People are pointing the finger at the Russian intelligence services over the recent damaging leak of emails from the Democratic National Committee (DNC) ahead of the party’s convention this week.
If true, it’s an extraordinary incident: The Russian government is deliberately meddling in US domestic politics in an apparent attempt to influence a presidential election.
The Hillary Clinton campaign has accused Russia of being behind the leak of emails, which have been published online by whistleblowing site Wikileaks and led to the resignation of DNC chair Debbie Wasserman Schultz over the weekend.
Some security experts agree with this analysis. Dave Aitel, CEO of security firm Immunity Inc, put it in blunt terms in a column for Ars Technica: “[The leak] meets the definition of an act of cyberwar, and the US government should respond as such.”
*Someone* stole a whole load of documents from the DNC
First, some background.
In June, the DNC announced that hackers had access to its systems for more than a year, first detecting unusual activity in April 2016, and expelling the infiltrators two months later. The hackers stole opposition research on Donald Trump, with security research firm CrowdStrike laying the blame on “two separate Russian intelligence-affiliated adversaries.”
(Remarkably, the two groups did not appear to be cooperating — and may not even have been aware of each others’ operations.)
Complicating matters was the existence of a purported hacker who uses the name “Guccifer 2.0.” The pseudonymous individual (who has no known relationship with Guccifer, an older hacker) claims they were the one who really hacked the DNC, and leaked alleged internal files to “prove” it, including what appeared to be information on Democratic Party donors and finances.
Describing themselves as a “lone hacker,” Guccifer 2.0 wrote in a blog post: “Worldwide known cyber security company CrowdStrike announced that the Democratic National Committee (DNC) servers had been hacked by ‘sophisticated’ hacker groups. I’m very pleased the company appreciated my skills so highly))) But in fact, it was easy, very easy.”
However, security firms didn’t buy it. Some — including Crowdstrike and Fidelis — argued that this was a deliberate “disinformation campaign” to deflect blame away from Russian spy agencies.
Then along came Wikileaks …
Things got significantly uglier for the DNC on July 22, when Wikileaks released a batch of stolen emails. Purportedly showing a bias against presidential hopeful Bernie Sanders, their publication has already caused one head to roll — DNC chair Wasserman Schultz.
Wikileaks doesn’t name its sources, so we don’t know for sure that they came from the same DNC hack. But “Guccifer 2.0” has told Motherboard’s Joseph Cox that they were responsible for the leak.
Clinton’s camp now unambigiously says this was a deliberate act of sabotage by the Russian government, carefully timed ahead of the party’s conference that will confirm Clinton as the Democrat nominee for US president.
Campaign manager Robby Mook told CNN on Sunday: “What’s disturbing to us is that … experts are telling us that Russian state actors broke into the DNC, stole these emails and other experts are now saying that the Russians are releasing these emails for the purpose of actually helping Donald Trump … I don’t think it’s coincidental that these emails were released on the eve of our convention here, and that’s disturbing and I think we need to be concerned about that.”
Some security experts are indeed saying this. Immunity Inc’s Dave Aitel is calling for an “escalatory response,” arguing that “this is information warfare in its purest form … it has the potential to significantly impact the immediate future and stability of the United States.”
Rich Barger, who works as CIO for security firm ThreatConnect, told The Washington Post: “We’ve been looking at this very closely from both the technical and non-technical spheres … Based on our analysis, we strongly feel Guccifer 2 is linked to a Russian information operations campaign and is not the independent Romanian hacker that he claims to be.”
There’s still a lot we don’t know
Russia hack perhaps not proven. But seeing lot of people who think if it is true its some minor footnote to the DNC emails. Wake up, idiots.
— Josh Marshall (@joshtpm) July 25, 2016
It’s important to note that this alleged Russian link hasn’t been confirmed: Theorists are going on inference and what we know of previous “Russian operations” as much as hard proof. We’re in uncharted territory, where everything from attribution to the proper response is unclear.
But if true, it has worrying implications: That foreign states are actively attacking American political parties in order to influence domestic politics. And, as the firing of Wasserman Schultz shows, it’s working.
The origin of the leak shouldn’t subtract from any allege scandal contained within the leak — if the scandal is genuine. But that origin certainly shouldn’t be ignored.