As each day passes, the news about the hack of the Democratic National Committee gains momentum with new and breaking news that puts hacking into the global spotlight. In just the past few days, we learned from Reuters that the breadth of the hack expanded significantly.
“A computer network used by Democratic presidential nominee Hillary Clinton’s campaign was hacked as part of a broad cyber attack on Democratic political organizations, people familiar with the matter told Reuters.”
The announcement of a third major hack on the U.S. Democratic party followed weeks of increasing turmoil and chaos in the global political, activist, and government communities. The most significant news was that Crowdstrike, a cybersecurity company, stated they were hired by the DNC to investigate the hack and discovered “two separate Russian intelligence-affiliated adversaries present in the DNC network.” This was included by Crowdstrike in a report which they posted on their website.
Immediately following the post by Crowdstrike, someone calling themselves Guccifer 2.0 claimed responsibility for the hack in a blog post. (The original Guccifer is Marcel Lazăr Lehel, a Romanian hacker responsible for a number of high-level computer security breaches in the U.S. and Romania. Lehel targeted celebrities, Romanian and U.S. government officials, and other prominent persons.)
Using the blog and a Twitter account, Guccifer 2.0 rejected Crowdstrike’s position that this was a Russian state sponsored hack, instead calling himself a “lone hacker.” He also claimed to have handed much of the DNC data to Wikileaks. The following week, two more cybersecurity companies, Fidelis Cybersecurity and Mandiant, independently and publicly agreed with Crowdstrike’s opinion that Russian state-sponsored hackers infiltrated the DNC networks, having found that the two groups that hacked into the DNC used malware and attack methods identical to those used in other attacks attributed to the same Russian hacking groups.
The evidence mounts from there. Traces of metadata in the document dump reveal various indications that they were translated into Cyrillic. Furthermore, while Guccifer 2.0 claimed to be from Romania, he was unable to chat with Motherboard journalists in coherent Romanian. Besides which, this sort of hacking wouldn’t exactly be outside of Russian norms.
“It doesn’t strain credulity to look to the Russians,” says Morgan Marquis-Boire, a malware expert with CitizenLab. “This is not the first time that Russian hackers have been behind intrusions in US government, and it seems unlikely that it will be the last. Last year, Russian hackers were able to breach the Pentagon, the White House. and State Department email servers, gleaning information even from President Obama’s Blackberry.
Meanwhile, the Kremlin has denied Russian involvement in the DNC breach. But the reverberations continue; DNC Chairwoman Debbie Wasserman Schultz was forced to resign after emails revealed what many view as the unfair treatment of Bernie Sanders.
In a recent interview on NBC, Julian Assange of Wikileaks gave a soft disavowal of claims that his whistle blowing organization is in cahoots with Russian intelligence, “Well, there is no proof of that whatsoever,” he said. “We have not disclosed our source, and of course, this is a diversion that’s being pushed by the Hillary Clinton campaign.”
This is, of course, the same Assange who boasts responsibility for helping find Snowden a home in Russia, and Wikileaks publicly criticized the Panama Papers for implicating Putin in financial misdeeds. He’s also an outspoken frequent critic of Hillary Clinton’s time at the State Department. A damning document dump the weekend before Clinton’s nomination arguably aligns with both Russian interests and his own.
To Russia with love
If the allegations do prove correct, this is an unprecedented step for Russia. Hacking is nothing new, but publicizing documents to attempt to sway an election certainly is. Putin would clearly prefer a Trump presidency. The billionaire Republican candidate is a longtime admirer of Putin’s, and has publicly stated that he wouldn’t necessarily defend NATO allies against a Russian invasion. To top it all off, Trump’s campaign manager, Paul Manafort, formerly worked as an advisor to Viktor Yanukovych, the Russian-backed President of Ukraine, before he was ousted in 2014.
Then the U.S. Republican candidate for president exacerbated the situation in an incredulous manner. Donald J. Trump said on Wednesday, July 27, that he hoped Russian intelligence services had successfully hacked Hillary Clinton’s email, and encouraged them to publish whatever they may have stolen, essentially urging a foreign adversary to conduct cyber-espionage against a former secretary of state.
“Russia, if you’re listening, I hope you’re able to find the 30,000 emails that are missing,” Mr. Trump said during a news conference here in an apparent reference to Mrs. Clinton’s deleted emails. “I think you will probably be rewarded mightily by our press.”
Cybersecurity experts described the remarks by Mr. Trump as “unprecedented” and “possibly illegal.”
Marcy Wheeler (a.k.a. “emptywheel”) is an American independent journalist specializing in national security and civil liberties. Wheeler was among the first to point out that if the DNC hacks are in fact state-sponsored hacks, they are espionage – which is the polar opposite of hacktivist group activities and something governments must anticipate. And Wheeler was also the first to point out that responsible reporting of hacks or data dumps must be reported responsibly.
“There are plenty of people with no known interest in either seeing a Trump or a Clinton presidency that have some measure of expertise on this issue (this is the rare moment, for example, when I’m welcoming the fact that FBI agents are sieves for inappropriate leaks). So no outlet should be posting something that obviously primarily serves the narrative one or the other candidate wants to adopt on the DNC hack without a giant sign saying “look at what partisans have been instructed to say by the campaign.” That’s all the more true for positions, like the Gang of Four, that we’d prefer to be as little politicized as possible. Please don’t encourage those people to use their positions to serve a partisan narrative, I beg of you!”
To further emphasize the importance of responsible reporting, Wheeler goes on, “More generally, I think journalists should be especially careful at this point to make it clear whether their anonymous sources have a partisan dog in this fight, because zero of those people should be considered to be unbiased when they make claims about the DNC hack.”
Be very afraid
Unfortunately, there is actually a Russian word for the style of espionage tied to the DNC hack: “kompromat.” This is a mashup of the Russian words for “compromising” and “material,” it refers to the old traditions of obtaining information and using it to smear or influence public officials. Unscrupulous Russian politicians have been doing it for decades; there are actually kompromat websites.
One recent development has been the creation of specialized kompromat websites, most famously the Russian Компромат.Ru (compromat.ru) that will, for a fee of several hundred dollars, publish any piece of kompromat on anyone. Consequently, such websites are occasionally temporarily blocked by Russian ISPs and their owners harassed by government agencies.
The Interpreter opinion column looked hard at these hacks and their potential impact on the future: “Analysts said hacking is likely to expand in the realm of foreign policy by giving states a new, low-risk method to tweak one another or to meddle in one another’s internal affairs. State-sponsored hacks meant to weaponize information are relatively inexpensive and difficult to defend against, making them a tempting tool.
But it is precisely their appeal that gives these tactics the potential to make the international arena more volatile. It is hard to determine responsibility, which creates a risk that states will punish the wrong culprit – or respond too harshly, forcing an unintended cycle of escalation.
Because there are no established norms for what is and is not tolerated in such attacks, or for how a targeted state is expected to respond, even the prospect of this kind of hacking creates dangerous uncertainty.
This practice is beyond the reach or enforcement of most laws, and outside the scope of the norms that limit states’ interference in one another’s affairs. And because effective defense is so difficult, it is hard to predict what the limits – or the consequences – of that might be.”
WikiLeaks founder Julian Assange is boasting about how his group’s release of hacked Democratic National Committee emails is affecting the US presidential election – and says it has unreleased information about Hillary Clinton’s campaign.
“We have more material related to the Hillary Clinton campaign,” Assange told CNN’s Anderson Cooper on “Anderson 360” on July 29. “That is correct to say that.”
Assange has been coy about how WikiLeaks came into possession of internal Democratic party cyber information. The FBI and Justice Department are investigating a computer hack of Democratic nominee Clinton’s presidential campaign in addition to its examination of intrusions of other Democratic Party organizations, two law enforcement officials told CNN.
Assange also said more material is forthcoming that is “extremely interesting.”
“We have more material related to the Hillary Clinton campaign. That is correct to say that,” he said. “Those are extremely interesting. We will see what will come of them.”
Assange spoke from the Ecuadorian embassy in London, where he faces extradition over sexual assault allegations.
Wheeler weighed back in on July 31 regarding the latest allegations regarding the Clinton campaign hack, “Several outlets have reported that Hillary’s campaign — or rather, a network the Hillary campaign uses — got hacked along with the DNC and DCCC, presumably by the same APT 28 group presumed to be Russia’s military intelligence GRU. But reports on this, coming after a day of equivocation about whether Hillary’s campaign had been hacked at all, are unclear.”
The fact remains that there’s a great deal of time in the election cycle remaining – and its very likely more leaks related to the hacks to come along. On Sunday, July 31, a Twitter user asked Wikileaks if more DNC leaks were on their way.
The WikiLeaks response: “We have more coming.”