The Russia-linked election hack over DNC
WikiLeaks published a stolen archive of emails from the Democratic National Committee — and Washington spent the weekend trying to figure out if the dump was a normal political scandal or something far more sinister. The week before Hillary Clinton is expected to become the Democratic presidential candidate.
Over the weekend, a number of experts have raised suspicions that the email leak was carried out as part of an active campaign by Russian groups to sway the US election. The FBI is actively investigating the hack and the House Intelligence Committee has reportedly been briefed on it as well. If the reports are true, it would be a new level of involvement by a foreign power in a US election. And since the attack used many of the same tactics turned against Sony Pictures and Ashley Madison, it would also set a troubling precedent for how commonly available digital attacks could be used to subvert a national election.
WikiLeaks has published over 19,000 emails it says come from seven top Democratic National Committee figures. Among them are hundreds of messages that appear to hold personal information about donors, all part of what WikiLeaks calls an ongoing series of "Hillary Leaks."
The DNC was first compromised in May of this year, and while attribution is always tricky, there’s ample evidence linking that attack to Russia. In a blog post in June, the firm Crowdstrike linked the DNC compromise to two different groups, dubbed "Cozy Bear" and "Fancy Bear." One had been linked to previous attacks on the State Department, and both were seen choosing targets "for the benefit of the government of the Russian federation," Crowdstrike CTO Dmitri Alperovitch wrote. Two separate firms later confirmed the finding, and crucially, both assessments were made over a month ago, long before the emails themselves were released. The report closed with an ominous prediction: "Attacks against electoral candidates and the parties they represent are likely to continue up until the election in November."
In the month since, the connection to Russia has only strengthened. A figure came forward taking credit for the hack, claiming to be a Romanian civilian acting alone — but in a pivotal Motherboard interview, he proved unable to converse in Romanian, and metadata for his site showed it had been modified by Russian users. In the wake of the email dump, other experts have piled on the Russian connection, with longtime Russia analyst Thomas Rid describing the evidence as "very strong."
Those leaks exposed genuinely powerful organizations at work, motivated by costly acts of individual principle. What we saw at the DNC was closer to a hit and run, striking a soft target with as little exposure as possible. This attack will always work better against civil society groups and small businesses — and as it becomes more common, those are the groups that will be hit the hardest.
It’s not clear how we avoid it. For better or worse, most of the world’s organizations run on email, and that leaves every message persistent and easily accessible on a server. It’s hard to imagine that will change, or that we’ll get any better at protecting those servers. More than a year and a half after the Sony leaks, we still have no better answer to the moral questions raised by that attack. The more urgent question is whether democratic institutions can withstand the pressure of digital attacks.
Over the weekend, a number of experts have raised suspicions that the email leak was carried out as part of an active campaign by Russian groups to sway the US election. The FBI is actively investigating the hack and the House Intelligence Committee has reportedly been briefed on it as well. If the reports are true, it would be a new level of involvement by a foreign power in a US election. And since the attack used many of the same tactics turned against Sony Pictures and Ashley Madison, it would also set a troubling precedent for how commonly available digital attacks could be used to subvert a national election.
WikiLeaks has published over 19,000 emails it says come from seven top Democratic National Committee figures. Among them are hundreds of messages that appear to hold personal information about donors, all part of what WikiLeaks calls an ongoing series of "Hillary Leaks."
RELEASE: 19,252 emails from the US Democratic National Committee https://t.co/kpFxYDoNyX #Hillary2016 #FeelTheBern pic.twitter.com/Pft8wnOujl— WikiLeaks (@wikileaks) July 22, 2016
The DNC was first compromised in May of this year, and while attribution is always tricky, there’s ample evidence linking that attack to Russia. In a blog post in June, the firm Crowdstrike linked the DNC compromise to two different groups, dubbed "Cozy Bear" and "Fancy Bear." One had been linked to previous attacks on the State Department, and both were seen choosing targets "for the benefit of the government of the Russian federation," Crowdstrike CTO Dmitri Alperovitch wrote. Two separate firms later confirmed the finding, and crucially, both assessments were made over a month ago, long before the emails themselves were released. The report closed with an ominous prediction: "Attacks against electoral candidates and the parties they represent are likely to continue up until the election in November."
In the month since, the connection to Russia has only strengthened. A figure came forward taking credit for the hack, claiming to be a Romanian civilian acting alone — but in a pivotal Motherboard interview, he proved unable to converse in Romanian, and metadata for his site showed it had been modified by Russian users. In the wake of the email dump, other experts have piled on the Russian connection, with longtime Russia analyst Thomas Rid describing the evidence as "very strong."
Those leaks exposed genuinely powerful organizations at work, motivated by costly acts of individual principle. What we saw at the DNC was closer to a hit and run, striking a soft target with as little exposure as possible. This attack will always work better against civil society groups and small businesses — and as it becomes more common, those are the groups that will be hit the hardest.
It’s not clear how we avoid it. For better or worse, most of the world’s organizations run on email, and that leaves every message persistent and easily accessible on a server. It’s hard to imagine that will change, or that we’ll get any better at protecting those servers. More than a year and a half after the Sony leaks, we still have no better answer to the moral questions raised by that attack. The more urgent question is whether democratic institutions can withstand the pressure of digital attacks.
No comments
Post a Comment