How to Un-Leak a 'Hack-and-Leak' Operation
Armand here, RPost’s product evangelist armadillo. While I am not registered to vote in the U.S. Presidential elections (they don’t let us non-humans vote yet 😉), I have been following the election from a cybersecurity perspective.
I was struck by how these campaign operators really don’t appreciate how much information they let fly around really with very few controls. The US Justice Department recently unsealed an indictment against a handful of Iranian operatives for their alleged “Hack-and-Leak” operation targeting presidential campaigns, political advisors, politicians, and various government operations. This operation, as the Justice Department states, was designed to influence the 2024 U.S. Presidential Election.
Without getting into the details of which campaign was hacked with aim to leak to which other campaign, the important thing here is --- most likely, both campaigns were hacked, and most likely, more than they even know it. (If you have some armadillo curiosity, I recommend reading the Justice Department Hack-and-Leak Operation Summary.)
What happened?
In the flurry of any transaction, political campaign, government operation planning, or crisis, there is a fever pitch of email and documents flying around. Everyone “assumes” others will protect information as seriously as they would themselves. The reality? Most are not paying as much attention to the security as to the task at hand.
These Iranian operatives allegedly compromised email accounts of former U.S. government officials. According to the Justice Department, they began targeting and successfully gaining unauthorized access to personal email accounts belonging to people associated with an identified U.S. Presidential campaign, including campaign officials. There are many tools like “Evil Proxy” with some social engineering that make it trivial to get past complex passwords and multi-factor authentication.
The Iranian operatives found some interesting documents (the “hack”) and then contacted the other campaign and the press to offer to expose these sensitive documents (the “leak”). The hacked campaign then pled with the potential receivers of the leak, not to “look” and the leak, in their attempt to un-leak the leak. Did it work? Did anyone look? Who knows…
What could (or, in my humble armadillo opinion, should) these campaigns have been doing?
First, had the campaigns used the RPost PRE-Crime™ Eavesdropping™ AI technology, they would have received a real-time red alert that certain campaign email was being actively eavesdropped on by Iranian operatives the moment the operatives started to interact with the hacked email. The campaign could then have addressed the situation early on.
But perhaps more protective, had the campaign used RDocs rights protected document technology with the RPost AI Auto-Lock™ on, the moment the Iranian operatives attempted to view the documents in the leaked email account, the insides of the documents would have electronically burned, leaving a useless file carcass. The leak would have been automatically un-leaked – even if the leaked documents had been put on USB devices and stored away in secret briefcases. Plus, the RDocs system would have provided an evidentiary record that there was in fact a leak, the leak was not seen, the leaked content was killed, no unauthorized person saw it before it was killed, and therefore, there would have been RDocs evidence of a non-breach.
Most importantly, the campaign that was the target of this “Hack-and-Leak” operation would have (had they used RDocs with AI Auto-Lock™ tech) their campaign strategy secrets preserved.
Register for our upcoming webinar to see the tech in action: Kill Phish While Still Phish Caviar™ -- Automatically Un-Leak Leaks™
With about $2 billion spent on the presidential campaign this year (collectively) or more, a few bucks to see the unseen with regards to leaky email accounts, and to un-leak leaks, seems like campaign dollars well spent.
Get in touch to learn more.
November 12, 2024
November 06, 2024
November 01, 2024
October 29, 2024
October 25, 2024
Blog