photo RSMAtnWebAdRed13.jpg

The Computer Corner

By Charles Miller

To keep up with the news in my field, I follow a number of tech-oriented websites, including office-watch.org, “Your independent source of Microsoft Office news, tips and advice since 1996.” This website, posted in an article on June 7, 2017, made interesting reading in part because it referenced a leaked top-secret document detailing how Microsoft Word documents were allegedly used in the alleged attempts to interfere in the 2016 US Presidential election. The Russians stand accused of being behind this, but that is something historians will probably debate for decades to come. What is noteworthy here is how unusual it is to have specific technical details about this coming from a reliable source. Usually these kinds of reports are so technically vague they are not worth reading.

The investigative report in question was illegally leaked from the US National Security Agency. At the request of the US government the operators of the office-watch.org website behaved responsibly and redacted the document to remove some identifying information. What was not censored out of the report is that the attack methods used were nothing new at all.

The report details how the hackers targeted employees of various firms that maintained electoral rolls along with government agencies involved in the election system. The hacker’s aim was to obtain employee credentials that could be used to get into various mail servers. Once inside they were able to read documents and emails, send false information and tamper with databases. Maliciously infected Microsoft Word documents were one attack that was used.

Emails were sent to the Democratic National Committee that appeared to come from a trusted source but which had a hacked Word document attached. The infected Word documents had embedded VBA code which then infected the local network when that document was opened. Another method was to email a fake web link that led to what appeared to be a login for Google, but it’s really a fake site that looked like Google and where the user’s name and password were stolen. I need to point out that Google is in no way to blame for this.

Apart from the fact that this hacking might have had an impact on the outcome of the 2016 US Presidential election, the second most distressing fact is that there is nothing new in the leaked report. The entire hacking episode could have been so easily prevented by following the advice I have been giving here for years: Never open email attachments unless you are absolutely sure you can trust the source. And never ever click on links in emails.

Busy people, though, continue to open email attachments and click on links without thinking of the consequences. This is why a few corporations have already configured their email servers to delete all attachments and censor out all links.

Charles Miller is a freelance computer consultant, a frequent visitor to San Miguel since 1981 and now practically a full-time resident. He may be contacted at 044 415 101 8528 or email FAQ8 (at) SMAguru.com.

 

Comments are closed

 photo RSMAtnWebAdRed13.jpg

Photo Gallery

Log in | Designed by Gabfire themes All original content on these pages is fingerprinted and certified by Digiprove