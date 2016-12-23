Emails PDF downloads promising a postmortem analysis of the greatest political upset since Truman defeated Dewey.

Adding insult to injury, two of the five waves of spear-phishing attacks on a few hundred very targeted individuals appeared to be messages forwarded by the Clinton Foundation, according to Steven Adair, CEO of the Washington, D.C.-area security firm Volexity, which announced the attacks were engineered by hackers known as The Dukes.

“Other people have said [The Dukes] are definitely related to Russia, or maybe work for the [Russian] government,” Adair says, stopping short of attributing the attacks to the country. Nevertheless, he believes The Dukes fall into the nation-state category. “They have the resources and capabilities and the way they operate is not a volunteer effort by a group of hobbyist hackers,” Adair says. These attackers, he adds, typically have deliberate goals to find out specific policy plans or information.

“While the infrastructure used in the SPE attack overlaps with infrastructure attributed to malicious cyberactivity linked to North Korea, previously malicious IP addresses are not necessarily still used by the same attackers,” the February 2016 Novetta report stated.

“Attribution is never definitive because with enough knowledge and preparation, a sophisticated adversary can masquerade as a different threat actor,” cautions James Scott, senior fellow at the Institute for Critical Infrastructure Technology (ICIT), a Washington, D.C.-based think tank.