As our recent blog stated, almost 20,000 DNC emails were posted by WikiLeaks on Friday, and it was believed to have been compromised by Russian hackers. Details are coming to light, however, that the breach may not have been committed by just any Russian hackers, but by hackers commissioned by the Russian government in order to bring down Hilary Clinton.
The Trump Connection
Five different U.S. officials who are close to this investigation (and have chosen to stay anonymous due to the ongoing nature of the investigation) now believe that the breach was a deliberate act of sabotage against the DNC. Trump has been an avid supporter of Putin and opponent of NATO. Putin has openly supported Trump’s nomination and Russia would have a lot to gain if NATO was demolished.
Additionally, there are a number of other links connecting Trump to the Russian government:
- Trump’s campaign manager was consultant for Yanukovych. Paul Manafort was a consultant for the former Ukranian president that was ousted from his position due to his pro-Moscow views. In fact, the former President now actually resides in Russia.
- Trump Security Advisors seem a bit shady.
- One of Trump’s top advisors is Michael Flynn is a retired Army General who was not only seen sitting with Putin at the 10th anniversary celebration for RT, a Kremlin-supported media network, but the was also paid to give a speech at the dinner. Then, shortly after the dinner, he posted an anti-Semetic tweet with a re-tweet that questioned the link between Trump and the Russian government.
- Carter Page, who is another Trump adviser, was recently in Moscow. While there, he criticized the US for their ““often-hypocritical focus on democratization.”
- Trump backs Russia against NATO allies. He stated that he would most likely not aid NATO allies against Russian attack, unless they pony up on what he believes they owe to Europe for their common defense.
It would not be the first time that the Russian government has tried to help rig a US presidential election, and the Putin-Trump connections are a serious concern.
“Given Donald Trump’s well known admiration for Putin and his belittling of NATO, the Russians have both the means and the motive to engage in a hack of the DNC and the dump of its emails prior to the Democratic Convention. That foreign actors may be trying to influence our election—let alone a powerful adversary like Russia—should concern all Americans of any party,” Rep. Adam Schiff said in a released statement.
The Breach
The DNC was notified of the thefts by the FBI in April, when the they first uncovered the breach that included not just the DNC, but multiple U.S. governmental agencies as well. Once alerted, the DNC hired the cybersecurity firm, CrowdStrike to investigate. What they, as well as an independent security firm, ThreatConnect, discovered was that information had been stolen by two hacker groups with known ties to the Russian government – Cozy Bear and Fancy Bear.
These groups do not work in tandem, however; they are in direct competition with each other. Investigations showed that one of the groups was able to breach the DNC last summer, while it was the other group that was reportedly responsible for the most recent hack.
Before the leak of the DNC emails, it was believed that Russia stole the information, primarily to learn more about the next American leader. Additionally, there are indicators suggesting that foreign hackers are targeting both presidential candidates. The fact, however, that only DNC emails were leaked, and to none other than the infamous anti-U.S. government site, WikiLeaks, changes that motive entirely.
The Fall Out
If it is the Russians who breached the systems in order to make the DNC look bad, then they are succeeding.
After an email was released proving DNC attempts to undermine the Sanders’ campaign, DNC Chairwoman Debbie Wasserman Schultz announced that she would step down after the DNC convention, which will be held in Philadelphia and is beginning in a few days.
It is also believed that this is just the beginning of many more leaks to follow and that the timing of the publications of the emails on WikiLeaks is not a coincidence.
“If there is a concerted effort to undermine the campaign of the Democratic Party nominee, we can and should expect additional embarrassing emails to be released by Wikileaks, including from candidate Hillary Clinton’s personal server,” Shedd, the former Defense Intelligence Agency chief, said.
The Investigation
The FBI has stated that they are investigating the matter, but it should also be noted that they may have their hands tied, as far as the intention of the leaks are concerned.
While they do want to find out who is responsible for the cybercrime, they have not commented on whether or not political manipulation is part of the equation; however, if they find evidence that Russia is behind this, they will most likely make that information public, thus condemning the country through public indictment. It will be much easier to investigate the breach as opposed to the intent of the hackers because there are clear laws against the theft of information, and it would be much more difficult to prosecute for intent.
Oddly enough, the leak contained emails that further indicated possible foreign interference in this already-crazy election year.
Case in point is an email written by a DNC researcher, Alexandra Chalupa, to a colleague in early May. From the time she began to investigate Trump’s aforementioned campaign director, Paul Manafort, she began receiving security alerts from Yahoo! that her personal Yahoo! email account might be “the target of state-sponsored actors.”
Then, a few days after receiving notice that the DNC’s blog, Factivists, had been compromised, she also emailed the DNC communications director, Luis Miranda, to let him know that even though she was constantly changing her email, she was continuing to receive the notification, which Yahoo! commonly sends out to users that they believe might have been hacked.
In another leaked email, dated a couple of weeks after Chalupa’s, two DNC members emailed each other about a donor, “Agnes,” whose email had stopped working after it had been hacked. It is not known if Agnes’ email had been commpromised by one of the Russian hacker groups or if it was just a random act of cybercrime. The DNC has since stated that they do not believe that donor files were stolen.
The Cybertheives
Although it can be nearly impossible to uncover the source of a breach with 100% accuracy, CrowdStrike (the security firm hired by the DNC to investigate the theft), is linked to both the FBI and the US intelligence community as a whole, and was able to identify the likely culprits by comparing methods used for this attack to methods used by known hacker groups in previous attacks.
CrowdStrike reported that the group known as Fancy Bear has been known to create websites that look just like the targets’ web-based email server, so that it tricks the victims into giving the hackers their username and password, which the hackers then use to log into the real site. According to CrowdStrike, this method has been used to successfully infiltrate several US governmental networking systems.
Cozy Bear, on the other hand (or paw?) prefers to use “spearphising” campaigns. They send mass emails to their intended victims that look like they are from a legitimate source; however, the emails actually contain links to websites that have been encrypted with malware. These sites will then encode viruses onto the unsuspecting computer that will allow the hackers to access the device remotely while using additional code that covers the handy work.
While it is not yet known just how the DNC was breached, both CrowdStrike and ThreatConnect were able to confirm that their analysts recognized the hackers’ signatures right away.
The Conclusion
While Americans surely want to know what happened as soon as possible, the collective crowd will most likely have to hold its collective breath. It is highly unlikely that the FBI will release any findings until after the elections, and rightly so.
There is tension right now between the United States and Russia as the two powerful countries work towards an agreement involving Syria. They are trying to come to compromise regarding air strikes and information sharing, but it is difficult because there are many people in the US government who do not trust the Russians.
In addition to adding to relationship tensions, the FBI does not want to be held accountable for the win or loss of any presidential candidate. Just as many Republicans (and Bernie Sanders’ supporters) are furious with the FBI for their decision to not press Clinton with charges over the email scandal, many Trump supporters would likely accuse the FBI of attempting to blemish Trump’s image by connecting him with the Russian government.
It is definitely tumultuous time for not only the DNC and the RNC, but for American citizens on the whole. Only time will tell if this leak will have an impact on the elections and on the relationship between the two powers.