search slide
search slide
pages bottom

FBI, cybersecurity experts investigating potential Russian ties to DNC email leak

On Friday, WikiLeaks posted a trove of 20,000 emails procured in a hack of the Democratic National Committee. Today, the FBI announced that it was investigating the hack and the circumstances surrounding it.

The hack was first reported last month, by the Washington Post, which said hackers affiliated with the Russian government had breached DNC servers and gathered opposition research on Trump as well as access to “other material.” That report claimed the hackers so thoroughly penetrated the DNC’s servers that they gained complete access to email and chat traffic. At the time, the Post reported that the hackers might have had access to the DNC’s servers for up to a year.

The Post claimed that no personal information on any donors had been seized in the attack, but the WikiLeaks email trove proved that false. Included in the leaked emails were full names, addresses, phone numbers, passport and social security numbers, credit card payment details, and full card numbers.

Security experts from CrowdStrike claim to have uncovered forensic evidence suggesting that two competing teams of Russian hackers penetrated the DNC’s servers, and that the information leaked to WikiLeaks may have come directly from Russian intelligence. If true, this would raise significant questions about Russia’s attempted interference in US elections. The Trump campaign has been accused of adopting positions that favor Vladimir Putin, though Trump has denied all such allegations.

Thomas Rid, a professor at Kings College London, told the Post that he communicated with the hacker, Guccifer2, who leaked the DNC’s emails to WikiLeaks. “I quizzed him two times in a Twitter direct message back and forth and he very clearly indicated he gave the emails to WikiLeaks,” Rid told the Post. These early findings have been backed up by multiple additional firms: Mandiant (part of FireEye) and Fidelis have confirmed CrowdStrike’s initial analysis. The hackers that penetrated the DNC used tools, practices, and trade craft that’s been previously linked to Russian groups, including hardcoded IP addresses to command-and-control servers that have conclusively been linked to Russian military intelligence, the GRU.

The leaked documents have also been modified by users with Russian language default settings, Motherboard reports, and there were hyperlink errors in Cyrillic in the document metadata. While Guccifer2 has denied being Russian or affiliated with Russia and claimed to be Romanian, he was unable to respond colloquially and without errors when asked to explain his hacks in Romanian. Russian involvement has not been conclusively proven, but there are multiple arrows pointing in the same direction.

The other major issue related to the leak is the alleged favoritism shown to Hillary Clinton during the Democratic primary season. Supporters of Bernie Sanders often alleged that Debbie Wasserman Schultz, who headed the Democratic National Committee, scheduled debates at times that favored Clinton and generally worked behind the scenes to disadvantage Sanders. As of this writing, none of the emails show evidence of the voter suppression or deliberate disenfranchisement that some Sanders’ supporters allege took place, but there has been at least one email chain that discussed attempting to paint Sanders as an atheist. Wasserman Schultz has agreed to step down as a result of the leaks and will no longer speak at the Democratic National Convention.

Just to make this perfectly clear: While some have talked about this leak as a second Clinton email scandal, Hillary Clinton herself is not a direct party to this leak, nor responsible for it. The investigation into Clinton’s own email practices and the FBI decision not to indict her for said practices was an entirely separate affair.

Leave a Reply

Captcha image