The greatest miracle of the internet is that it exists—the second greatest is that it persists.
Every so often we’re reminded that bad actors wield great skill and have little conscience about the harm they inflict on the world’s digital nervous system.
Word arrived that Russian hackers had infiltrated the servers of the Democratic National Committee, an attack persuasively detailed by the respected cybersecurity firm Crowd Strike.
The computer scientists posited a logical hypothesis, which they set out to rigorously test: If the Russians were worming their way into the DNC, they might very well be attacking other entities central to the presidential campaign, including Donald Trump’s many servers.
It had a history of sending mass emails on behalf of Trump-branded properties and products.
Researchers were ultimately convinced that the server indeed belonged to Trump.
“When they say something about DNS, you believe them.(Click here to see the server’s registration record.) But now this capacious server handled a strangely small load of traffic, such a small load that it would be hard for a company to justify the expense and trouble it would take to maintain it.“I get more mail in a day than the server handled,” Davis says. When the researchers pinged the server, they received error messages.But his discovery of the data was pure happenstance—a surprising needle in a large haystack of DNS lookups on his screen.“I have an outlier here that connects to Russia in a strange way,” he wrote in his notes. But what he saw was a bank in Moscow that kept irregularly pinging a server registered to the Trump Organization on Fifth Avenue.To extend the traffic metaphor, these scientists have cameras posted on the internet’s stoplights and overpasses.They are entrusted with something close to a complete record of all the servers of the world connecting with one another.More data was needed, so he began carefully keeping logs of the Trump server’s DNS activity.As he collected the logs, he would circulate them in periodic batches to colleagues in the cybersecurity world. (I communicated extensively with Tea Leaves and two of his closest collaborators, who also spoke with me on the condition of anonymity, since they work for firms trusted by corporations and law enforcement to analyze sensitive data.and won a FBI Director Award for Excellence for his work tracking down the authors of one of the world’s nastiest botnet attacks.“It looked weird, and it didn’t pass the sniff test.” The server was first registered to Trump’s business in 2009 and was set up to run consumer marketing campaigns.