Cybersecurity

Obama administration publicly blames Russia for DNC hack

The Obama administration on Friday publicly attributed recent political hacking incidents to the Russian government, calling the thefts an intentional effort to interfere with the U.S. election process.

{mosads}The Department of Homeland Security and the Office of the Director of National Intelligence publicly blamed Russia for the hack of the Democratic National Committee (DNC) and other political organizations this year.

“We believe, based on the scope and sensitivity of these efforts, that only Russia’s senior-most officials could have authorized these activities,” the agencies in a joint statement.

The hack and subsequent release of emails from the DNC, the Democratic Congressional Campaign Committee (DCCC) and former Secretary of State Colin Powell were widely believed by security experts and many in the intelligence community to be the work of Russian intelligence.

The Obama administration has been under fierce pressure from lawmakers — led by Senate and House Intelligence Committee ranking members Dianne Feinstein (D-Calif.) and Adam Schiff (D-Calif.), respectively — to publicly attribute the attacks.

The decision to name-and-shame Russia is a historic one. Of the four countries officials cite as the U.S.’s key adversaries in cyberspace — Russia, North Korea, China and Iran — Russia was the only one against whom the U.S. had not yet taken some kind of public action over its cyber activity. 

Some onlookers suspected that the White House was leery of publicly naming Russia in the DNC hack because it didn’t want to disrupt a fragile ceasefire deal in Syria. 

But Secretary of State John Kerry officially suspended negotiations with Russia over implementing such an agreement on Monday. And on Friday he called for a war crimes investigation of Russia and Syria for attacks in Aleppo. 

Washington has almost unanimously treated Russian involvement in the attack on the DNC and other Democratic groups as fact after several forensics firms avowed that all the digital fingerprints pointed to a well-known Russian intelligence group known informally as Fancy Bear. 

Moscow used a diffuse network of outlets to disseminate the material it stole — all of which the administration confirmed Friday. 

“The recent disclosures of alleged hacked e-mails on sites like DCLeaks.com and WikiLeaks and by the Guccifer 2.0 online persona are consistent with the methods and motivations of Russian-directed efforts,” the statement read.

Security experts have long believed that the previously-unknown hacker Guccifer 2.0 was a front for Russian interests, despite his claims to be a single Romanian hacker. He — or they — published the DNC and DCCC documents on a WordPress blog set up shortly after the hacks. 

DCLeaks.com, which published the Powell emails, claims to be American but is also thought to be a Russian intelligence front. The anti-secrecy platform WikiLeaks also published the DNC emails, but would not reveal where it got them. 

The intelligence agencies also confirmed long-standing speculation that the attacks were an effort by the Russian government to meddle in the U.S. election — whether to simply sow doubt in the integrity of the process or to ensure an outcome favorable to the Kremlin. 

The release of the DNC emails — just days before Hillary Clinton formally became the Democratic nominee — threw the first day of the Democratic National Convention into chaos and led to the resignation of committee chairwoman Debbie Wasserman Schultz. 

Some Democrats, including the Clinton campaign, have characterized the leak as an attempt by Russia to benefit GOP presidential nominee Donald Trump, seen as Russian President Vladimir Putin’s preferred candidate. 

The administration did not offer specifics on Russia’s precise motivation.  

“These thefts and disclosures are intended to interfere with the U.S. election process,” the administration said. “Such activity is not new to Moscow — the Russians have used similar tactics and techniques across Europe and Eurasia, for example, to influence public opinion there.” 

The agencies said they were not ready to confirm that recent probing of state’s election systems were the work on Russian hackers, but urged caution.  

Lawmakers were quick to celebrate the announcement. 

“I applaud the administration’s decision to publicly name Russia as the source of hacks into U.S. political institutions,” said Schiff.

The Obama administration has taken a case-by-case approach to responding to high-profile cyber incidents — decisions that onlookers say are based on both the nature of the attack and the level of the diplomatic involvement between the U.S. and the country in question.

The White House publicly blamed North Korea for hacking Sony Pictures in 2014. Some onlookers point to the antagonistic relationship between the two nations, arguing that the U.S. had little to lose by piquing the country’s dictatorial young leader Kim Jong-Un.

Also in 2014, the U.S. issued indictments for five People’s Liberation Army officers on hacking charges.

Earlier this year, the Justice Department indicted seven Iranians for a series of coordinated cyberattacks against the U.S. financial sector and for infiltrating a New York dam in 2013.

Conversely, Obama has declined to name the culprit behind the massive hack of the Office of Personnel Management (OPM), uncovered last spring. The intrusion has been widely attributed to China but is believed to have been an intelligence-gathering mission.

The U.S. also maintains deep economic and diplomatic ties with Beijing.

Critics say that a policy of responding to attacks on a case-by-case basis isn’t enough to keep bad actors from hacking the United States.  

In the case of Russia, Schiff had said previously, “the longer this goes on without the administration making attribution, then I think the longer we’re going to see these hacks continue.”