What is Google Chromecast and why should you care?

Google Chromecast is a device you can use to send things from a small screen to your big screen TV.

It’s super easy to figure out, set up, and use. With it, you can send a YouTube video on your phone to a TV, or you can send a website on your computer to your TV. And that’s just two of the possibilities. To help you learn what Google Chromecast is, how it works, and what it can do, Pocket-lint has explained everything you need to know about the affordable HDMI dongle.

What is Chromecast?

Google launched the first $30 (£30) Chromecast in 2013. It’s an affordable HDMI dongle that lets you wirelessly “cast” content to a television. It basically makes most TVs smart. Then, in 2015, Google launched $30 Chromecast 2. It’s faster, more responsive, and just as affordable. And it arrived with an updated Chromecast app that serves as a one-stop shop for finding compatible apps and specific content across those apps.

In 2016, Google introduced the $69 (about £50) Chromecast Ultra, which works identically to its predecessors but uniquely offers the ability to cast 4K streams. Google also offers a $35 Chromecast Audio. Unlike the other three Chromecasts, Audio lets you wirelessly “cast” to speakers. That means your old speakers will essentially be turned into modern day speakers capable of playing music streamed from your devices.

For more information on Chromecast, check out these guides:

• Chromecast 2 review: Make any TV smart, effortlessly
• What is Google Cast for Audio?
• Chromecast now has a guest mode: Here’s how to turn on the feature
• What is Google Chromecast and why should you care?
• Roku Streaming Stick vs Google Chromecast
• Amazon Fire TV Stick vs Google Chromecast vs Roku Streaming Stick
• What is Google Chromecast and why should you care?

How does Chromecast work?

Requirements

In order for Chromecast to work, you need to plug it into an HDMI input on a TV/display as well as an open USB port on your TV/display (or an open power wall outlet). You also need a compatible Android device or iOS device with the latest version of the Google Cast app installed, or you need a compatible Windows computer, Mac computer, or Chromebook computer with the latest version of the Chrome browser installed. It’s important that your Chromecast and device or computer are connected to the same Wi-Fi network. Otherwise, you cannot cast to your TV.

Set up Chromecast

Check out Pocket-lint’s separate guide on how to set up Chromecast. The process involves plugging your Chromecast device into your TV’s HDMI port and a power source (either via USB on your TV our a wall outlet), then in installing the Google Cast mobile app on your mobile device to begin the setup process, and following the app’s setup instructions (also available here).

The app will automatically find your Chromecast and prompt you to connect it to the same Wi-Fi network connected to your mobile device. You can also set up Chromecast to work with your computer. Simply install the Chrome browser on computer, and then navigate to chromecast.com/setup from the browser to setup Chromecast (or you can quickly install the Google Cast extension).

• Google Chromecast: How to set up Chromecast and get started with it

Things you can do

With Chromecast, you can cast movies, TV shows, and photos from Cast-enabled apps on Android smartphones, Android tablets, iPhones, and iPads. You can also cast entire sites or tabs from the Chrome browser on Windows desktops, Windows laptops, Mac desktops, Mac laptops, and Google Chromebooks. There’s no remote required. To manage your Chromecast, use the Google Cast app or Google Cast browser extension.

You can also cast your Android screen to your TV. Simply open the Google Cast app and tap the navigation drawer. From there, tap the Cast Screen button and select your Chromecast device.

How to cast

Check out Pocket-lint’s separate guide on how to cast with Chromecast. But in a nutshell, all you have to do – once you set up Chromecast – is tap the Cast button from a Cast-enabled app such as YouTube on your mobile device, and the content will instantly appear on your big TV. From Chrome browser on your computer, you can also tap the Cast button in a video player like YouTube.

Although it’s not required, you can install the Google Cast extension in order to get the Cast icon in your browser toolbar. From there, simply click the icon, then choose the Chromecast device you would like to cast to, and wait for the contents of your tab in Chrome to appear on your TV.

Which apps and sites are Cast-enabled?

Google

Apps

Casting to your TV is a simple way to enjoy your mobile apps on a big screen. You can even use your mobile device or tablet as a remote and control everything from playback to volume. Within the Google Cast app, you can tap What’s On to browse content from Cast-enabled apps you’ve already installed. You can also tap Get Apps to find Cast-enabled apps you haven’y installed yet.

Visit the Google’s website to see a list of all Cast-enabled apps. Examples include Netflix, Spotify, HBO Now, Hulu, Angry Birds with Friends, Watch ESPN, Google Photos, YouTube, PBS Kids, Twitch, Pandora, and thousands more.

Sites

Some websites are Cast-enabled. Currently, YouTube, Netflix, Google Play Movies, Google Play Music, and more are Cast-enabled (see the full list here), and Google said it is adding new ones all the time. You will you know if a website is Cast-enabled when you see the Cast button on the website within the video player. For sites that are not Google Cast-enabled, you can use the Cast extension to view the content on your TV.

Why should you care about Chromecast?

Sometimes it’s just fun to experience things on a bigger display. Let’s say you’re hanging out with friends and want to show them all a funny YouTube video. Instead of huddling around your phone, you can cast it to your TV and enjoy it on the big screen. Similarly, maybe you want to show your friends a cool website… instead of crowding around your laptop, you can cast the site to your TV.

It’s easy to see the benefits of Chromecast. Plus, it’s cheap and simple to set up and use.

The looming spectre of cyberwar with Russia

In the world of cyber (as in security), the question of the week seems to be, “are we going to cyberwar with Russia?”

White House Press Secretary Josh Earnest thinks so. A week after President Obama singled out Russia as being responsible for cyberattacks on targets including the Democratic National Committee, Earnest said in a briefing that the administration would be serving a “proportional” response to Putin and the gang.

That response would be reciprocation for the very public (and not particularly sophisticated) hacking we’ve seen targeting the Democratic side of this particular presidential election. This includes the DNC hacks, the Guccifer 2.0 clowning around, the targeted feeding of docs to WikiLeaks. And, if we’re going to include all the hacker toolsets, the unprecedented use of bots to influence opinion on social media in favor of the Republican candidate.

I’d totally hack Trump… if he lost a little weight

Donald Trump is now an outspoken WikiLeaks fan. This professionally combines the pussy-grabber with a man in exile because he’s been accused of rape; an exile whose ambassador has been accused of multiple sexual assaults … creating a he-man-woman-hater’s club trifecta for the ages.

No one’s hacked Trump or the RNC and spilled the beans — yet, anyway. Which is weird considering how crappy bits and pieces of Trump’s security have been shown to be, and how abysmal government organizations are proving to be at cyber defense.

As for Trump, he left his own site wide open, and his email servers are riddled with security holes. Maybe he’s been lucky, or someone on his team hired some good hackers to protect him.

But based on the cyberlaw of cyberaverages, I think one of two things are most likely: Either he’s been hacked and the crew is sitting on docs, or hacking him and/or the RNC requires nation-state level resources… and no nation is motivated to hack him. Maybe because to other nations he’s only a four. Alright, maybe a five if he had some State Department briefings on a server somewhere… and lost a little weight.

The people who like to equate zero days to missiles and suggestions of ‘stockpiles of cyber bombs’ must be pretty psyched we’re on the cusp of a cyberwar. And we are. Vice President Joe Biden added his voice to the cyber-saber-rattling when he told press “We’re sending a message. We have the capacity to do it.” Biden singled out Putin when he added, “He’ll know it. And it will be at the time of our choosing. And under the circumstances that have the greatest impact.”

Cyber World War One?

So I guess we’re going to have that “Cyber Pearl Harbor” that septuagenarian politicians have been using as a boogeyman for the past ten years, after all. But what does that even mean?

A number of pundits think cyberwar against Russia will come in the form of embarrassing Putin, his government and ruling class. Not to mention the Russian hackers who work for the government. Britain’s doing cyberwar too, but seems to be keeping far more quiet about it than we are. Law-and-war analysis blog Lawfare posits that there’s nothing new to be hacked. Because of this, they conclude, all cyberwar can do is reveal of information the US has already purloined in hacks our spies have done over time.

Talk about zero points for creativity! The law and war pundits might not be looking at the world around us, but most of us who are worried about what cyberwar might mean certainly are — and we’re more than a little worried about acts of war and the cybers. I mean, not only do we all watch films and TV, we’re painfully aware that major breaches are commonplace, that industrial control systems are not in the best of shape, and that the internet of things is definitely not our passive and always-helpful friend.

Perhaps we’ll find out that DDoS is the new D-Day. I don’t know about you, and I’m not friends with any anti-hacking hippies, but I’d really rather that my country not have to ask Russia, “shall we play a game?”

I think that to most people, this kind of war is going to be even harder to conceive than any in history: The American public will literally not understand what it looks like. As a result it will feel far less real, there will be misinterpretation a go-go, and public accountability has left the building. There will be no draft, no foxholes and no bombs, no shrapnel, no Purple Hearts, no boots on the ground, and to the outside observer, no noise, no honor, and no cost.

There won’t be any cyberwar protests, anti-cyberwar songs or movements, or hippies hoping we’ll just give cyber peace a chance. Nor will there be any ticker-tape parades for triumphant returning heroes of the cyberwar. Hell, there won’t even be a clear victor.

Images: AP Photo/Evan Vucci (Trump); AP Photo/Markus Schreiber (Putin)

Swappa’s new full service app lets you buy and sell right from your phone

Your next Swappa experience will probably be through this app.

Folks who know how to get the best deal on selling their current phone to pay for their next one already know about Swappa. It’s the best service on the planet for quickly buying or selling phones, and one of the few experiences where the buying and selling process feels safe and friendly. Most of that is due to having a live support team to help deal with problems at all times, but it also helps that Swappa is focused on being a tech reselling service specifically.

Over the years Swappa has grown to support many different kinds of phones and tablets and Chromebooks, and has even acts as a third-party system for buying and selling VR hardware now, but it’s all done through the website. That’s fine if you’re at a desk, and works well enough if you’re using a mobile browser, but the new Swappa app really pulls the whole experience together on your phone.

If you’ve used Swappa before, the app won’t surprise you. Go to the carrier you’re interested in, swipe until you find the hardware configuration you want, and you can either look at existing listings to consider purchasing or create a new listing to see your tech. Creating a listing in the app is just as quick and thorough as it is on the website, making it so you can have your phone out there for people to buy within minutes. It’s simple, straightforward, and makes the case for never really needing to use the website for much anymore.

Grab Swappa from Google Play!

Google Pixel XL first impressions: MrMobile edition

Eight years after the first Android phone hit shelves, the Google Pixel is here to solidify the concept of the “Google phone.” Onboard: upgraded intelligence, heavily optimized software, and a camera that works with the gyroscope to produce insanely steady videos. From what Alex and Daniel are saying, it does a pretty bang-up job of redefining what an Android smartphone can be. But all that promise is wrapped up in a humdrum casing that looks unfinished at best and derivative at worst. What’s more, the $649 price tag means this first-gen product needs to bring the heat if it wants to compete.

My full review in the coming days. In the meantime, join me for some initial impressions following a day on the streets of Shanghai with the Google Pixel XL

While you wait, why not catch up on Android Central’s reviews of the Pixel and Pixel XL:

• Check out AC’s official review of the Pixel XL here
• Check out Andrew Martonik’s review of the Pixel XL for a U.S. perspective
• Check out Daniel Bader thoughts on the smaller Pixel

Get social with MrMobile

• YouTube
• Le web
• Twitter
• Facebook
• Snapchat
• Instagram

Google Pixel + Pixel XL

• Google Pixel and Pixel XL review
• Google Pixel XL review: A U.S. perspective
• Google Pixel FAQ: Should you upgrade?
• Pixel + Pixel XL specs
• Understanding Android 7.1 Nougat
• Join the discussion in the forums!

Google Store
Verizon

Why I’m ready to ditch the Nexus 6P for the Pixel XL

When your phone starts acting up, sometimes you have to live with it.

If you follow me on social media, you’ve likely read my complaints about my year-old Nexus 6P. Frankly, my “Really Blue” Pixel XL can’t get here soon enough. I’m ready to throw Google’s last Nexus device out the window. The frequent lag, the touch-input delay, the poor battery life—things seem to have taken a turn for the worse these last six months with the Nexus 6P as my daily driver. Every day with it is a lesson in patience.

The beginning of the end

The Nexus 6P’s performance issues started several months ago, around the time I was covering Google I/O. I remember getting frustrated at how long it took to type anything with the Google Keyboard app. I’d tap a key and then it would take about five seconds for the interface to respond. Eventually, I’d type entire sentences and wait for the interface to catch up with my input. I’d pray the end result was accurate, and for the most part it was, but penning even simple text messages became a chore.

Then I started missing out on photo opportunities. The Nexus 6P’s HDR processing became a slow crawler — a far cry from my first month with the device when it would take a mere second for the camera app to start up with a double-press of the Power button. The HDR was so slow to process that sometimes it would remain stuck and I’d lose the end result.

The HDR was so slow to process that sometimes it would remain stuck and I’d lose the end result.

I don’t always have the luxury of standing around and waiting for the phone to finish what it’s doing, so now I avoid taking photos with it altogether. There’s a reason they call it pointing and shooting, but that’s not something I am confident doing with the Nexus 6P in hand.

The 6P seemed to officially hit its edge after I updated to Nougat. Man, that was a bad idea. The touch input lag became worse, and now there are days where I’ll press down the power button and the phone will take about 30 seconds to turn on the screen. What’s worse: Despite the addition of Google’s souped-up Doze mode, the phone hardly lasts through to the early afternoon without screaming for a charge. This is no way to live life with your smartphone.

Why don’t you just factory reset, Flo?

This past year, I was deep in the throes of a major life event. Resetting my smartphone was simply not an option. I had phone numbers and message threads that had accumulated and I simply couldn’t deal with attempting to backup all of that data. As it stands, Android’s native backup abilities are still a bit half-baked, and I typically try to avoid having to attempt to restore anything precisely because it turns into a major project.

I tried a few other quick fixes instead. First, I cleared the system cache, so that I could remove any extra data leftover from the apps and APKs I had uninstalled. That didn’t help. Then, I removed any memory-intensive applications, like Facebook, Facebook Messenger, and an app I absolutely adore, Should I Answer?, which blocks spam callers. That app runs in the background and cross references the phone number calling you with a massive database before it lets the call through. However, uninstalling it didn’t help and I kept accidentally answering spam calls.

You shouldn’t have to reset your phone to fix performance issues.

Finally, I went in and turned off Developer Options. I figured that was the culprit in the first place, but still, the phone suffers from severe slowdowns from time to time. Earlier this week, for instance, I was driving an hour to Sonoma County and the 6P’s screen wouldn’t turn on despite the fact that I had Google Maps in navigation mode. I could hear the turn-by-turn directions dictated through my car’s stereo speakers, but I couldn’t actually see the route ahead. I had to pull over and manually restart the phone by holding down the power and volume up buttons. This is about the third time I’ve done this in six months. It’s really distracting to have your phone acting up while you’re driving.

The time for Pixel is now

No typical smartphone user wants to think about resetting their phone to make it run smoothly—especially after only a year with it as a daily driver. For some users, the mere thought of doing so is incredibly overwhelming.

Earlier this year, I managed to convince my mother to take the Nexus 6P for a test drive while she was overseas. She loved it; she loved the look of stock Android and how much bigger the phone was than her Samsung Galaxy S6 Edge. However, I can’t imagine what she’d do if she were having the same problems as me. My mom isn’t savvy enough to do the kind of troubleshooting unless I carefully walked her through it. But frankly, no one should have to do that. This is what Google’s attempting to say with its new line of smartphones. You shouldn’t have to be a developer or a tinkerer to get your smartphone working when it’s throwing a tantrum. It should simply work, even a year after you’ve taken it out of the box.

I still haven’t factory reset the Nexus 6P because, at this point, I’m waiting for my Pixel XL to arrive. When it gets here, I can finally troubleshoot what’s been going on with the 6P these past several months. Then, I’ll do a fresh restart of Android 7.0 Nougat—or, hopefully, 7.1—and see if the phone is functioning any better. I don’t want to write off the Nexus 6P yet because it’s been quite the workhorse, but I am curious to see how Google’s last Nexus device stacks up in the long run.

Your turn

How’s your Nexus 6P holding up a year later? Is it chugging along, or just plain chugging? Let us know in the comments below!

Google Pixel + Pixel XL

• Google Pixel and Pixel XL review
• Google Pixel XL review: A U.S. perspective
• Google Pixel FAQ: Should you upgrade?
• Pixel + Pixel XL specs
• Understanding Android 7.1 Nougat
• Join the discussion in the forums!

Google Store
Verizon

NASA finds likely crash site for ESA’s ExoMars probe

Just as we expected, NASA’s Mars Reconnaissance Orbiter (MRO) has detected the potential crash site for the European Space Agency’s missing ExoMars Schiaperelli probe. The MRO located a bright spot and dark patch on the Martian surface near the probe’s planned landing area, which NASA believes to be the remnants of the probe’s parachute and lander module, respectively. While we’ve only got a fairly low-resolution image so far, we should know more next week when the MRO passes over the area again with a higher resolution camera.

The ESA’s ExoMars mission, which aims to search for trace signs of life on the red planet, reached Mars’ orbit on Wednesday following a seven-month journey. After separating itself from its partner ship, the Trace Gas Orbiter, Schiaperelli began transmitting data about the planet’s electric fields as it made its way through the atmosphere. The ESA initially couldn’t confirm if the probe had landed successfully, and later said that it lost contact right before its expected landing.

Jan Woerner, the ESA’s director general, still considers the mission an overall success, despite losing contact with the probe. “This means we will obtain information from a close analysis of the data that Schiaparelli was built for, notably on the performance of elements such as the heat shield, parachute, radar, thrusters and so on,” he wrote on his blog. “This information can subsequently be used to improve the design of the 2020 Exomars mission, since in that mission the survival of the descent module will be of real scientific relevance.”

Via: BBC

Source: NASA

Evidence ties Russia to Podesta and Powell email hacks

Back in March, Hillary Clinton’s campaign chairman John Podesta received a frantic-sounding email about his account security and clicked a shortened link that appeared to be from Google. Instead, it redirected to a spoof page that gave hackers access to his password. Half a year later, WikiLeaks started publicly releasing thousands of his emails on October 9th, a month after the seemingly unrelated leak of Gen. Colin Powell’s personal messages. Security firms, journalists and a hive of independent researchers have spent the interim analyzing the digital break-ins and have arrived at the probable culprit behind these and several other hacks: Russia. But definitively attributing it to the country’s intelligence services is difficult, if not impossible.

When WikiLeaks began publishing thousands of emails from DNC accounts back in July, it only took a few days for the FBI to start investigating Russia’s involvement in the hack. On October 7th, the US government made the rare decision to publicly blame Russia for directing “the recent compromises of e-mails from US persons and institutions.” The DHS declined to state how they came to that conclusion, notes Motherboard, though they probably have data we can’t see.

That left the media and researchers to connect many dots, but a pair of extensive pieces published yesterday by Motherboard and Esquire all but conclude that Russia is most likely behind the seemingly disparate hacks. The full story is a complex chain explaining the handful of mistakes made by two different groups, nicknamed Fancy Bear and Cozy Bear. It heavily suggests that their separate efforts breaking into the email accounts of Podesta, Powell, and members of the DNC and Hillary Clinton’s campaign staff were directed by the Russian government.

The first piece of evidence is the shortened URL that Podesta erroneously clicked on that redirected him to a phony Google page where he likely submitted his password, a tactic known as spear-phishing. This truncated link, it turns out, was one of 12,000 created and used by Fancy Bear to target 5,000 individual Google email addresses from March 2015 to May 2016. But those attacks were too broad and voluminous to be done manually. Fancy Bear made a program that automatically generated the attacking links and fed them through the popular URL-shortening service Bit.Ly.

The firm SecureWorks, which has been tracking the hacker group for the last year, found that each of the slim URLs in question were created by a number of Bit.Ly accounts belonging to the hacker group — but Fancy Bear forgot to make two of them private. That let SecureWorks see many links they’d created, and when the firm figured out how to decode the automatically-created URL, they found that each contained the target’s email address. By decoding each Bit.Ly link created by the accounts, they found a list of targets, giving the firm a macro view of the group’s extensive and varied spear-phishing campaigns, which included addresses in Ukraine, the Baltics, the United States, China, and Iran, according to Esquire.

SecureWorks built a target portfolio to see who Fancy Bear was working for. Lo and behold, the addresses attacked included a host of military, political, and government leaders in Ukraine, Georgia and other former Soviet states. They also sent spear-phishing emails to NATO military attaches, diplomatic and military personnel from the US and Europe, and critics of the Russian government from around the world. The pieces started to fit together as the firm identified more similarities between the previous hacks and those targeting Podesta, other members of Clinton’s campaign staff and the DNC. Namely, the malware and server infrastructure supporting it are unique, acting like calling cards for Fancy Bear, according to SecureWorks’ Senior Security Researcher Tom Finney.

“The link to Fancy Bear is very firm, germane to the structures they used before. We track these groups by the toolsets they use, the malware they use, because they tend to have bespoke sets of malware that’s only used by one group. That tends to be quite discrete, so you can say that if this malware is being used, it’s being used by this group,” said Finney.

From March to May, SecureWorks saw that Fancy Bear was sending more spear-phishing emails to people in the US. Because Bit.Ly tracks when their URLs are clicked, the firm was able to see that of the 108 email addresses targeted at the Clinton campaign from March to May, 20 of the erroneous links had been opened; And of the 16 targeted at the DNC, 4 people had clicked, as Buzzfeed reported last week.

SecureWorks released this information in a June 16th report, stating with “moderate confidence” that Fancy Bear’s attacks were likely directed by Russia. Most of the group’s targets in the previous year were individuals that were enemies of, or people of interest to, the Russian government.

“The 5,000 emails was quite a big data set,” said Finney. “Added together, we can’t really think of who else would be satisfied by the kind of information targeted by this group. So that’s why we think it’s Russia.”

But they weren’t the only ones paying attention. Fellow firm CrowdStrike released its own report on July 15th after the DNC called on them to investigate a breach in their security. Within a week, WikiLeaks publicly released 19,000 DNC emails that they had acquired.

A hacker entity identifying itself as Guccifer 2.0 claimed credit as a lone hacker. But CrowdStrike identified both the Fancy Bear and Cozy Bear hacker groups’ presences on the DNC’s network, recognizing their tradecraft and tactics used to evade detection. While Cozy Bear was content to target whole departments and quietly collect data for years once inside, it was Fancy Bear’s more aggressive research and intrusion activity that tipped off security experts. Thanks to metadata in the released documents and Russian-language settings, security experts dismissed Guccifer 2.0’s claim to be a Romanian national, rather theorizing it to have been a hollow account created by Fancy Bear or those acting with it as a distraction.

Fancy Bear’s failure to keep its Bit.Ly accounts private gave SecureWorks insight into the group’s targets — which is how researchers identified the link Colin Powell clicked on that lead to his email getting hacked. This helped them confirm other compromises, like that of Clinton campaign staffer William Rinehart, as The Smoking Gun reported in August. Other groups have been targeted by similarly-constructed links, like Bellingcat, the journalist organization investigating the destruction over Ukraine of flight MH17, points out Motherboard.

A third group known as the Shadow Brokers, as detailed by Thomas Rid in Esquire, took documents hacking tools from the NSA itself via its elite cyber infiltration unit, Tailored Access Operations. The group either compromised a computer that TAO used to stage its own attacks or acquired the assets the old-fashioned way using a mole. The Shadow Brokers published these tools on Github and elsewhere, and security researchers confirmed their authenticity.

Meanwhile, Cozy Bear had been using some two hundred Microsoft OneNote cloud storage accounts to “exfiltrate” data back to Moscow, according to Rid. Microsoft provided information to US digital spies to help them confidently identify the DNC hackers as Russian.

These data points, combined with the nigh-unprecedented move by the DHS of openly blaming Russia for these and other hacks, strongly suggests that their government orchestrated a multi-armed campaign to gather documents germane to the US presidential election. But when making those stolen emails publicly available on WikiLeaks impacts public opinion, as Rid describes in Esquire, the campaign looks less like espionage and more like an attempt to influence the outcome of the election.

In the digital intrusion trade, hackers are known to plant diversions to misdirect security. These “false flags” might even be patterned after tactics known to be used by other countries’ teams. A presentation by Kaspersky Lab at this year’s Virus Bulletin security conference pointed out how effective this misdirection can be. According to a summary of the talk by Summit Route’s Scott Piper:

“In one case, of an assumed Russian [advanced persistent threat] actor, it identified researcher systems running the first stage malware, so it sent down Chinese APT to the researchers as the second stage to throw them off, while sending down their real second stage to the actual victims.

In a similar case, when Turla (also Russian APT) worried they’d been detected, as they were pulling out their malware, they sent down a rare Chinese malware named Quarian for the IR team to investigate. This both gave them time to cover their own tracks, while at the same time burning China’s toolset.”

Ergo, there’s a chance that security experts and journalists could wrongly attribute cyber attacks, even with good evidence. Remember the Sony megahack, where the US government first didn’t blame North Korea, then they did, and the security community couldn’t decisively agree?

Hence SecureWorks’ “moderate confidence” that Russia is behind these hacks, a level which generally means that “the information is credibly sourced and plausible but not of sufficient quality or corroborated sufficiently to warrant a higher level of confidence.” In that middleground, they can’t definitively say that it was Russia, but they can illustrate how ludicrously difficult it would be to frame them by creating a Fancy Bear operation and targeting so many individuals over a year and a half, said SecureWorks’ Finney.

“I base my assessment on the evidence. I go back to the overwhelming evidence, I think, of the targeting of this particular group. So we have 5,000 email accounts that were targeted. That’s very difficult to make a false flag operation, to target 5,000 email accounts to make it look like the Russians,” said Finney.

SecureWorks doesn’t have the means or resources of an intelligence agency to definitively prove that Russia was behind the hacks in a criminal case, said Finney. For their business, they examine circumstantial evidence to arrive at conclusions. That’s the benefit for security firms of doing so much research in order to attribute blame: Now that they know with confidence the attackers’ motivations and tactics, SecureWorks can make recommendations to shore up their clients’ security. Against a spear-phishing campaign like this where attackers dupe targets into giving up email passwords, said Finney, clients can increase their protection by taking steps as simple as turning on two-step authentication.

Via: The Daily Dot

Source: Motherboard, Esquire