New Report Says Russian Hacking Came From Russia


Today the FBI and the Department of Homeland Security released a joint report directly accusing the Russians of hacking into the servers of “a U.S. political party,” including a spearphishing campaign “launched as recently as November 2016, just days after the U.S. election.” I’m not quite sure why they’re being so precious about naming the DNC, which has gotten several miles of press coverage, but the ways of intelligence organizations are mysterious:

This document provides technical details regarding the tools and infrastructure used by the Russian civilian and military intelligence Services (RIS) to compromise and exploit networks and endpoints associated with the U.S. election….This activity by RIS is part of an ongoing campaign of cyber-enabled operations directed at the U.S. government and its citizens.

The report doesn’t actually say an awful lot about how they know this hacking comes from Russia, but it does include one bit of signature code to watch out for. We also learn about lots of funky code names for Russian hacking operations:

APT28, APT29, Agent.btz, BlackEnergy V3, BlackEnergy2 APT, CakeDuke, Carberp, CHOPSTICK, CloudDuke, CORESHELL, CosmicDuke, COZYBEAR, COZYCAR, COZYDUKE, CrouchingYeti, DIONIS, Dragonfly, Energetic Bear, EVILTOSS, Fancy Bear, GeminiDuke, GREY CLOUD, HammerDuke, HAMMERTOSS, Havex, MiniDionis, MiniDuke, OLDBAIT, OnionDuke, Operation Pawn Storm, PinchDuke, Powershell backdoor, Quedagh, Sandworm, SEADADDY, Seaduke, SEDKIT, SEDNIT, Skipper, Sofacy, SOURFACE, SYNful Knock, Tiny Baron, Tsar Team, twain_64.dll, VmUpgradeHelper.exe, Waterbug, X-Agent

So what are we going to do about this? Here’s the New York Times:

The Obama administration struck back at Russia on Thursday for its efforts to influence the 2016 election, ejecting 35 Russian intelligence operatives from the United States and imposing sanctions on Russia’s two leading intelligence services.

The administration also sanctioned four top officers of one of those services, the military intelligence unit known as the G.R.U., which the White House believes ordered the attacks on the Democratic National Committee and other political organizations….In addition, the State Department announced the closing of two “recreational facilities” — one in New York, another in Maryland — that it said were used for Russian intelligence activities, although officials would not say whether they were specifically used in the election-related hacks.

This brings back memories, doesn’t it? It’s just like the Cold War, and Russia will no doubt expel 35 Americans in a few days. However, this also puts Donald Trump on the spot. Will he reverse the sanctions on GRU when he takes office? It’s one thing to do nothing and hope everyone forgets about it, but it’s quite another to actively reverse sanctions that are based on the conclusions of our own intelligence agencies. What are you gonna do, Donald?

OUR NEW CORRUPTION PROJECT

The more we thought about how MoJo's journalism can have the most impact heading into the 2020 election, the more we realized that so many of today's stories come down to corruption: democracy and the rule of law being undermined by the wealthy and powerful for their own gain.

So we're launching a new Mother Jones Corruption Project to do deep, time-intensive reporting on systemic corruption. We aim to hire, build a team, and give them the time and space needed to understand how we got here and how we might get out. We'll publish what we find as a major series in the summer of 2020, including a special issue of our magazine, a dedicated online portal, and video and podcast series so it doesn't get lost in the daily deluge of breaking news.

It's unlike anything we've done before and we've got seed funding to get started, but we're asking readers to help crowdfund this new beat with an additional $500,000 so we can go even bigger. You can read why we're taking this approach and what we want to accomplish in "Corruption Isn't Just Another Scandal. It's the Rot Beneath All of Them," and if you like how it sounds, please help fund it with a tax-deductible donation today.

We Recommend

Latest

Sign up for our newsletters

Subscribe and we'll send Mother Jones straight to your inbox.

Get our award-winning magazine

Save big on a full year of investigations, ideas, and insights.

Subscribe

Support our journalism

Help Mother Jones' reporters dig deep with a tax-deductible donation.

Donate