The Democratic National Committee’s convention in July was a historic moment for women in the United States with the official nomination of Hillary Clinton as the Democrats’ pick for president, but another headline also grabbed attention. Following reports of a cyberattack in June that breached the DNC’s network and stole data on Donald Trump, the FBI confirmed an investigation into the hack in the first official acknowledgement of a federal probe into the event. Despite Russian President Vladimir Putin’s denial of involvement (though he did call the attack a “public service”), the U.S. has now made an official accusation.
“The U.S. Intelligence Community (USIC) is confident that the Russian Government directed the recent compromises of emails from U.S. persons and institutions, including from U.S. political organizations,” a joint statement from the Department of Homeland Security and the Office of the Director of National Intelligence reads. “The recent disclosures of alleged hacked emails on sites like DCLeaks.com and WikiLeaks, and by the Guccifer 2.0 online persona are consistent with the methods and motivations of Russian-directed efforts. These thefts and disclosures are intended to interfere with the U.S. election process.”
The statement adds, “Such activity is not new to Moscow — the Russians have used similar tactics and techniques across Europe and Eurasia, for example, to influence public opinion there. We believe, based on the scope and sensitivity of these efforts, that only Russia’s senior-most officials could have authorized these activities.”
These reports come a month after Putin gave an interview to Bloomberg, in which the Russian leader remained defiant, saying, “Listen, does it even matter who hacked this data? The important thing is the content that was given to the public.’’ He added, “There’s no need to distract the public’s attention from the essence of the problem by raising some minor issues connected with the search for who did it. But I want to tell you again, I don’t know anything about it, and on a state level, Russia has never done this.”
Russian hackers have long been suspected of being behind the attack, which was blamed for the leaked emails that suggested DNC Chairwoman and U.S. Rep. Debbie Wasserman Schultz (D-Florida) used her position to provide advantages to Hillary Clinton over Bernie Sanders during the primaries. Wasserman Schultz announced that she would step down from the DNC post at the end of the convention.
In June, The Washington Post reported that the culprits were able to burrow into the DNC’s network and reads its email and chat histories. It is believed that the DNC was just one of many U.S. political organizations targeted by the hackers. The Russian embassy has denied any knowledge of the attacks.
Hackers allegedly gained access to the DNC network last year, but were purged from the system in just the last few days. The Democrats had hired breach mitigation firm CrowdStrike to investigate and clean up its networks. No financial or personal data was stolen in the breach, according to officials, and it believes the hack was an intelligence-gathering exercise.
“It’s the job of every foreign intelligence service to collect intelligence against their adversaries,” CrowdStrike president Shawn Henry said.
“Their job when they wake up every day is to gather intelligence against the policies, practices, and strategies of the U.S. government. There are a variety of ways. [Hacking] is one of the more valuable because it gives you a treasure trove of information,” he added.
Donald Trump is still new to politics, the firm explained, meaning Russian officials are still gathering intel on the GOP candidate and possible U.S. president. Trump, for example, has a lot of international investments, which could influence his foreign policy, and having access to that kind of data on Trump would be invaluable.
In its own blog post, CrowdStrike explained that it has identified two groups or operations that were possibly responsible for the cyberattacks on the DNC, dubbed Cozy Bear and Fancy Bear. The former is alleged to have infiltrated the unclassified networks of the White House, State Department, and the U.S. Joint Chiefs of Staff in the past, as well as companies in several industries and critical infrastructure networks.
Fancy Bear, on the other hand, is thought to be a separate Russian hacker operation that has also allegedly carried out attacks on foreign governments and media organizations. It has been linked to the cyberattacks last year on Germany’s Bundestag and France’s TV5 Monde TV station.
CrowdStrike CTO Dmitri Alperovitch wrote that his firm “considers them some of the best adversaries out of all the numerous nation-state, criminal, and hacktivist/terrorist groups we encounter on a daily basis.”
Updated on 10-07-2016 by Lulu Chang: Added news that the U.S. officially accused Russia of being behind the DNC attacks.