Russian government hackers penetrated the computer network of the Democratic National Committee and gained access to the entire database of opposition research on GOP presidential candidate Donald Trump, according to committee officials. The networks of presidential candidates Hillary Clinton and Donald Trump were also targeted by Russian spies, but as The Washington Post reports, the intruders so thoroughly compromised the DNC’s system they also were able to read all e-mail and chat traffic.
As The Washington Post reports, some of the hackers had access to the DNC network for about a year, but all were expelled over the past weekend in a major computer clean-up campaign, the committee officials and experts said.
The DNC said that no financial, donor or personal information appears to have been accessed or taken, suggesting that the breach was traditional espionage, not the work of criminal hackers.
“It’s the job of every foreign intelligence service to collect intelligence against their adversaries,” said Shawn Henry, president of CrowdStrike, the cyber firm called in to handle the DNC breach and a former head of the FBI’s cyber division. He noted that it is extremely difficult for a civilian organization to protect itself from a skilled and determined state such as Russia.
“We’re perceived as an adversary of Russia,” he said. “Their job when they wake up every day is to gather intelligence against the policies, practices and strategies of the U.S. government. There are a variety of ways. [Hacking] is one of the more valuable because it gives you a treasure trove of information.”
Russian President Vladimir Putin has spoken favorably about Trump who has called for better relations with Russia and expressed skepticism about NATO. But unlike Clinton, whom the Russians probably have long had in their spy sights, Trump has not been a politician for very long, so foreign agencies are playing catch-up, analysts say.
“The purpose of such intelligence gathering is to understand the target’s proclivities,” said Robert Deitz, former senior councillor to the CIA director and a former general counsel at the National Security Agency. “Trump’s foreign investments, for example, would be relevant to understanding how he would deal with countries where he has those investments” should he be elected, Deitz said. “They may provide tips for understanding his style of negotiating. In short, this sort of intelligence could be used by Russia, for example, to indicate where it can get away with foreign adventurism.”
DNC leaders were tipped to the hack in late April. Chief executive officer Amy Dacey got a call from her operations chief saying that their information technology team had noticed some unusual network activity.
“When we discovered the intrusion, we treated this like the serious incident it is and reached out to CrowdStrike immediately. Our team moved as quickly as possible to kick out the intruders and secure our network.”
The firm identified two separate hacker groups, both working for the Russian government, that had infiltrated the network, said Dmitri Alperovitch, CrowdStrike co-founder and chief technology officer. The firm had analyzed other breaches by both groups over the last two years.
One group, which CrowdStrike had dubbed Cozy Bear, had gained access last summer and was monitoring the DNC’s email and chat communications, Alperovitch said.
The other, which the firm had named Fancy Bear, broke into the network in late April and targeted the opposition research files. It was this breach that set off the alarm. The hackers stole two files, Henry said. And they had access to the computers of the entire research staff — an average of about several dozen on any given day.
The computers contained research going back years on Trump. “It’s a huge job” to dig into the dealings of somebody who has never run for office before, Dacey said.
CrowdStrike is not sure how the hackers got in.
Russia has always been a formidable foe in cyberspace, but in the last two years “there’s been a thousand-fold increase in its espionage campaign against the West,” said Alperovitch, who is also a senior fellow at the Atlantic Council. “They feel under siege.”
Western sanctions, imposed after Russia’s annexation of Crimea in Ukraine, have hurt the economy and led the government to increase its theft of intellectual property to limit the impact of import restrictions, he said. And Russia’s growing isolation has increased the need for intelligence to understand and influence political decisions in other countries, he added.
Unsurprisingly, a Russian Embassy spokesman said he had no knowledge of such intrusions. The Clinton campaign did not immediately respond to a request for comment. A spokeswoman for the Trump campaign referred questions to the Secret Service.