US intelligence: Foreign hackers spying on campaigns

The United States sees evidence that hackers, possibly working for foreign governments, are snooping on the presidential candidates, the nation's intelligence chief said today.
Government officials are working with the campaigns to tighten security as the race for the White House intensifies.
The activity follows a pattern set in the last two presidential elections. Hacking was rampant in 2008, according to US intelligence officials, and both President Barack Obama and Mitt Romney were targets of Chinese cyberattacks four years later.
Despite that history, cyber experts say neither Donald Trump's nor Hillary Clinton's campaign networks are secure enough to eliminate the risk.

"We've already had some indications" of hacking, James Clapper, director of national intelligence, said at a cybersecurity event at the Bipartisan Policy Center in Washington. He said the FBI and the Department of Homeland Security were helping educate the campaigns.
Of the attacks, Clapper predicted, "we'll probably have more."

The revelation comes after a Clapper's office released a document earlier this month saying foreign intelligence services tracked the 2008 presidential election cycle "like no other."
The document was part of a slide show used to warn incoming Obama administration officials that their new jobs could make them prey for foreign spies.

Eight years ago, foreign intelligence services "met with campaign contacts and staff, used human source networks for policy insights, exploited technology to get otherwise sensitive data, engaged in perception management to influence policy," the document said. "This exceeded traditional lobbying and public diplomacy."
Jonathan Lampe with InfoSec Institute, a private information security company in Chicago, said security hasn't improved significantly since then.
In October, he evaluated the security of sixteen candidates' websites and wrote a pair of 20-page reports.
Using the reconnaissance skills of a casual hacker, Lampe pulled full lists of site user names and technologies used on most sites. In some cases, he discovered which directories were accessible from the Internet and which weren't. He learned what software products Hillary Clinton campaign's used from a job posting soliciting a computer-wise staffer.

"Everybody was sitting with their pants down and by the time we looked at the sites in March, everybody had made fixes," Lampe said.
But countries are probably still snooping, he said: "The sites were open enough back in October that anyone who grabbed the information then and wanted to use it, could still use it now.