Hacking the Election: special report

John McAfee: 'Iran hacked the DNC, and North Korea hacked DYN'

Cybersecurity legend John McAfee looks to the Dark Web for answers on the DNC and DYN hacks.

john mcafee microphones

Computer software pioneer John McAfee speaks with reporters outside his hotel in Miami Beach, Florida December 13, 2012.

Credit: REUTERS/Joe Skipper

Who hacked  the Democratic National Committee (DNC)?

John McAfee -- in an email exchange and follow up phone call just moments ago -- said sources within the Dark Web suggest it was Iran, and he absolutely agrees. While Russian hackers get more media attention nowadays, Iranian hackers have had their share.

A computer hacker briefly hijacked Twitter.com in 2009, redirecting users to a website and claiming to represent a group calling itself the Iranian Cyber Army.

Earlier this year, Iranian hackers were charged by the U.S. Department of Justice (DOJ) over cyber attacks.

Why Iran? "The Iranians view Trump as a destabilizing force within America," said McAfee. "They would like nothing more than to have Trump as President."

What about Russia?

"If all evidence points to the Russians, then, with 100% certainty, it is not the Russians," said McAfee. "Anyone who is capable of carrying out a hack of such sophistication is also capable, with far less effort than that involved in the hack, of hiding their tracks or making it appear that the hack came from some other quarter. The forensic tools used to assign culpability in a hack are well known, in the cybersecurity world, to be largely ineffective. They may, sometimes, correctly identify an unsophisticated 15 year old as the source of a hack, such as the teenager who hacked the FBI less than a year ago. But they are completely ineffective against large, sophisticated groups of hackers such as those run by the Russian State."

[ RIGGED ELECTION: See CSO's package of stories challenging the validity of a hacked election ]

When asked for his Dark Web source, McAfee replied "You know better than to ask me for a link to the Underweb. I would spend the rest of my life fighting the best hackers on the planet."

There's no conclusive evidence to point the finger at Iranian or Russian hackers, but McAfee may be on to something.

And the DYN hack?

"The Dark Web is rife with speculation that North Korea is responsible for the DYN hack" said McAfee. He suspects it is Bureau 121, a North Korean cyberwarfare agency with almost 2,000 state sponsored hackers in the group. McAfee said they certainly have the capability and if it's true (that they hacked DYN) then forensic analysis will point to either Russia, China, or some group within the U.S."

There's no conclusive evidence that North Korea is responsible for the DYN hack, but McAfee is wired into a large network of underground sources.

Update: McAfee added "Bureau 121 left trails to an American company that offers services to counter DDoS attacks. The company was not named. When found, I guarantee that the company might have had cause to launch the attack. This is how sophisticated hacks work."

"Backconnect is the name of the company that Bureau 121 is trying to implicate" said McAfee. "Backconnect has a history of spoofing IP addresses so they make a perfect fall guy."

MORE FROM MCAFEE:

To comment on this article and other CSO content, visit our Facebook page or our Twitter stream.
Insider: Hacking the elections: myths and realities
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.