The many connections between Trump’s campaign and Russian interests are so numerous that it’s difficult to keep track of them all. Trump’s personal ties are quite extensive in themselves, with new layers being peeled back all the time.
At this point, it’s hard to be shocked by new revelations when it comes to Russia, scandals, or new outrages from Trump. Even still, the news that broke today is pretty shocking. Four years ago, Russian hackers compromised hundreds of Trump’s web addresses, a fact the Trump Organization attempted to cover up.
This lends credence to the theory that compromising Donald Trump and using him as a candidate to divide the country was a long-term goal of the Russian government. They probably didn’t expect to actually win, and just saw him as a worthy pawn to foment civil unrest.
‘The Trump Organization denied the domain names were ever compromised. But a review of internet records by the AP and cybersecurity experts shows otherwise. And it was not until this past week, after the Trump camp was asked about it by the AP, that the last of the tampered-with addresses were repaired.
‘After the hack, computer users who visited the Trump-related addresses were unwittingly redirected to servers in St. Petersburg, Russia, that cybersecurity experts said contained malicious software commonly used to steal passwords or hold files for ransom. Whether anyone fell victim to such tactics is unclear.’
It gets weirder:
‘The attacks took place as Trump was preparing to travel to Moscow for the Miss Universe pageant, which was held on Nov. 9, 2013, at a property owned by a wealthy Russian real estate developer.’
ABC also reports that some of the addresses remained compromised until very recently: “Within days after the AP asked the Trump Organization about the tampering, the affected web addresses were all corrected.”
A cybersecurity expert quoted by ABC was confused by the hack, saying, “I have simply never seen a benefit accrue from an attack of this kind. I’m at loss, unless it’s a demonstration of capabilities.”
“Unless it’s a demonstration of capabilities” is one theory, and another is that the Trump web addresses were then used by a larger network of bad actors as part of further malware schemes. Or, potentially, both. The fact that it coincided with a trip to Russia seems interesting, especially given Trump’s habit of being completely ignorant of technology (with the obvious exception of twitter). Mother Jones has more:
‘Another computer security expert, who also asked not to be named, notes that this network of shadow subdomains may have been established by a criminal enterprise looking to use the Trump Organization’s computer system as the launching pad for various cyberattacks on other individuals or entities. But, he adds, this breach also could be exploited by state or nonstate actors attempting to infiltrate the Trump Organization. “At the least,” he remarks, “it shows the Trump Organization has been badly run.”
‘In his blog post, Eib notes, “With an organization of this size, and with the added security concerns and scrutiny that a presidential campaign and victory would entail, it would be inexcusable for this to not have been discovered by their IT department. Any basic security audit would show the existence of these subdomains, and what servers they’re leading to. This is sloppy at best, and potentially criminally negligent at worst, depending on the traffic that is being run through these servers.”’
When questioned by Mother Jones, the Trump Organization opted to simply deny everything:
‘”There has been no “hack” within the Trump Organization and the domain names [in question] do not host active websites and do not have any content. Publishing anything to the contrary would be highly irresponsible. Moreover, we have no association with the “shadow domains” you reference…and are looking into your inquiry with our third party domain registrar. There is no malware detected on any of these domains and our security team takes any and all threats very seriously.”
‘The security expert who first alerted Mother Jones to the Trump-related shadow subdomains noted that as soon as the Trump Organization responded for this story, records related to the subdomains began disappearing. ‘
At worst, this is evidence that Trump has been manipulated and played by Russian interests for years. However, even at best, it doesn’t really look good for him – after all, even if this is just your run-of-the-mill shadow domain phishing scheme, for an organization the size of Trump’s, this speaks to gross negligence and incompetence on the part of their IT staff and management. Being this vulnerable to cyberattacks is beyond embarrassing.
Discussion of the compromised domains is starting to pick up on social media as well:
— Chris Geidner (@chrisgeidner) November 4, 2017
The Alfa Bank reference that many are making is an apt comparison. In early 2017, rumors started swirling about a possible cyber link between a server in the basement of the Trump Organization and a Russian bank (CNN):
‘Federal investigators and computer scientists continue to examine whether there was a computer server connection between the Trump Organization and a Russian bank, sources close to the investigation tell CNN.
‘Questions about the possible connection were widely dismissed four months ago. But the FBI’s investigation remains open, the sources said, and is in the hands of the FBI’s counterintelligence team — the same one looking into Russia’s suspected interference in the 2016 election.
One U.S. official said investigators find the server relationship “odd” and are not ignoring it. But the official said there is still more work for the FBI to do. Investigators have not yet determined whether a connection would be significant.’
Trump, of course, angrily denied any wrongdoing.
Here’s more on that connection via TYT:
This all certainly makes this moment from last year a little more interesting:
“Russia, if you’re listening, I hope you’re able to find the 30,000 emails that are missing. I think you will probably be rewarded mightily by our press.”
Featured image via Eduardo Munoz Alvarez/Getty Images