New Report Says Russian Hacking Came From Russia

For indispensable reporting on the coronavirus crisis and more, subscribe to Mother Jones' newsletters.


Today the FBI and the Department of Homeland Security released a joint report directly accusing the Russians of hacking into the servers of “a U.S. political party,” including a spearphishing campaign “launched as recently as November 2016, just days after the U.S. election.” I’m not quite sure why they’re being so precious about naming the DNC, which has gotten several miles of press coverage, but the ways of intelligence organizations are mysterious:

This document provides technical details regarding the tools and infrastructure used by the Russian civilian and military intelligence Services (RIS) to compromise and exploit networks and endpoints associated with the U.S. election….This activity by RIS is part of an ongoing campaign of cyber-enabled operations directed at the U.S. government and its citizens.

The report doesn’t actually say an awful lot about how they know this hacking comes from Russia, but it does include one bit of signature code to watch out for. We also learn about lots of funky code names for Russian hacking operations:

APT28, APT29, Agent.btz, BlackEnergy V3, BlackEnergy2 APT, CakeDuke, Carberp, CHOPSTICK, CloudDuke, CORESHELL, CosmicDuke, COZYBEAR, COZYCAR, COZYDUKE, CrouchingYeti, DIONIS, Dragonfly, Energetic Bear, EVILTOSS, Fancy Bear, GeminiDuke, GREY CLOUD, HammerDuke, HAMMERTOSS, Havex, MiniDionis, MiniDuke, OLDBAIT, OnionDuke, Operation Pawn Storm, PinchDuke, Powershell backdoor, Quedagh, Sandworm, SEADADDY, Seaduke, SEDKIT, SEDNIT, Skipper, Sofacy, SOURFACE, SYNful Knock, Tiny Baron, Tsar Team, twain_64.dll, VmUpgradeHelper.exe, Waterbug, X-Agent

So what are we going to do about this? Here’s the New York Times:

The Obama administration struck back at Russia on Thursday for its efforts to influence the 2016 election, ejecting 35 Russian intelligence operatives from the United States and imposing sanctions on Russia’s two leading intelligence services.

The administration also sanctioned four top officers of one of those services, the military intelligence unit known as the G.R.U., which the White House believes ordered the attacks on the Democratic National Committee and other political organizations….In addition, the State Department announced the closing of two “recreational facilities” — one in New York, another in Maryland — that it said were used for Russian intelligence activities, although officials would not say whether they were specifically used in the election-related hacks.

This brings back memories, doesn’t it? It’s just like the Cold War, and Russia will no doubt expel 35 Americans in a few days. However, this also puts Donald Trump on the spot. Will he reverse the sanctions on GRU when he takes office? It’s one thing to do nothing and hope everyone forgets about it, but it’s quite another to actively reverse sanctions that are based on the conclusions of our own intelligence agencies. What are you gonna do, Donald?

Thank you!

We didn't know what to expect when we told you we needed to raise $400,000 before our fiscal year closed on June 30, and we're thrilled to report that our incredible community of readers contributed some $415,000 to help us keep charging as hard as we can during this crazy year.

You just sent an incredible message: that quality journalism doesn't have to answer to advertisers, billionaires, or hedge funds; that newsrooms can eke out an existence thanks primarily to the generosity of its readers. That's so powerful. Especially during what's been called a "media extinction event" when those looking to make a profit from the news pull back, the Mother Jones community steps in.

The months and years ahead won't be easy. Far from it. But there's no one we'd rather face the big challenges with than you, our committed and passionate readers, and our team of fearless reporters who show up every day.

Thank you!

We didn't know what to expect when we told you we needed to raise $400,000 before our fiscal year closed on June 30, and we're thrilled to report that our incredible community of readers contributed some $415,000 to help us keep charging as hard as we can during this crazy year.

You just sent an incredible message: that quality journalism doesn't have to answer to advertisers, billionaires, or hedge funds; that newsrooms can eke out an existence thanks primarily to the generosity of its readers. That's so powerful. Especially during what's been called a "media extinction event" when those looking to make a profit from the news pull back, the Mother Jones community steps in.

The months and years ahead won't be easy. Far from it. But there's no one we'd rather face the big challenges with than you, our committed and passionate readers, and our team of fearless reporters who show up every day.

We Recommend

Latest

Sign up for our newsletters

Subscribe and we'll send Mother Jones straight to your inbox.

Get our award-winning magazine

Save big on a full year of investigations, ideas, and insights.

Subscribe

Support our journalism

Help Mother Jones' reporters dig deep with a tax-deductible donation.

Donate

We have a new comment system! We are now using Coral, from Vox Media, for comments on all new articles. We'd love your feedback.