Macron's IT seems to have outsmarted leakers

elgarak

Illuminator
elgarak
Joined
Nov 7, 2003
Messages
4,472
There's not much about this in mainstream media yet, so I post one of the few English articles I found on that. There are warnings not to disseminate the leaked data (which came out midnight in the night from Friday to Saturday, just as the French news blackout regarding the election came into effect) in mainstream media. It appears that a lot of it is fake, pushed intentionally by Macron's IT team, and trying to sort out the data would not work out in a timely manner to affect anything.

Daily Beast

“You can flood these [phishing] addresses with multiple passwords and log-ins, true ones, false ones, so the people behind them use up a lot of time trying to figure them out,” Mounir Mahjoubi, the head of Macron’s digital team, told The Daily Beast for its earlier article on this subject.[/url]

Kudos to this guy. :thumbsup::cool:
Click to expand...
 
Last edited:
According to NPR it happened and helped /gave Macron the election. Personally I think both of them were raging rectums with no more business running a theoretically Democratic country than trumpf has here!!!!!!! Asswipes in both!!!
 
marplots said:
I didn't really understand what the point was.
Click to expand...

The point was: Macron's IT guys where expecting Putin's hackers to come after them, and preemtively spammed the hackers with loads of information - much of it fake, in order to cause confusion in Putin's continued effort to destabilize the west. And they apparently succeded.
 
marplots said:
I didn't really understand what the point was.
Click to expand...

Macron's team seemed to think that they could not stop Fancy Bear from getting in - so they opened the door themselves and fed the bear a great big steaming pile of B.S.

Which worked.

1) There are undoubtedly some documents in the Fancy Bear data dump that would make Macron look bad - politics is like that (imagine if a similar hack had dumped a few thousand GOP documents shortly before the U.S. election). But by flooding the Bear with B.S. information, Macron's team gummed up the process of finding the incriminating stuff. It delayed the document dump and made the process of verifying the information much slower, as now they need to sort through and try to figure out what is real and what isn't.

2) By responding to fishing attempts with false credentials, Macron's team slowed down the rate at which Fancy Bear could access they system.

In other words, the Russian game of hacking into opposition networks and damaging them through carefully timed data dumps may have run its course. Macron's team anticipated it and countered it pretty effectively.

Of course, the French press cooperated by not publishing much of the leaked docs, which probably made a huge difference as well.

Still, the point remains - any major political campaign that is opposed by Russia now understands that Russia will hack them. It is the normal expected course of events in politics now. Now that it is normal, it can be countered.
 
Last edited:
marplots said:
I didn't really understand what the point was.
Click to expand...

From what little Maddow had on Friday, at just 2AM French time... around March 15th, there started a concerted hacking siege that lasted about four or five weeks. Very quickly (they'd been attacked before) the Macron camp did as described, flooding the hackers with fake ID responses.

I don't recall what type of fake data or contact info etc. was deployed, but this is separate from any actual faked documents embedded in the dump by the hackers.

Unfortunately the linked Daily Beast piece is pretty short... hopefully there'll be better detail soon as it gets sorted out, I'd like to understand it as well
 
Should be interesting to see this unfold over future elections. Will campaigns by default, when a phishing campaign is detected, start dumping bogus data and announce they've done it? Or, perhaps not even put the effort in to release bogus info, but claim you did anyway?

That seems an effective countermeasure against these sorts of phishing schemes. But, a side effect would also be a continued erosion of people's trust of media outlets - a goal already attributed to wannabe despots. So, its a win/win for Putin?
 
They're not dumping bogus data to the public. They're dumping bogus data to hackers and purveyors of leaked information - i.e., none of it is supposed to be made public. I'm not clear on the methods yet - options include actively supplying fake "leaks" to bad guys and "falling for" phishing hacks to allow access to fake data on certain systems.
 
crescent said:
Macron's team seemed to think that they could not stop Fancy Bear from getting in - so they opened the door themselves and fed the bear a great big steaming pile of B.S.

Which worked.

1) There are undoubtedly some documents in the Fancy Bear data dump that would make Macron look bad - politics is like that (imagine if a similar hack had dumped a few thousand GOP documents shortly before the U.S. election). But by flooding the Bear with B.S. information, Macron's team gummed up the process of finding the incriminating stuff. It delayed the document dump and made the process of verifying the information much slower, as now they need to sort through and try to figure out what is real and what isn't.

2) By responding to fishing attempts with false credentials, Macron's team slowed down the rate at which Fancy Bear could access they system.

In other words, the Russian game of hacking into opposition networks and damaging them through carefully timed data dumps may have run its course. Macron's team anticipated it and countered it pretty effectively.

Of course, the French press cooperated by not publishing much of the leaked docs, which probably made a huge difference as well.

Still, the point remains - any major political campaign that is opposed by Russia now understands that Russia will hack them. It is the normal expected course of events in politics now. Now that it is normal, it can be countered.
Click to expand...

So in other words Putin's great new weapon in the war against the west is easily foiled by... spamming? Like, the most basic thing that's made the internet annoying for over 20 years?
 
madurobob said:
So, its a win/win for Putin?
Click to expand...

Argumemnon said:
So in other words Putin's great new weapon in the war against the west is easily foiled by... spamming? Like, the most basic thing that's made the internet annoying for over 20 years?
Click to expand...

I think the main thing is that Macron's team expected it and was prepared to counter it. The methods Macron's team used this time might not work next time - but political campaigns are not likely to get caught flat-footed again, which makes Putin/Fancy Bear's job much harder.

And once again there is Cyrillic in the metadata. It gets harder and harder for Russia to maintain plausible deniability.
 
sts60 said:
They're not dumping bogus data to the public. They're dumping bogus data to hackers and purveyors of leaked information - i.e., none of it is supposed to be made public. I'm not clear on the methods yet - options include actively supplying fake "leaks" to bad guys and "falling for" phishing hacks to allow access to fake data on certain systems.
Click to expand...

Right. But, the threat of a data breach from a phishing attack is that embarrassing data will be made public and impact the election. Macron's campaign mitigated that by telling the media what it had done, in advance of any announced leak by wikileaks or others; effectively poisoning the well. At that point any real and embarrassing data wikileaks or others had ready to release became worthless, and anything the media reports on it is suspect.

Now, anytime the media releases embarrassing data about a campaign, no matter how they acquired it, people will have yet another reason to question its validity.
 
madurobob said:
Right. But, the threat of a data breach from a phishing attack is that embarrassing data will be made public and impact the election. Macron's campaign mitigated that by telling the media what it had done, in advance of any announced leak by wikileaks or others; effectively poisoning the well. At that point any real and embarrassing data wikileaks or others had ready to release became worthless, and anything the media reports on it is suspect.

Now, anytime the media releases embarrassing data about a campaign, no matter how they acquired it, people will have yet another reason to question its validity.
Click to expand...

If it came from hacks, yes. I'd say this is rather a reason for people to stop trusting sites like Wikileaks and stop putting faith in data dumps of hacked e-mails, and rather listen to what journalists doing their jobs are saying.

Getting rid of this kind of tactic is a good thing. We shouldn't rely on Russian hackers for our information, as the information we get is 1) not trustworthy, and 2) most likely a nothingburger drenched in a sauce of spin.
 
uke2se said:
... and rather listen to what journalists doing their jobs are saying.
Click to expand...

And also get journalists to do journalism again. I'm so tired of talking heads spouting competing versions of reality.

Sent from my SM-N910P using Tapatalk
 
Argumemnon said:
So in other words Putin's great new weapon in the war against the west is easily foiled by... spamming?
Click to expand...

Not quite. Macron's team didn't hand-deliver batches of bogus documentation directly to the hacker's email addresses. The hackers still had to "hack", "phish", social-engineer, etc their way into the relevant accounts and data; it's just that the data and accounts they "compromised" were fake.
 
Last edited:
uke2se said:
The point was: Macron's IT guys where expecting Putin's hackers to come after them, and preemtively spammed the hackers with loads of information - much of it fake, in order to cause confusion in Putin's continued effort to destabilize the west. And they apparently succeded.
Click to expand...

Not only succeeded, it backfired on Putin and his stooges. The 11th hour leak was probably one of the reasons why Macron outperformed the polls by several percentage points.

This guy is smart.

McHrozni
 
fuelair said:
According to NPR it happened and helped /gave Macron the election. Personally I think both of them were raging rectums with no more business running a theoretically Democratic country than trumpf has here!!!!!!! Asswipes in both!!!
Click to expand...

Why such attack on Macron? And comparing him to Trump is terminally wrong.
 
Argumemnon said:
So in other words Putin's great new weapon in the war against the west is easily foiled by... spamming? Like, the most basic thing that's made the internet annoying for over 20 years?
Click to expand...

Cryptography 101 is to flood the ciphertext with meaningless words (or what have you) to keep the opponent busy. It won't prevent the cryptographer from breaking the code eventually, but it will buy you time. The principle is the same in this case, but the deadline here is much more pronounced and rather short. Anything incriminating that is found only after the election is just about worthless and the most interesting bits will be available in the last few weeks.

McHrozni
 
McHrozni said:
Not only succeeded, it backfired on Putin and his stooges. The 11th hour leak was probably one of the reasons why Macron outperformed the polls by several percentage points.

This guy is smart.

McHrozni
Click to expand...

Precisely what France and EU in general needs. Smart politicians. Maybe after his job as president of France, we could hire him for our little country...
 
So if you're running a campaign, here's what you do:

When you first set-up your network, get about ten people to send out messages with varying wording saying "When the Flovvinflux is released make sure it is kept totally private and do not redistribute or print." Do that for a few weeks, then buy the electronic version of the OED and rename it Flovvinflux.pdf and send to those ten people. The hackers will have been waiting for the file and all the juicy tidbits in it. How huge would that file be in PDF?

Have them communicate back-and-forth about the keys to understanding it. "No. You need to reformat to dot-doc format at 98 characters wide by 117 lines, then it's the fourth word on every line starting with an odd number."

Let 'em spend about 10,000 hours looking for bible code in the OED. (Or maybe the EB; I think that's formatted electronically now.)
 
Last edited:
Foolmewunz said:
So if you're running a campaign, here's what you do:

When you first set-up your network, get about ten people to send out messages with varying wording saying "When the Flovvinflux is released make sure it is kept totally private and do not redistribute or print." Do that for a few weeks, then buy the electronic version of the OED and rename it Flovvinflux.pdf and send to those ten people. The hackers will have been waiting for the file and all the juicy tidbits in it. How huge would that file be in PDF?

Have them communicate back-and-forth about the keys to understanding it. "No. You need to reformat to dot-doc format at 98 characters wide by 117 lines, then it's the fourth word on every line starting with an odd number."

Let 'em spend about 10,000 hours looking for bible code in the OED. (Or maybe the EB; I think that's formatted electronically now.)
Click to expand...

Nah, the hackers will figure out it's the OED sooner rather than later.

Get a coding software (freeware ones are fine) and have a team prepare various coded messages that are then sent around by campaign staff, three messages per week per staffer should be unproblematic if the messages are prepared in advance. Make sure the codes are simple enough to guess (names of places and events) and the text contained therein meaningless and unobtrusive: Bible passages, grocery shopping lists, famous movie quotes, what appear to be username/password combinations and links to more or less random internet sites with logins. Forums are a good choice.

It should be enough to keep the hackers busy for a few weeks, which is all you need.

McHrozni
 
Last edited:
McHrozni said:
Nah, the hackers will figure out it's the OED sooner rather than later.

Get a coding software (freeware ones are fine) and have a team prepare various coded messages that are then sent around by campaign staff, three messages per week per staffer should be unproblematic if the messages are prepared in advance. Make sure the codes are simple enough to guess (names of places and events) and the text contained therein meaningless and unobtrusive: Bible passages, grocery shopping lists, famous movie quotes, what appear to be username/password combinations and links to more or less random internet sites with logins. Forums are a good choice.

It should be enough to keep the hackers busy for a few weeks, which is all you need.

McHrozni
Click to expand...

Oh, you want them to figure out it's the OED, then spend two months plucking out the select words and trying to make sense of them.
 
ddt said:
What about using the post-modern gibberish essay generator? The hackers would not stop staring at the text trying to make sense of it. And it would especially be successful in France. :)
Click to expand...

Oh yes. This. It is indistinguishable from many actual 'works' on political theory:

“Sexual identity is responsible for capitalism,” says Foucault. Derrida uses
the term ‘social realism’ to denote not dematerialism, but neodematerialism.
Therefore, if neocapitalist discourse holds, the works of Gaiman are
modernistic.

:thumbsup::D

McHrozni
 
Last edited:
Foolmewunz said:
Oh, you want them to figure out it's the OED, then spend two months plucking out the select words and trying to make sense of them.
Click to expand...

Yeah, if they fall for it. I'm not saying the principle is wrong per se, just that the OED is not an optimal choice for it.

Using a 500 kword book of machine-produced gibberish on the other hand ... yeah, that would work swell :D

McHrozni
 
Dave Rogers said:
How about a copy of every free e-book on Amazon? Would there be a difference?

Dave
Click to expand...

I believe so, 500kword book of gibberish would almost certainly be studied by a team of experts for hidden clues, messages, passwords and more. Having a large volume of meaningful text would be more readily be seen as nothing more than a collection of books. The gibberish part is essential.

To give you some impression of how long 500kwords is, A Dance with Dragons by George Martin is ~485kwords, War and Peace by Tolstoy is ~575kwords and the Bible (by God? :p) is ~750kwords. Imagine being in charge of a detailed study of a book of that length, composed of paragraphs such as this one:

“Sexual identity is intrinsically used in the service of class divisions,” says Lyotard; however, according to Prinn[3] , it is not so much sexual identity that is intrinsically used in the service of class divisions, but rather the dialectic of sexual identity. Sartre uses the term ‘the posttextual paradigm of reality’ to denote the role of the writer as reader. But the main theme of the works of Eco is the futility, and thus the paradigm, of semanticist society.

Now add in the part when this is done in a language other than your mother tongue. You won't be able to tell quite as easily it's gibberish. Searches for Bible codes and whatnot are far more likely than if you have a straight-up meaningful text of considerable length. It is also possible a few analysts will be driven to insanity, reducing the attackers' capacity to do damage :)

That plus every free book on Amazon would be a tad bulky to send around via e-mail.

McHrozni
 
Last edited:
You must log in or register to reply here.

Back
Top Bottom