New Report Says Russian Hacking Came From Russia

Fight disinformation: Sign up for the free Mother Jones Daily newsletter and follow the news that matters.


Today the FBI and the Department of Homeland Security released a joint report directly accusing the Russians of hacking into the servers of “a U.S. political party,” including a spearphishing campaign “launched as recently as November 2016, just days after the U.S. election.” I’m not quite sure why they’re being so precious about naming the DNC, which has gotten several miles of press coverage, but the ways of intelligence organizations are mysterious:

This document provides technical details regarding the tools and infrastructure used by the Russian civilian and military intelligence Services (RIS) to compromise and exploit networks and endpoints associated with the U.S. election….This activity by RIS is part of an ongoing campaign of cyber-enabled operations directed at the U.S. government and its citizens.

The report doesn’t actually say an awful lot about how they know this hacking comes from Russia, but it does include one bit of signature code to watch out for. We also learn about lots of funky code names for Russian hacking operations:

APT28, APT29, Agent.btz, BlackEnergy V3, BlackEnergy2 APT, CakeDuke, Carberp, CHOPSTICK, CloudDuke, CORESHELL, CosmicDuke, COZYBEAR, COZYCAR, COZYDUKE, CrouchingYeti, DIONIS, Dragonfly, Energetic Bear, EVILTOSS, Fancy Bear, GeminiDuke, GREY CLOUD, HammerDuke, HAMMERTOSS, Havex, MiniDionis, MiniDuke, OLDBAIT, OnionDuke, Operation Pawn Storm, PinchDuke, Powershell backdoor, Quedagh, Sandworm, SEADADDY, Seaduke, SEDKIT, SEDNIT, Skipper, Sofacy, SOURFACE, SYNful Knock, Tiny Baron, Tsar Team, twain_64.dll, VmUpgradeHelper.exe, Waterbug, X-Agent

So what are we going to do about this? Here’s the New York Times:

The Obama administration struck back at Russia on Thursday for its efforts to influence the 2016 election, ejecting 35 Russian intelligence operatives from the United States and imposing sanctions on Russia’s two leading intelligence services.

The administration also sanctioned four top officers of one of those services, the military intelligence unit known as the G.R.U., which the White House believes ordered the attacks on the Democratic National Committee and other political organizations….In addition, the State Department announced the closing of two “recreational facilities” — one in New York, another in Maryland — that it said were used for Russian intelligence activities, although officials would not say whether they were specifically used in the election-related hacks.

This brings back memories, doesn’t it? It’s just like the Cold War, and Russia will no doubt expel 35 Americans in a few days. However, this also puts Donald Trump on the spot. Will he reverse the sanctions on GRU when he takes office? It’s one thing to do nothing and hope everyone forgets about it, but it’s quite another to actively reverse sanctions that are based on the conclusions of our own intelligence agencies. What are you gonna do, Donald?

DONALD TRUMP & DEMOCRACY

Mother Jones was founded to do journalism differently. We stand for justice and democracy. We reject false equivalence. We go after stories others don’t. We’re a nonprofit newsroom, because the kind of truth-telling investigations we do doesn’t happen under corporate ownership.

And we need your support like never before, to fight back against the existential threats American democracy faces. Fundraising for nonprofit media is always a challenge, and we need all hands on deck right now. We have no cushion; we leave it all on the field.

It’s reader support that enables Mother Jones to report the facts that are too difficult, expensive, or inconvenient for other news outlets to uncover. Please help with a donation today if you can—even a few bucks will make a real difference. A monthly gift would be incredible.

payment methods

DONALD TRUMP & DEMOCRACY

Mother Jones was founded to do journalism differently. We stand for justice and democracy. We reject false equivalence. We go after stories others don’t. We’re a nonprofit newsroom, because the kind of truth-telling investigations we do doesn’t happen under corporate ownership.

And we need your support like never before, to fight back against the existential threats American democracy faces. Fundraising for nonprofit media is always a challenge, and we need all hands on deck right now. We have no cushion; we leave it all on the field.

It’s reader support that enables Mother Jones to report the facts that are too difficult, expensive, or inconvenient for other news outlets to uncover. Please help with a donation today if you can—even a few bucks will make a real difference. A monthly gift would be incredible.

payment methods

We Recommend

Latest

Sign up for our free newsletter

Subscribe to the Mother Jones Daily to have our top stories delivered directly to your inbox.

Get our award-winning magazine

Save big on a full year of investigations, ideas, and insights.

Subscribe

Support our journalism

Help Mother Jones' reporters dig deep with a tax-deductible donation.

Donate