The hack of DNC emails bears the hallmarks of a Russian intelligence operation
FBI hasn't officially attributed attack to Russian government hackers yet
Federal investigators tried to warn the Democratic National Committee about a potential intrusion in their computer network months before the party moved to try to fix the problem, U.S. officials briefed on the probe tell CNN.
The revelation raises questions about whether the DNC could have done more to limit the damage done by hackers suspected of working for Russian intelligence.
The DNC brought in consultants from the private security firm CrowdStrike in April. And by the time suspected Russian hackers were kicked out of the DNC network in June, the hackers had been inside for about a year.
A person briefed on the DNC’s response says the warning from the FBI and other agencies wasn’t specific, and that the extent of the problem wasn’t clear when the initial warnings came. DNC officials hired outside help after additional indications surfaced that their systems were compromised.
The DNC breach occurred around the same time as breaches of U.S. government systems at the State Department and the White House. Analysts from the National Security Agency found signatures in those breaches that led them to suspect there were other intrusions outside the government, including at the DNC.
“I talked to the general counsel of the DNC today and he assures me that every step along the way when we were notified of these issues that we changed systems, changed procedures,” said DNC vice chairwoman Donna Brazile to CNN’s Wolf Blitzer. “But these hackers are so sophisticated that they changed procedures. So yes, it went on for more than a year, but at no time did we ignore the warning from the FBI or any other federal officials.”
Earlier on Monday, the FBI confirmed it was investigating a hack into the DNC, the first acknowledgment from the agency that they are probing the incident, which U.S. officials suspect came from a Russian cyber attack.
Fallout over the emails led DNC Chairwoman Debbie Wasserman Schultz to announce her resignation Sunday.
“The FBI is investigating a cyber intrusion involving the DNC and are working to determine the nature and scope of the matter,” the agency said in a statement. “A compromise of this nature is something we take very seriously, and the FBI will continue to investigate and hold accountable those who pose a threat in cyberspace.”
The suspected Russian hack is part of a wave of Russian cyber attacks aimed at political organizations and academic think tanks in Washington, U.S. officials briefed on the investigations say.
Over the weekend, Wikileaks began publishing emails from the DNC. The group didn’t identify the source. But the campaign of presumptive Democratic nominee Hillary Clinton pointed the finger at Russia, saying the release of stolen emails was intended to help Republican nominee Donald Trump.
The FBI has sent experts to meet with the Republican National Committee, as well as the major campaigns, to discuss their security measures, the officials say. No similar intrusions have so far been detected at the RNC or the campaigns of the two major party candidates, the officials say.
Clinton campaign manager Robby Mook told CNN’s Jake Tapper on “State of the Union” Sunday about that “changes to the Republican platform to make it more pro-Russian,” which could provide some of the motive behind the hacks.
“I don’t think it’s coincidental that these emails were released on the eve of our convention here, and I think that’s disturbing,” he said.
Trump told The New York Times in an interview last week, that if he’s elected the U.S. wouldn’t defend NATO allies against Russian aggression if they haven’t “fulfilled their obligation to us.”
Trump’s son, Donald Trump Jr., denied that his father’s campaign had anything to do with encouraging Russians to hack the DNC.
“I can’t think of bigger lies, but that exactly goes to show you what the DNC and what the Clinton camp will do,” Trump told Tapper on “State of the Union”.
Even before the emails were posted on Wikileaks, the White House convened a security meeting to review what was known, U.S. officials told CNN.
Democrats, including some in Congress, are trying to pressure the White House to publicly name Russia as the perpetrator, in the way the government named North Korea in the Sony hack and China for hacking various U.S. companies. The Obama administration has resisted publicly naming Russia despite evidence gathered by U.S. government investigators showing Russian behind cyber-attacks on U.S. government agencies and even the public release in 2014 of a hacked phone call between U.S. diplomats in Ukraine that was caused embarrassment for the U.S.
At the State Department Monday, spokesman John Kirby refused to say Russia was responsible, citing the ongoing investigation.
“It goes without saying that issues of cyber security will be a topic of discussion between us and our Russian interlocutors on a continuous basis. I don’t have any specific conversations to speak to and nor would I as this matter’s under investigation by the FBI,” Kirby said. “I think we need to let the FBI do their work before we try to form any conclusions here in terms of what happened and what the motivation was behind it. The FBI’s spoken to this. We’re going to respect that process.”
James Trainor, assistant director for FBI’s cyber division, told CNN in a recent interview that the bureau has been working with political organizations and think tanks to put more resources into the security of their computer networks. He wouldn’t discuss the DNC or the role of Russia, but spoke generally about the increased number of such intrusions.
“There’s been aggressive targeting of that sector, the various campaigns, think tanks in the Washington, DC area,” Trainor said.
The “targeting of any candidate or any party (that) has political intelligence,” Trainor said. “There’s value in information there if you’re a nation state actor, so (it) shouldn’t be surprising.”