confirmed, goes well beyond the question of whether to publish the documents allegedly stolen by Iran. In significant part because Trump refuses to maintain boundaries between his political life and his criminal life, hacks from Iran could create real damage to the United States beyond what they do to Trump’s campaign.
So by all means, let’s pause for a moment of schadenfreude. Let’s review all the things Trump said and did in 2016 and 2020 (including with the Hunter Biden laptop) that invite his opponents to fully exploit stolen documents this time.
But as you do that, consider that this ratfuck may be far more dangerous to the US than those targeting Hillary and Hunter.
Probably just the tip of the digital iceberg, and seriously evident that no Trump campaign or administration is qualified to safely retain our nation’s most sensitive information. The Harris campaign needs to drive this home everyday through November, not as a matter of politics but a matter of national security.
President of the US for 4 years and he still has no idea about why security protocols even exist.
Meanwhile, Harris gets criticized for using wired earbuds…
When I first read about this hack yesterday, my head almost exploded. When the day started out the NYT online’s lead story was that Harris was now leading Trump by 4 points in 3 swing states, included PA. so of course I thought the Trump campaign would do everything possible to get that news off the front pages. Sure enough, by last night both WSJ and CNN online editions were both leading with the hack story….and now (mysteriously) it has all but disappeared from the WSJ online edition.
Perhaps I’ve grown cynical, but I thought how convenient it would be for a campaign to be able to leak out seemingly scandalous documents whenever an opponent occupies the headlines.
But Marcy has now provided additional details from WAPO, so perhaps it does involve a real hack.
Regardless, I really appreciate the excellent forensic analysis by Dr Wheeler on all these stories as well as the comments from some of the very skilled commentators on this site. They’ve taught me to read these stories in the media with a more critical eye.
Chris Krebs believes it’s real. I put a lot of stock in what he says.
Krebs was okay with Trump until Trump tried to get him to ratfuck the election after the fact.
[Welcome to emptywheel. Please choose and use a unique username with a minimum of 8 letters. We have adopted this minimum standard to support community security. Because your username is far too short it will be temporarily changed to match the date/time of your first known comment until you have a new compliant username. Thanks. /~Rayne]
Trump didn’t try to get him to ratfuck. Trump fired him because he didn’t.
Krebs did an important job and did it without apparent interference until he was fired. Without him the outcome of 2020 might have been different.
Real hack or not. If I were the Harris/Walz campaign, I wouldn’t come anywhere near trying to use it in the campaign. Doing so could backfire. When asked either have no comment or “We take all hacking of digital material seriously.” and leave it at that.
Would be nice if we could get a “this is one of many ways Trump is dangerous” in there when any questions like this arise.
[Welcome back to emptywheel. Please use the same username and email address each time you comment so that community members get to know you. You attempted to publish this comment as “dougr100”; it has been changed this one time to match your established username. Letter case and spacing matter. Please check your browser’s cache and autofill. Thanks. /~Rayne]
The *campaign* shouldn’t touch the hacked info with a 10 foot pole.
But I would expect media and “unaffiliated” parties to be all over the details.
Right, this is like the Trump campaign putting poop in a bag on someone’s porch, lighting it on fire, and then ringing the doorbell.
[Welcome back to emptywheel. SECOND REQUEST: Please choose and use a unique username with a minimum of 8 letters. We have adopted this minimum standard to support community security. Because your username is too short and insufficiently unique it has been temporarily changed to match the date/time of your first known comment until you have a new compliant username. Thanks. /~Rayne]
Yup, yup. VP Harris has plenty of Democratic (and democratic!) talking points to discuss without stooping to his level. The “But Her Emails!” crowd crave those blood-in-the-water sound bites, and their cult leader churns them out like so much chum. I’d expect nothing less from a malignant narcissist “leading” a white grievance dumpster fire revenge tour.
Politico too evolved to publish it now, in 2016 Caputo wasn’t so fastidious. What changed?
I was with you as this whole story seems to tie Biden/Harris to Iran while elevating Trump/Bibi’s arguments. Since Dr. Wheeler believes there was a hack, I will be patient, but the whole story in the indictment of the Pakistani as well as who got hacked will certainly stay concealed? He has a wife/kids in Iran and Pakistan?
The other thing that bothered me is that the timing seems to overlap an actual assassination attempt, so it would be interesting if this plot resulted in information flowing to the Secret Service. I realize threats are happening all the time, but this was in the works, so does that result in a higher security threat?
A hack occurs but they only pedal the JD Vance info? Weird.
Yes, the Iranian assassination attempt has resulted in higher security, as has Crooks.
Yes, the IC undoubtedly has intelligence about IRGC’s targeting of Trump. How much they know about the hack, though, is a different question. Remember that the FBI warned Hillary about the hack but didn’t get involved until they were invited.
Yes Trump lies about many things.
Yes, his team may well be lying about this.
But we already know from the physical evidence recovered during the search that Trump comingles everything (including his thoughts).
The man still likely retains Nat Sec secrets.
If he wasn’t hacked yet (I lean that he was) he is far more likely to be hacked in the future.
He is a walking NatSec risk.
Yes, this was my thought as well. Why leak this particular info when there must be a very rich lode of other sensational docs they could’ve leaked? This resulted in some of my skepticism as well.
My thought is that the leakers are trying to establish their bona (mala?) fides with trivial information. Once the leakers are ‘in,’ they can then do whatever mischief they have in mind, whether that is leaking real or falsified ‘information’ or, perhaps, something else.
If you remember, part of what made the DNC hack so effective was releasing the information a bit at a time. If you dump the information all at once, it creates a big event, but it’s a one-time thing that can easily be buried by the next exciting newsicle that comes along. If you release it across a few weeks or months, it keeps it in the news for long enough to dominate coverage and convince people it’s a key issue. In the same way, releasing something that looks mostly like salacious gossip but can be confirmed to be real makes the hack look legit. It lets you build up to bigger releases later, and possibly even slipping in some fabricated documents that will be accepted once people are used to thinking the whole thing is real.
Harry & Roger: This. Seeding a disinformation campaign with nuggets of truth is always Step 1, to make the later lies more easily digestible.
Of course, in this case, it’s Trump’s campaign that’s been hacked. Marcy’s point about the risks posed by Trump’s refusal to compartmentalize his activities is absolutely spot-on: it’s going to be really difficult to tell if any particular detail is true, a lie, a ratfuck, or a crime.
Excellent point!
Brilliant, sobering analysis.
As you write: “But as you do that, consider that this ratfuck may be far more dangerous to the US than those targeting Hillary and Hunter”
We can blame Aileen Cannon for a good portion of the US Nat. Sec. risk. The indictment was filed in June, 2023. Trump should have been convicted and sentenced long ago. All of the documents he had should have been recovered.
If true, this goes way beyond Aileen Cannon.
True.
But had she handled this case as an unbiased Judfe would normally have, the current potential NatSec risk would have been closed.
THAT is my concern. This case should have been beyond politics.
It wasn’t considered so in her court.
Pretending that only Donald Trump and these particular documents was/is the only area where there are leaks is not credible. The risk is not going away suddenly when Donald Trump is off the stage.
Let’s hope the Harris/Walz campaign is disciplined with respect to following hacking defense protocols.
I can easily imagine Trump Campaign vulnerabilities because they are arrogant enough to imagine that foreign powers hostile to the Biden Administration would never try to compromise Trump.
Exactly! And what if Iran was successful and has demonstrated its bone fides to Trump and now Iran decides not to kill Trump but to leverage him instead?!
Will Trump use this hack as a way to drop Vance?
Any chance a nation-state “friend” of Iran contracted the hack? Because timing is everything:
https://breakingdefense.com/2024/07/what-the-russia-iran-comprehensive-agreement-means-for-western-security-interests/?
https://www.israelhayom.com/2024/05/26/israel-fears-russia-may-transfer-advanced-cyber-capabilities-to-iran/
About zero chance. More likely a change in campaign scapegoats.
Don’t know who was involved, nor should that matter except that it be a lesson in the importance of vigilance (regardless of what side you are on).
When you read EW’s closing:
“So by all means, let’s pause for a moment of schadenfreude. Let’s review all the things Trump said and did in 2016 and 2020 (including with the Hunter Biden laptop) that invite his opponents to fully exploit stolen documents this time.
But as you do that, consider that this ratfuck may be far more dangerous to the US than those targeting Hillary and Hunter.”
The two articles I linked to give insight to the level of danger and the nation-state players. So, I disagree, it does matter.
“Iran, if you’re listening…”
What comes around, goes around.
Some intelligence folks are saying, that Iran has Trump in their cross-hairs. Iran will not miss by 2-inches like a spectrum kid.
Droning would be too tit-for-tat.
My apologies to community members — I should have caught this sooner.
Let’s avoid using slang labels for neurodivergent persons ESPECIALLY WITHOUT ANY SUPPORTING DOCUMENTATION.
Let’s get back on topic.
~ Your friendly neighborhood moderation team
***** UPDATE — 13-AUG-2024 12:15 PM ET *****
I will bin any further comments which are off topic, which is the hacking of Trump’s campaign and national security exposures.
Here you go Rayne:
https://www.thedailybeast.com/fbi-thomas-matthew-crooks-had-sat-score-high-enough-for-harvard
FBI says Thomas Cooks ‘strikingly intelligent’
[Moderator’s note: First, you just replied to a comment in which I said I was going to bin off-topic comments — IOW, you ignored a moderator. Second, there’s not a fucking thing in that article about Crooks’ possible neurodivergence. Pull this again and you’re going to be throttled here because you’ve offended community members, caused a lot of moderation work, and DDoS’d this thread with off-topic content. /~Rayne]
“Spectrum kid”? Really?
As the father of a “spectrum kid”, I would like to tell you to kindly eat poop.
My pediatrician wife says he clearly had some kind of syndrome: maybe fetal alcohol?
[Welcome to emptywheel. Please choose and use a unique username with a minimum of 8 letters. We have adopted this minimum standard to support community security. Because your username is far too short it will be temporarily changed to match the date/time of your first known comment until you have a new compliant username. Thanks. /~Rayne]
Speculation.
(There’s some question about whether “fetal alcohol syndrome” is real or just another term for problem parenting.)
As a spectrum adult, I have no problem with it.
As a spectrum adult, I damn sure DO have a problem with it.
Would it be OK if it were a religious slur or an ethnic slur?
[Moderator’s note: your complaint is noted and I’ve already left a response upthread. Please get back on topic, thank you. /~Rayne]
As a spectrum kid now 77, thanks for pointing that out.
Why would Iran want Trump dead? He isn’t president.
Revenge for killing Gen. Soleimani – Trump ordered the drone strike that killed him…
I’m too busy at the moment to look this up but I wonder if there had been a fatwa issued following the assassination.
@Rayne
I can’t find anything about a fatwa, but apparently an obscure Iranian parliamentarian offered a $3 million bounty on Trump after he left the WH. Source (one of many produced by Google): https:// http://www.aljazeera .com/news/2020/1/21/iranian-mp-puts-3m-bounty-on-president-donald-trumps-head
So a political fatwa in the form of a bounty and not a religious one. Interesting. Soleimani must have pissed off clerics.
wa_rickf,
You’re right, but this is the “goes around”. Might wanna check out what Kermit Roosevelt was doing in ’47 at the behest of BP.
I wouldn’t rule out the Trump team deciding to use this as an opportunity to roll out all kinds of garbage to push it into the headlines.
If they want whatever ridiculous rumormongering on Harris they generated as a part of an opposition research project to go public, they can either release it to credulous reporters in the name of transparency, or they can generate a second hacker who mysteriously publishes it.
I would hope reporters remember what happened to Dan Rather twenty years ago, but a lot of them seem to be oblivious to Swift Boating, so who knows if they have any idea of the implications of rushing to publish.
Agreed. Like Neoliberals and many CEOs and CFOs, Trump never lets a serious crisis go to waste.
Outstanding piece and I concur with all that you stated, especially your comments about Krebs and the lessons you proposed in your original draft. Well said!
As a standard business practice, it has become obvious over the years that Trump uses attorneys and, more importantly, the attorney-client privilege/cone of silence to cover any potential criminal acts he may or may not execute; consequently, Trump’s fleet of attorneys are regularly assigned to participate in a wide variety of tasks and projects simply to ensure these tasks and projects are theoretically protected by attorney-client/cone of silence privilege.
I once worked for a company who used attorneys in the same manner and for the same purpose.
” … attorneys are regularly assigned to participate in a wide variety of tasks and projects simply to ensure these tasks and projects are theoretically protected by attorney-client/cone of silence privilege. ”
Ah, yes, `legal’ is involved almost from the start. OT, but this is now standard operating procedure at many `legitimate’ non-profits such as universities. See, e.g.,
https://www.chronicle.com/article/your-colleges-top-lawyer-has-never-been-more-powerful
At some schools the general counsel’s office has more lawyers than most of the academic departments have tenure track faculty.
Trump creates a lot of his own problems, but the press never seems to pick up on them.
The overlapping responsibilities for his lawyers is a great example. When they do non-lawyer work, no attorney-client privilege attaches. If the client fails to maintain confidentiality – by blabbing or involving extraneous people outside a litigation team – he loses privilege.
If Trump doesn’t cooperate with the feds – something he seems as likely to do as volunteer to pay taxes – and doesn’t hire qualified people to fix his IT systems – he’s screwed, and so might be a lot of other people. Typical Trump.
It’s clearly not important to TFG and his lawyers whether or not attorney/client privilege is truly going to attach in any given instance, as determined by a court. What is important, however, is using any and all assertions of attorney/client privilege as a delaying tactic, no matter if legitimate or specious.
The point isn’t just that he uses attorneys for everything so he can claim privilege if it ever winds up in court. Lots of places do that, and the courts have some limits on what can be considered privileged precisely because so many people try to do this.
The big danger is from mingling his personal, business, and official activities. The same lawyers and aides who help him with his business dealings are also involved in his criminal cases and his candidacy. If any one of those people is compromised, they have the potential to spill information across everything he does. Hack his campaign, and you might also find out details about his business dealings and criminal defense strategy. Bribe one of his business aides, and you may also have access to his campaign plans and, in the unfortunate event he gets back in office, government secrets. There are no security barriers to prevent a compromise in one area from infecting the whole organization.
From Marcy’s link to Chris Krebs’ post on X:
“You might not like the victim here, but the adversary gives zero Fs who you like or don’t like. They have their own objectives and guess what, you’re the target. Take this seriously.
But also keep in mind that you’re part of the playbook, they want you to either amplify it or doubt it. Take a beat, touch grass as the kids say, & just vote. “
American voters decide American elections. Let’s keep it that way.”
If I am Politico, getting an anon AOL email from “Robert” – then am I open to spear-fishing if I open an attachment? Marcy or Ryane or anyone else versed in cyber-intrusion matters have an answer or an informed guess? Israelis hack into Iranian wi-fi Aug 2 or earlier; https://www.jpost.com/breaking-news/article-813000 —- and . . .??
This whole story seems set to ripen; and reminds me of Mad Magazine, Spy-vs-Spy.
That’s what Texas Paul said this morning; he thinks the whole thing is fake. I invite you guys to listen to his podcast and critique it (he’s on youtube).
Thanks to Ron and Rand I ain’t never gonna listen to anyone from Texas named Paul!
Spear-fishing usually involves malicious links, while this story so far mentions attachments. Yes, completely careless handling of that attachment could allow scripts exploiting known & unknown vulnerabilities in MS Windows. Government and most commercial email systems scan attachments for malicious content before the recipient gets the email.
Beyond that, setting up a sandbox (linux) computer with a disposable email address, forwarding to that, disconnecting from the network, then opening the attachment, saving the contents as plain text, then re-imaging the sandbox, is simple enough. If I could do that to survive virus-free 2001-2007 while having students submit their assignments via email (mostly yahoo & aol), Politico (if not the Trump campaign) can do better today.
“If I could do that to survive virus-free 2001-2007”
LMAO it’s been 17-23 years since then. Threats have changed considerably. Most people weren’t using smartphones then, as one example. Tracking pixels which are invisible to persons reading emails or visiting websites have become commonplace (though nonconsensual use is prohibited in EU under GDPR).
“Spear-fishing” is fishing with a spear. The term is “spear phishing,” a form of attack which targets an individual or a specific group of individuals; there are many different forms spear phishing can take, not limited to malicious links and including attachments in emails. It’s the targeting which differentiates it from phishing.
If scanning of email by government and most commercial email systems for malicious content was 100% effective, we wouldn’t be reading about ransomware attacks on the regular. IIRC scanning for tracking pixel code is only 85% effective as just one example.
Reference: https://www.ibm.com/blog/spear-phishing-vs-standard-phishing-attacks/
Just an add-on to what Rayne says (which is 100% correct): The main difference between spear (targeted) and regular/trawl (wide) phishing is the amount of resources devoted.
In a regular phishing scam you don’t care too much about whom bites, and often you want the dumbest possible marks, which is why many of these attacks look fraudulent by design; it weeds out those whom are unlikely to bite.
In a spear-phishing attack you have a designated target, which is usually not the person but the entity they have access to. The attacker would then do diligence research to find out which persons a) have access and b) vulnerabilities that can be exploited. If you just need regular access, you can usually do well by doing a “marketing drive” and hand out free (malware-laden) USB drives at the nearest coffee-shop. Another favorite attack is impersonating a colleague who is known to be travelling.
It doesn’t help that the Trump campaign has been known to have poor password safety.
You do so much legal analysis Dr. Wheeler that sometimes I forget how savvy you are on understanding cybersecurity issues (Hunter Biden’s laptop not withstanding).
Thank you for your cogent take on the situation and bringing in the importance of Trump’s use of overlapping attorneys and staff for multiple tasks and the risk that creates. I’m often amazed by the breadth and depth of your knowledge and analysis.
OK, my moment of schadenfreude before acknowledging the serious natsec concerns:
“If it’s what you say, I love it, especially later in the summer.”
Karma (not Kamala) is a bitch.
It “Karma” sure can be.
“A pity for the Trump campaign that Cheung is a habitual liar, so we can’t trust anything he says,”
Point taken but I don’t trust ANYONE associated with Trump. I assume they are all lying unless proven otherwise.
Stephen Cheung is a proud member of Team Trump, competing in the “Olympics of lying”. *
“He’s running with Donald Trump, somebody who has set records for lying in public life. He just gave a press conference where fact-checkers estimate that he told 162 distortions or lies. That, frankly, is just impressive in terms of being able to physically do that. It’s like the Olympics of lying.”
~Sec Pete Buttigieg
https://www.theguardian.com/us-news/article/2024/aug/11/trump-vance-olympics-of-lying-pete-buttigieg
“A pity for the Trump campaign that Cheung is a habitual liar, so we can’t trust anything he says,”
I think of him as Comical Cheung: he’s Trump’s Comical Ali, probably better known to you Americans as Baghdad Bob.
Replying to Doug R100
August 11, 2024 at 9:25 am
“Would be nice if we could get a “this is one of many ways Trump is dangerous” in there when any questions like this arise.”
See:
“Joe Biden has said it was his “obligation to the country” to drop out of the 2024 presidential election and prevent what he said would be “a genuine danger to American security” if Donald Trump won a second term of office.”
Richard Luscombe
The Guardian
August 11, 2024
https://www.theguardian.com/us-news/article/2024/aug/11/biden-reasons-dropping-out-presidential-race
We know this, and both he and VP Harris know this even more.
My suspicion is that looks so frequently exhausted because in addition to everything else he has on his plate; Israel/Hamas, Ukraine, the economy, etc. he’s also running the largest counter-intelligence operation in U.S. history, and the number or people compromised, mostly Republicans, is surreal.
Yes. And thank goodness it’s Biden/Harris in charge at this time!
Thank you.
The number of infiltrated agents in both official roles – think (R)epublicons, and within the government agencies is probably hard to estimate. But “fellow travelers” have always been there. Probably much more so since Putin took over.
Thank you for your excellent analysis. I view Iran as a Russian proxy that won’t do anything without the blessing of Putin. Since Donald Trump doesn’t firewall, I wonder if the hacker also has direct communications between Trump and Judge Eileen Cannon.
Aileen Cannon is a small piece of this puzzle. For what she does, she doesn’t need to overtly coordinate with Trump’s campaign.
I’d agree with you if he had normal impulse control, but based on his rage posting on Truth Social, that’s not the case. Regardless, his servers need to be obtained by the FBI and evaluated for potential national security breaches.
Nah. One thing Trump is legit good at is being a mob boss. Cannon simply did the job the Federalist Society was set up to put her in place to do. No secret messages required, its all above-board.
Never write what can be said. Never say what can be communicated with a wink or a nod.
https://www.youtube.com/watch?v=HWqKPWO5T4o
Iran and Russia are certainly close but I think it would be a mistake to diminish Iranian power and influence by just writing them off as a Russian proxy. They have their own goals and agenda independent of Russia and the degree to which Russia came to Iran hat-in-hand in order to negotiate arms deals to support the war in Ukraine certainly implies that Iran has their own leverage in the relationship.
Consider how much better off things are for Russia if Trump gets another term, whereas payback aside, it’s clear the that Ds are more willing to restrain Israel (such as it is) and are more willing to engage in good faith negotiations with Iran.
All this information feeds into the anti-Muslim bigotry of the American public since the days of 9/11 and its aftermath which Trump enlarges upon in speeches. Trump’s breaking with Iran on the nuclear deal, his oft-repeated slurs against Muslims, and his assassination of the Iranian General, ad nauseum. His chickens are coming home to roost: his carelessness with official, secret documents, his rhetoric, in general…there may be other state operators in that part of the world who want to “take him out.”
Trump’s press conference (sic) at the Mar-a-Lago venue: huge distance from reporters in a large hall, his paleness, even the difference between his left eye and his right eye, which was not always in sync with the left (something new to my observation since the earlier assassination attempt) add up to a rather pitiful shell of his former self. He seems scared and diminished since the Republican Convention. He now has genuine reasons to be afraid: the hack must concern him, greatly.
However, the Politico article was sensationalist in tone, but, to me, delivered little in concrete information about exactly what was leaked. The leak might be nothing more than an attempt by Iran (?) to plant more fear in Trump. That can be a powerful weapon in and of itself.
The rake stepping proceeds apace! It all seems very much like a situation where the campaign had to fess up to it, or maybe someone else would have? As totally shocked there is gambling in this establishment that we’re just now hearing about this, but also this incident underlines Trump’s lack of fitness for office. They wouldn’t be talking about it if they didn’t have to, unless it’s cover for some other thing they are doing, which is also possible.
Q: I haven’t actually seen what anyone plans to do with this leaked material, regardless of whether the Harris/Walz campaign gets their hands on it. I presume there is some legal reason the private entity (entities?) that received this can’t sell and/or post this on the ‘net?
To the extent that a media outlet practices “access journalism,” that makes them increasingly leery of posting something that will piss off the insiders who give them the access they so desperately seek.
Something has fundamentally changed in the Trump campaign. From the paucity of rallies (Trump’s Happy Place) to the relative silence from the colander that was the campaign. It seemed like every week there was some Rolling Stone or NYT story about the inner discussions in the campaign, and now AFAICT silence. I can see them thrown for a loop by the loss of their chew toy Biden, but its been a couple of weeks, and from the outside they appear rudderless. Are they simply hunkering down until after the Democratic convention? And then what? Weird.
I don’t think that he cares about “winning” the election in the traditional sense anymore. His comments about having enough votes already and the lack of any meaningful campaigning suggests (to me, anyway) that they are going to take whatever lessons were to be learned from January 6 and just declare victory.
Of course, but does something change when the alleged “victim” of the hack claims it’s by a foreign agent? Like, if it was just a standard leak from a campaign by internal staff, well no holds barred! Politics ain’t bean bags and all that. But hey! Iran hack us! SQUIRREL!
My read is that there are 2 victims of the hack:
1. The former senior advisor
2. The senior campaign official
So, at this point in time, my WAG for who those might be: Kellyanne Conway and Susie Wiles. Just a WAG, though.
Which makes the timing of this past week’s Vanity Fair article about Wiles worth a second read. It’s based on an excerpt from Meredith McGraw’s book Trump in Exile.
https://www.vanityfair.com/news/story/susie-wiles-donald-trump-rise-2020
Funny how Wiles was blamed by DeSantis for a leak and the Trump campaign hired her anyway.
Savage Librarian says:
August 11, 2024 at 2:02 pm
Wow, Susie Wiles. Seems like a good time to kick Conway to the curb, anyway, “former”. But “2 victims”? That is assuming they ARE victims. We’re taking the campaign’s word on that and the MSM appears to be playing along. “Buttery Mails!” will never not be funny?
Bugboy, did you read the Microsoft report (and the links within it)?
Rayne says:
August 11, 2024 at 2:12 pm
Oh, damn! I forgot about that, I thought her name looked familiar. Swiftboat dude was bad enough?
Savage Librarian says:
August 11, 2024 at 3:12 pm
Yes, and? No one is arguing that Iran isn’t targeting US elections, Putin didn’t just start screwing with elections either because he liked/didn’t like Trump. He’s always done that, forever. On the other hand: “HOW CONVEEEENIENT!” says the Church Lady?
I dont like commenting and Ill get the standard warning from rayne about not knowing the names Ive used before, but here goes anyway.
Kellyanne Conway was just in the news for FARA registration for a Ukrainian pro Russian oligarch. It’s been my impression that trumpworld folks don’t do FARA registration until after the fact when they’ve been caught redhanded. Am I wrong? Anyway, when I saw that my first thought was that she was in trouble and covering her ass legally and something would be coming out soon. Yet Ive seen no speculation on that yet. Is that not potentially significant or connected with this alleged hack?
[Moderator’s note: No, I’m not going to give you the standard warning which you’ve already received twice. If you’re going to blatantly ignore the site’s comment policy you’ll be banned. You’ve used already used enough usernames — guest, tc, TC, Tc, Tadc, TimC, Anon, anon, and PottymouthFan — to merit banning. /~Rayne]
[UPDATE — 12:35 PM ET — No community members have attacked you. Yes, the letter case and spacing matters — you know this if you’re a regular and are familiar with the “standard warning.” You have zero excuses. I can make it easier for you altogether and save us both some time; it’s not as if you comment often as you’ve noted.]
I think of the “access” as more like a substance. Hey, why not try it. Some folks swear by it. Followed by: jeez, how can I get more of this faster? That last one felt really good. Followed by: I have to have it. Now. And more. Followed by: I know cold turkey is the only cure, but my editor keeps telling me to get any access I can, any time, any place.
Of course, it’s likely some are “access personalities,” hence, more liable to fall under the spell.
/s
Thank you for this penetrating analysis.
I am appalled by the amateurism of the Trump campaign. It would be very easy to have the vetting documents and effort in a different law firm, as DC has many Republican law firms.
I agree with Marcy that there is an element of not learning or caring about national security. But there is also an element of just not taking care of business.
Trump’s commingling is a purposeful, planned strategy. He’s always done it, whether he’s mixing natsec docs with sports memorabilia in his boxes, or he’s running his businesses as President, or spreading his staff attorneys across all of his legal/political/criminal endeavors (corrupting and enmeshing them in the process). It vastly complicates and delays any investigation into him or his activities, and offers a lot of cover and smokescreen opportunities for the inevitable sloppy, careless mistakes:
1) “OMG! The FBI did’t preserve the layering of junk in one of my boxes! Case dismissed!”
2) “My boy Rudy went to Ukraine as my legal representative, not to mine for dirt in my Hunter Biden ratfuckery.”
3) “Is it an official Presidential act or not? Even the Supreme Court can’t say, so I’m immune!”
He thinks it works for him, or he’d do something different.
Trump is also lazy and undisciplined, and hates to use new people, with skills he needs, when he already knows someone he thinks he can draft to do something new.
“Trump blames Iran for email hack and says only publicly available information stolen.”
Trump seems to follow the Kremlin rule – nothing is true, until it’s officially denied – which would mean it involved a helluva lot more than “publicly available information.”
https://www.theguardian.com/us-news/article/2024/aug/11/trump-email-hack
A funny comment from the Guardian coverage: “Iran and others will stop at nothing, because our Government is Weak and Ineffective, but it won’t be for long.” LOL. No amount of government oversight will secure a word class target like Trump, who treats his own cybersecurity as an unnecessary expense.
The approach to Politico is the day after Biden stepped aside.
I think it’s interesting that the article below about Kellyanne Conway came out not long ago. So, my WAG for the former advisor who was hacked would be her. It seems likely that a senior official in Trump’s current campaign would open an email they thought was from her or connected to her. And, after learning that there was a hack, the campaign would have reason to be particularly annoyed with her.
“Trump Allies Believe Kellyanne Conway Is Badmouthing JD Vance” – Marc Caputo, 7/31/24
https://www.thebulwark.com/p/trump-allies-kellyanne-conway-badmouthing-vance
Axios says, without noting the irony:
Steven Cheung, the campaign communications director, warned reporters in a statement: “Any media or news outlet reprinting documents or internal communications are doing the bidding of America’s enemies and doing exactly what they want.”
So they didn’t provide evidence of a hack? And then they didn’t provide evidence that Iran was the culprit? Just piggybacking on the Microsoft Blog by Clint Watts about Iran’s electoral interference?
[Possible correction: the Microsoft Blog is dated August 8. Emptywheel writes it was released Friday, which would be August 9. Maybe it was released the day after Watts wrote it. The earliest archive on the Way back machine is August 9 at 6am which I think is UTC
https://web.archive.org/web/20240000000000*/https://blogs.microsoft.com/on-the-issues/2024/08/08/iran-targeting-2024-us-election/
Here is a reference to the blog just past midnight Eastern Time, so Friday in part of US but Thursday in most of US.
https://archive.is/Gf9cp
Either way, it’s a really quick turnaround for Cheung to include that in evidence of support]
I was on the lookout for something big happening in the digital space Thursday, as August 8 being an important date for symbolism. And also considering that in 2018, Aug 8-10 is roughly when the Q account had important activity over who was in control, including the “comfy? Previews are over Showtime” drop, and the last password set after a string of password cracking and changes.
Thursday did see Nick Fuentes declare the “groyperwar” against part of the Trump campaign.
Really messy tick-tock — the report linked in Watt’s MSFT blog post, Microsoft’s Threat Intelligence Report, is dated August 9:
https://cdn-dynmedia-1.microsoft.com/is/content/microsoftcorp/microsoft/final/en-us/microsoft-brand/documents/5bc57431-a7a9-49ad-944d-b93b7d35d0fc.pdf
MSFT isn’t helping matters.
Interestingly, the Washington Post first wrote about the Microsoft Iran report at 12:01am Friday August 9.
Whatever that means about timing of the report, given that it’s unlikely that the report was released and in less than a minute wrote an article and published it.
The author, Joseph Menn, writes, “..Microsoft researchers said [past tense] Friday [the day about to start] in a report.”
Maybe that reporter was given an advanced copy.
https://archive.is/WTdNh
Menn does have that kind of close ties to SV.
For context on the timing of the Iran hacking reporting & groyper war 2, which both center around Vance selection
June 2024
Iran spear-phishing targeting campaign, as reported by Microsoft August 9
7/15/24
Vance declared VP pick
7/22/24
Politico receives email from anonymous AOL account, then over weeks includes communications from “senior Trump campaign official” and vetting dossier on Vance
Vanity Fair profile on Wiles, as savior of 2024 Trump campaign https://archive.is/m9NQo
8/8/24
WaPo receives Vance dossier from the alleged hacker
9:00pm: Fuentes America First Livestream on Rumble
11:13pm: Fuentes tweet GROYPER WAR: THE FINAL BATTLE https://archive.is/HBVU6
8/9/24
12:01am: WaPo Joseph Menn article Iran uses fake news sites to interfere in U.S. election, Microsoft says
https://archive.is/WTdNh
2:13am Fuentes brags that the groypers have caused groyperwar2, FireWiles, and FireLaCivita to trend on Truth Social https://archive.is/MgGxQ
3:32am Microsoft tweets Iran Interference Blog
10:00am Iran interference blog has been picked up by many outlets, trending
1:02pm Fuentes tweets causes of groyperwar: Trump threatening war with Iran, green cards for students, ties to Haley, Vance selection & influence by deep state Thiel, Trump distancing from Project 2025 https://archive.is/7i3YT
8/10/24
2:41pm Politico Alex Isenstadt We received internal Trump documents from ‘Robert.’ Then the campaign confirmed it was hacked. Cheung blames Iran using Microsoft Blog as proof. The blog says “We’ve since notified those targeted.” For some reason Cheung doesn’t include the notification from Microsoft as proof.
7:18pm WaPo article
Trump campaign says it is victim of foreign hack after leak of Vance report. Also has Cheung point to Microsoft public report and not the notification by Microsoft
Fuentes promised more to come Monday. And Trump has something with Elon planned Monday. A lot of craziness is on deck for today.
THANK YOU! for this.
Glad someone finds this interesting. I’m not sure what if any conclusions can be drawn.
Here are possible scenarios I can think of:
1) 2 Independent groups of people, groypers and Iran, coincidentally are attacking Trump campaign from 2 fronts
2) Iranians are monitoring groypers to maximize attacks for content and timing; and could potentially release material through the groypers pretending to be a disgruntled Trump staffer
3) The outreach to Politico and WaPo could be from a different actor than the spear attack reported by Microsoft, such as another country, a domestic group, or a leak from a disgruntled staffer. In this scenario, Cheung and the Trump campaign could be taking advantage of the Microsoft News to spin a narrative
Since Stan Woodward was given the ability to see classified stuff for the MAL case, is he required to immediately report when he knows about Hacks of his firm’s Computer Tech and/or the Computer Tech that his firm comes into contact with?
WAG here but since the MaL docs case has been dismissed I’m gonna say no.
Dismissal of the case doesn’t necessarily negate any obligations he has regarding the use or misuse of classified information.
Their game plan remains the same as it ever was – CHAOS!
This fits that bill just fine.
As a wise person once said, “we’ll see.”
Bless you, Marcy! Thought of this Ted Rall cartoon after reading your piece:
https://whowhatwhy.org/international/nuclear-cascade-effects/
It’s difficult to tell who’s zooming who in these situations.
Rayne
August 11, 2024 at 1:11 pm
RE:
“I’m too busy at the moment to look this up but I wonder if there had been a fatwa issued following the assassination.”
Each year on the anniversary of Soliemani’s assassination and funeral there is a large protest at his grave site in in his home city of Kerman and in Tehran, an upsurge of high level political rhetoric and reportage of the evolving response of Iranian State actors and agencies.
Below are links to reports from Jan 3 2020, 2022, 2023, 2024
The TLDR is I don’t believe there is a fatwa pronouncing a death sentence,
but strong rhetoric emphasising revenge, and a posturing towards institution of prosecutions and issuing international warrants and sanctions
Furthermore the IRGC f**ked up immensely by shooting down a Ukrainian passenger plane on Jan 8 2000, and then lied about it which caused a severe backlash within Iran, as the public was already divided about the assassination
“The investigation reveals that the Islamic Republic did not benefit from a significant surge in patriotism among Iranian commentators; in fact, some openly applauded the attack. It was only when President Trump threatened to bomb Iranian cultural sites that the commentators rallied around the flag”
https://academic.oup.com/ia/article/99/6/2465/7280011
https://www.middleeasteye.net/news/severe-revenge-awaits-qassem-soleimanis-killers-vows-irans-khamenei
Iran’s Supreme Leader Ali Khamenei warned that “severe revenge” awaits the killers of Qassem Soleimani after a US air strike killed the Iranian top general in Baghdad late on Thursday.
https://www.middleeasteye.net/news/iran-soleimani-killing-irgc-commander-press-review
Brigadier General Esmail Qaani, the commander of the Islamic Revolutionary Guard Corps’ (IRGC) Quds force, has said that those responsible for the killing of Iranian general Qassem Soleimani should learn to live secretly like the British Indian writer Salman Rushdie.
https://www.aljazeera.com/amp/news/2023/1/3/three-years-on-iran-vows-revenge-for-qassem-soleimani
During events to mark the third anniversary of his death on Tuesday and in the days leading up to it, a series of top figures in Iran pledged that they remain fully committed to their promise of “harsh revenge” for the slain general
…The Iranian foreign ministry and the judiciary also vowed to continue their efforts to avenge Soleimani and hold to account perpetrators from other countries such as Israel, the United Kingdom and Germany that Iran believes assisted with the assassination.
…Judiciary spokesman Masoud Setayeshi told reporters on Tuesday that the judiciary has identified 154 suspects in the case of Soleimani’s assassination, 96 of whom are US citizens.
…prosecution notices were sent to the addresses of the 96 Americans people while Iran has requested Interpol “red notices” for dozens, including former US President Donald Trump.
https://www.iranintl.com/en/202301033484
Additionally there had been in August 2022 an arrest and charge in the US of IRGC member relating to a plot to assassinate John Bolton and Mike Pompeo as part of the revenge for Soleimani.
https://www.nbcnews.com/news/amp/rcna132039
Reports in Jan 2024 focussed on the bombing of the protests in Kerman (attributed by CIA as likely non state actors likely ISIS) rather than the developments in the politics of Soleimani’s ‘martyrdom’.
Thanks. I have wondered if there may be a language barrier preventing English-only speakers from seeing a more definitive explanation, but I’m not going to spend the effort to look.
Wow! I am floored by this. I don’t really understand the Iran hack part of this mess, but how could anyone write 271 pages about that weed of a man, JD Vance? He wrote Hillbilly Elegy – big whoop. He is a blank slate who has never held a “real job”, in my opinion. Hedge fund creation is not a real job because they just exploit flaws or weaknesses in our financial system. They don’t produce tangible things like soap or food – things that people need and use. People like Vance are bottom feeders, in my opinion.
When you’re thinking in terms of holding a “real job,” you’re thinking someone like Vance doesn’t have enough on him to fill out a resumé.
Try thinking like a dick-pic sniffing far-right troll. Note how a photo of Vance in drag has now surfaced in the last 24 hours. There’s other material in that 271-page portfolio which may include all the background of his extended family, all their friends and business associates, and anything Vance has done for both business and amusement including whatever he did at college.
That Microsoft report doesn’t attribute the hack to Iran. It’s a risk assessment, that’s all.
It’s also interesting that Trump’s campaign is just using a Fusion GPS style internal pre-oppo report, which sounds somewhat like how Singer & the GOP started the dossier. It should be perfectly professional & probably has a mix of fact & rumor.
Just going to drop by to say that, in my well-informed opinion, this was a real hack and it was almost certainly sponsored by / instigated by Iran. The Microsoft advisory is explicit and well-sourced. Based on my knowledge of their past practices, I’m sure they notified the affected party (and the law enforcement and intelligence communities) well in advance of the publication of the advisory.
I also completely agree with Dr. Wheeler about the national security concerns. Well, more than that, this is a global security concern. Like most authoritarian dictator-wannabees, Trump runs a criminal enterprise thinly disguised as a political movement. And he’s been promised complete immunity for his criminal acts. I don’t think very many people in the U.S. really understand the danger and the vulnerabilities that creates.
Thanks WO! That bottom line bears repeating:
Thank you, sincerely, especially the note about law enforcement being notified. But I just looked at the brief MS report again and while it ‘points the finger’ at Iran, it’s obviously not based on any forensic analysis. Beyond examining one (seemingly unsuccessful) phishing attempt it does not refer to any examination of metadata or detail about examination of the campaign’s servers.
You’ve made some assumptions about this situation that aren’t helpful to understanding what Microsoft knows about this situation. Here’s the paragraph from the Microsoft Threat Analysis Center:
[Emphasis added]
That highlighted sentence tells me quite a bit. First, Microsoft has access to that email. Either the former senior advisor or the campaign’s email account(s) use Microsoft’s service for detecting email threats (or likely both!). The email tripped an existing Microsoft filter (almost certainly because of the redirect through that particular domain). Microsoft was watching that domain because it’s been associated with multiple Iranian spear fishing efforts in the past. That’s not proof (in the legal sense), it is very strong evidence.
And rather than “seemingly unsucessful”, I read that sentence and the following ones as strongly implying that Microsoft believes the attempt was successful. For one, Microsoft almost never singles out a company, and certainly not a single individual, for having succumbed to a spear phishing attack. And “within days of this activity” implies a connection between the spear phishing and the logon attempt.
The way that Microsoft would know the attack was successful would be if the campaign official was using Outlook (Microsoft’s email client), Microsoft would know whether or not the official clicked that link. Given that the Trump criminal enterprise is known to have previously been a Microsoft email customer, I think that’s highly likely.
None of this requires Microsoft to examine metadata or servers that it doesn’t already have access to.
Truly, thank you for this response! Have a good evening.
I concur with your interpretation. Additionally, reading between the lines here, the access they gained was that of a regular user, probably to cloud-hosted email and documents (sharepoint). This means they could read whatever that user had priviledges for. As attacks go, this could be worse if they’d gotten admin/root access to the server itself.
Just a friendly reminder that the best thing you (yes, you who are reading this) can do for your own security is to use a password manager to have distinct passwords for each site. The most common form of “hacking” is re-using credentials from one compromised site on others.
zscoreUSA August 12, 2024 at 11:27 am says:
“Fuentes promised more to come Monday. And Trump has something with Elon planned Monday. A lot of craziness is on deck for today.
Here are three related entries on NYT Live Election Blog this morning:
1] https[:]//www.nytimes[.]com/live/2024/08/12/us/harris-trump-election/1ddccaea-effe-5bb5-9fd9-fc7edc0088af Aug. 12, 2024, 9:09 a.m. ET
2] https[:]//www.nytimes[.]com/live/2024/08/12/us/harris-trump-election/5cc49886-fa0e-575b-b59e-4855a530d72d Aug. 12, 2024, 10:20 a.m. ET
3] https[:]//www.nytimes[.]com/live/2024/08/12/us/harris-trump-election/3b13ec58-9e3f-51ac-b046-9325e660d6d4 Aug. 12, 2024, 11:54 a.m. ET
Sadly, Trump’s 115 million shares of DJT are worth only about $2.75 billion today, without calculating the tax effect of selling them.
Marcy has a post up about Musk’s Xitter:
https://www.emptywheel.net/2024/08/12/elon-musks-machine-for-political-violence/
Rat Fvcker STONE’s Time in the Barrel:
https://bsky.app/profile/qjurecic.bsky.social/post/3kzkjx6beir2r
Aug 12, 2024 at 6:26 PM
In the screenshot:
WaPo article:
FBI probing alleged Iran hack attempts targeting Trump, Biden camps
Since June, agents have been pursing evidence Iran has targeted advisors of the two presidential campaigns.
That certainly ups the schadenfreude and the risks.
Is there a way for Harris to eschew the use of the hacked data that does not effectively immunize Vance on every point of vulnerability raised in the 271-page report, that her own team might have had the opportunity to uncover during the course of normal opposition research, but which this release preempted?