The DNC Hacks: Putin Penetration? There’s Something Going On!
As the political drama around the hacks faded away with the fading away of Debbie Wasserman Schultz, more oxygen was given to the other aspects of the hack, which pundits seemed to miss the significance of at first, but slowly (at least in terms of a 2016 24-hour news cycle) it began to dawn on them: an outside force was trying to alter the outcome of a U.S. election, tipping the scales in favor of Donald Trump and against Hillary Clinton, in a clear, substantive, and indisputable way.
So people started caring again about who had hacked the DNC servers.
Wait, didn’t people say that it was the Russian government? Does that mean Russia and Putin are messing with an American election? Is this cyber warfare??
At first, that suggestion seemed conspiratorial and the media and public seemed reluctant to embrace it as if that narrative was perhaps mostly a plot by Democrats to divert attention away from their internal scandal, another “he said/she said” in a long war of words between Trump and Clinton. Maybe the delay was in part because the story broke over the weekend, maybe it just seemed too fantastical for people to take seriously. But as expert opinion began weighing in, and it seemed to be consistently unanimous when it came to those with direct knowledge of the hack, it became clear that it is very likely that Russia and Putin are messing with the current U.S. election, with American intelligence reaching a consensus with “high confidence” that Russia was the culprit of the crime.
It could be that they are out “to stir the pot” and destabilize the U.S. political landscape; it could also be that they are trying to get Donald Trump elected (many would argue that that itself is tantamount to destabilization).
How are almost certain it’s Russia?
The details pointing to Russia are numerous and clear. The initial findings by CrowdStrike, citing the Russian government-backed hacking groups APT 28 and APT 29, were later confirmed by two other private-sector cybersecurity firms. Relative to other similar cases, the evidence linking the hacking to these two groups was significantly more compelling. Apt 28 often uses a tactic of setting up a domain spelled very similarly to the actual domain in a bid to get users to unknowingly disclose their usernames and passwords. For the DNC hack, APT created misdepatrement.com (as opposed to misdepartment.com), to confuse staff at MIS Department, which managed the DNC’s network. And previous hacks by the group has used the same IP address and malware software, a discovery that helped to point to patterns. This process “sometimes included unique security or encryption keys, a kind of digital fingerprint,” a fingerprint found in other significant attacks, which both government intelligence and private sector experts believe are also tied to APT 28.
Both hacking groups use also approaches and technology “consistent with nation-state level capabilities” and choose foreign military entities and military contractors in a way that “closely mirrors the strategic interests of the Russian government,” according to a CrowdStrike report and echoed by other reports. Another firm noted that the hackers seemed to operate during the Moscow and St. Petersburg time zone business hours and to take holidays during official Russian holidays.
Within on day of the DNC disclosing to The Washington Post in mid-June, a person styling himself Guccifer 2.0 began a WordPress blog and claimed that he, and only he, was behind the hack, and to back up his claim, he posted DNC documents on the blog and leaked others to the press and to WikiLeaks. He chose the name Guccifer to honor an imprisoned Romanian hacker of that same name, who earned; the original Guccifer claims to have hacked Clinton’s private e-mail server that has consumed American politics for the last year, but this claim has not been verified. However, we know Guccifer did hack Clinton friend and confidante Sidney Blumenthal’s e-mail, which, in turn, revealed the existence of Clinton’s oft-criticized private e-mail server to congressional investigators in the first place.
Kind of crazy how all of this ties together, right?
While Guccifer 2.0 claimed Russia had nothing to do with the hackings, his very actions provided investigators with evidence backing up the initial claims that Russia was behind the hackings: metadata from the information he posted had Russian digital signatures and showed that systems running on Russian language setups had accessed the files; one document had been modified by a user named Felix Edmundovich, the letters spelled out in Cyrillic and an obvious homage to Felix Edmundovich Dzerzhinsky, the founder of the Soviet Union’s secret police. This information was exposed by a researcher on security issues operating under the Twitter handle @pwnallthethings, who also exposed the fact that error messages in the documents were in Russian; all these imprints were made before WikiLeaks obtained the files. The aforementioned points were echoed by another analyst writing for Ars Technica soon after.
Other telling evidence indicated that Guccifer 2.0 might be little more than a Russian public relations smoke-and-mirrors operation: Guccifer 2.0 made himself accessible to the media for interviews, a rarity for criminal hackers who tend to be paranoid of being caught and therefore reclusive; he strongly asserted that Russia had never penetrated the DNC, but that is something that he would be incapable of knowing as an independent hacker, as he claimed to be; he claimed to be Romanian, but then seemed unable to converse in Romanian without using only short statements and making repeated grammatical mistakes as noted by native Romanian speakers; metadata in his e-mails indicated he sent them from Russian networks, and some evidence even pointed to the use of the same or similar networks used by APT 28. It seems Guccifer 2.0 was concocted by Russian intelligence right after The Washington Post reported that DNC officials and investigators suspected Russia, a tactic of “deception and disinformation” or “denial and deception” that is standard operating procedure for Russia and codified officially in Russian military doctrine. A few such examples were noted in a just-released RAND report:
“Russian propagandists have been caught hiring actors to portray victims of manufactured atrocities or crimes for news reports (as was the case when Viktoria Schmidt pretended to have been attacked by Syrian refugees in Germany for Russia’s Zvezda TV network), or faking on-scene news reporting (as shown in a leaked video in which “reporter” Maria Katasonova is revealed to be in a darkened room with explosion sounds playing in the background rather than on a battlefield in Donetsk when a light is switched on during the recording).”
The Rand Report notes how incredibly common and prolific these propaganda efforts have become since at least Russia’s 2008 war with Georgia and how current, traditional counter-propaganda efforts are falling short in correcting this “firehose of falsehood.” All this just points even more strongly to the Russians being behind the DNC hack.
Hacking and Political Warfare: Russia’s Newest Weapons System, Eagerly Deployed: There’s Something Going On!
Hacking and cyber warfare are also certainly part of the new Russian way of foreign policy and hybrid warfare, including (mis/dis)information and propaganda operations like those noted above. But another major aspect of Russian policy involves trying to meddle with foreign elections and politics, and the hackings of the DNC can be seen to be part of just such a larger effort. In fact, Paul Manafort can even be thought of as an (indirect?) mercenary general in this exact type of political warfare, where he was on the front lines of Putin’s operations in Ukraine from the Orange Revolution until (and possibly even after) Yanukovych’s 2014 overthrow.
But such operations were hardly limited to Ukraine, as there are other examples in Eastern Europe; lately, Putin has actually been funding right-wing, pro-Russian parties and demagogues all over Europe, helping to fuel an ongoing continental right-ward drift. Perhaps most notably, this Russian support has been a factor in France, which is lurching even more rightward in the wake of recent terrorist attacks like the one in Nice and where Putin’s chosen candidate, Marine Le Pen, may very well win France’s 2017 presidential election, but Putin has also been trying to destabilize German politics using the issue of refugees to weaken Chancellor Angela Merkel and empower German extremists.
Another factor that must be acknowledged is that Putin is still simmering over the Western expansion of NATO, over two Western military interventions against Russian ally Slobodan Milosevic of Serbia in the 1990s, against support for Kosovo’s independence from Serbia. Putin also sees the U.S. as having orchestrated the “color revolutions” of the last decade rather than viewing them a natural expression of post-Soviet peoples’ desires to be free from Russian domination and to not be ruled by Putin’s corrupt puppets; Putin similarly blames the U.S. for the 2014 overthrow of Yanukovych. The Russian president also, in particular, blames the U.S. for massive demonstrations in Russia in 2011 that erupted after fraudulent parliamentary elections. In fact, at the time, he specifically blamed Secretary of State Hillary Clinton.
Seen in this context, the hacking of the DNC, the DCCC, and the voter database used by Clinton’s presidential campaign serve multiple purposes: in the eyes of Putin and many Russians, this is revenge for U.S. support for democracy in former Soviet republics and the continued post-Cold War expansion of NATO, for perceived U.S. aggressive roles in countering Russian interests, and against Hillary Clinton specifically, who enraged Putin when she called him out on Russian election fraud in 2011.
Conclusion: There’s Something Going On!
Interference in U.S. elections and politics would not be unprecedented: the UK intelligence at Churchill’s direction interfered to try to empower Roosevelt against Republican isolationists; South Vietnam played with peace talks to give Nixon an edge in 1968 after it negotiated secretly with Nixon’s campaign; Iran’s ayatollahs may have conspired with Reagan in 1980; and Israel worked to undercut the Obama Administration’s standing in the U.S in 2012 and 2015 over the Iran issue. Russia even seems to be supporting a secessionist movement in Texas that is still sizable while also only being a fringe minority.
Of course, Russia has categorically denied any involvement in the recent hacks.
As for Trump, he has a lot of questions to answer about Russia, both in terms of him and his family but also about his associates. Trump’s taxes may or may not yield information about his business ties to Russia, and for now, the Trump team denies it has any ties to Russia but provides no evidence to support this, only repeated assertions.
Even now as I write some of this, Trump is baselessly speculating at a press conference that the entity behind the hacking is “probably not Russia, nobody knows if it’s Russia,” contrary to all the expert analysis given. At this same press conference, he seemed to actually invite Russia to hack Hillary Clinton, even tweeting that call in writing on his Twitter account soon after (and later unconvincingly claiming he was being “sarcastic” after massive shock and outrage ensued).
Since then, just yesterday, one week after the WikiLeaks DNC release, we learned that there were new hacks, likely by Fancy Bear/APT 28, of the Democratic Congressional Campaign Committee, a congressional fundraising group for Democrats, and of a voter information database used by the Clinton campaign and other Democratic organizations. The U.S. is trying to determine how to respond to these cyber attacks as the FBI and Department of Justice investigate. And there are likely to be more hacks, with WikiLeaks’ Assange promising are more “a lot more” information on American politics coming from files he already has.
To be sure, hacking a U.S. political party’s central leadership organization at the height a presidential election cycle is dangerous, unsettling new territory for an already fraught American-Russian relationship. If Congress is to even retain an ounce of non-partisan credibility, a major investigation must be undertaken as soon as possible, and Republicans must put as much zeal into it as they put into their Benghazi “investigations.”
What we do know is that Trump and his family tried to do business for many years in Russia; that he sought to have a relationship with Putin; that both men have been publicly supporting each other as Trump seeks the American presidency; that Trump is by far the most pro-Russian, pro-Putin of the major presidential candidates of this entire election cycle; that he did business with Russian nationals (some of them were of ill repute) and took massive amounts of money coming from Russia; that his Campaign Chairman has a sordid history of helping Putin allies of ill repute to the detriment both of Western interests and, more specifically, of democracy in Ukraine, help that helped precipitate bloodshed and war; that other Trump campaign staff and advisors have questionable links to Russia; that Russia has a pattern of hacking America and others for political purposes; that Russia has a pattern of interfering in elections; that Putin clearly prefers Trump over Clinton; that all the evidence points towards the hacks being committed by the Russian government; that the Russian government, along with WikiLeaks, had the means and motive to harm Clinton and the U.S. and have thus far acted to do so; and that Russia and WikiLeaks have a suspect relationship.
Thus, taken together, there does seem to be some sort of relationship between Trump, his confidantes, and his presidential campaign on one side, and Putin, Putin-linked Russian operatives, and key Putin-and/or-Russian-oriented business and political operatives on another. It remains to be seen how direct, conscious, and centralized these relationship are, and while the sheer number of connections all but rules out sheer coincidence, the likely relationship can range from direct coordination between Putin and Trump themselves at the top, to between low-level staffers working directly or indirectly for both parties with no knowledge of or approval on the part of higher-ups; the intent, also, can range from conspiring to tilt an election and to work in the interests of Russia to simple personal enrichment on the part individuals.
More likely than not, none of these extremes are probably the case, and the truth is probably somewhere in the middle. Given everything I’ve discussed here, it’s possible that there is some sort of coordinated effort going on between Trump or people in his campaign and Putin or people associated with him. But I wouldn’t be terribly surprised we also have two groups of actors here acting mostly independently yet with common purpose. I also wouldn’t be surprised if some of Trump’s associates, especially Manafort, are part of some sort of deal (tacit or otherwise) to promote Putin’s agenda within Trump’s campaign between several staffers or just himself on one side and Putin’s agents on the other, given Manafort’s and several staffers’ histories. And it’s certainly believable—in fact, almost certain—that Putin would like to see Clinton defeated and Trump in the White House, since it would be hard to envision a leader that would or could play more into Putin’s hands than Trump.
This may yet backfire on and Trump and Putin, since the Russian interference is so obvious that it might cause more Americans to rally against Clinton, riled up by an American presidential candidate being the target of Russian intelligence operations. But that remains to be seen, and for now, America is under attack from Russia in a way never seen before, something that is an objective, bipartisan, national security issue that should concern all Americans. We may never know all the details, but one thing is for sure: this is one of the most disturbing, worrisome, and troubling developments in a year brimming with disturbing, worrisome, and troubling developments, and there must be both fierce consequences and fierce investigations because, clearly, there’s something going on, to quote Donald. Trump.