Above Image: The Kremlin, the Russian government’s power center[hr]
This story was first published on Dec. 31, 2016[hr]
There’s no standing allegation by U.S. officials that the Russians (or anyone else) “hacked” into our elections system or altered vote counts.
So what are the allegations and facts as we know them?[hr]
The FBI and DHS released a brief joint report Thursday describing “Russian Malicious Cyber Activity.” It doesn’t include forensic proof of Russian government involvement in hacking efforts, but the administration is rushing a detailed, classified report to be delivered, at President Obama’s request, prior to President Trump taking office January 20.
The joint report can be summarized this way:
- The U.S. believes two hacking groups tied to the Russian government are involved.
- The U.S. has nicknamed the hacking groups “APT28” or “Fancy Bear,” and “APT29” or “Cozy Bear.” APT stands for “Advanced Persistent Threat.”
- The U.S. believes the GRU, Russia’s military service, is behind APT28.
- The U.S. believes the FSB, Russia’s counterintelligence agency headquartered in the building of the former KGB, is behind APT29.
- The U.S. believes the groups accessed “a political party” by sending emails that tricked users into clicking links that planted malware or directed them to Russian servers.
- The U.S. believes APT29 entered into “the party’s systems” in summer 2015, and APT28 in spring 2016.
- The U.S. believes APT28 provided the stolen emails to WikiLeaks, which WikiLeaks denies.
Most of the 13-page joint report provides advice on how to secure computer networks.
Read the “Russian Malicious Cyber Activity” report
Eight Facts on the Hacks
1. The claim that the “election was hacked” is a bit of a misnomer. There’s no standing allegation by U.S. officials that the Russians (or anyone else) “hacked” into our elections system or altered vote counts. Instead, U.S. officials allege hackers connected to the government of Russian President Vladimir Putin, under his direction, stole internal emails from the Democratic National Committee (DNC) and Hillary campaign chairman John Podesta and provided them to WikiLeaks. (However, the U.S. joint report issued Thursday doesn’t mention the DNC, Podesta or WikiLeaks by name.)
[button link=”https://wikileaks.org/podesta-emails/” size=”medium” style=”tick” color=”silver”]Podesta Emails on WikiLeaks[/button]
[button link=”https://wikileaks.org/dnc-emails/” size=”medium” style=”tick” color=”silver”]DNC Emails on WikiLeaks[/button]
2. U.S. officials have not alleged that anyone falsified the emails provided to WikiLeaks.
3. U.S. intel officials have named the Russian hacking campaign “Grizzly Steppe.”
4. It seems a difficult task to prove the hacks somehow “affected the election” or “helped Donald Trump win.” For example:
- One would have to show that tens of thousands of Trump voters were planning to vote for Clinton but changed their mind based solely on the WikiLeaks emails.
- One would have to believe the emails somehow managed to only affect the electoral vote but not the popular vote (which Clinton won).
- One would have to believe the emails somehow selectively swayed voters in key swing states, but not voters in states where Clinton won.
5. WikiLeaks disputes the U.S. assessment blaming Russia for the DNC leaks. WikiLeaks founder Julian Assange says: “Our source is not the Russian government… We have U.S. intelligence saying that say they know how we got our stuff and when we got it, and us saying we didn’t get it from a state.” Former British ambassador Craig Murray backs up Assange’s version: “I know who leaked them. I’ve met the person who leaked them, and they are certainly not Russian and it’s an insider. It’s a leak, not a hack; the two are different things.”
6. The private cyber firm Crowd Strike had already determined last June that Russian agencies were behind the DNC cyberattacks.
7. There have been many serious cyberattacks reported against U.S. government institutions, but no comparable news coverage or announced U.S. retaliatory measures. For example:
- In 2015, Russian hackers attacked the State Department email system in what was called the “worst ever” cyberattack against a federal agency.
- Also in 2015, the U.S. Office of Personnel Management reported 5.6 million Americans’ fingerprints were stolen in a malicious cyberattack.
- The GAO reports that between 2006 and 2015, the number of cyberattacks climbed 1,300 percent — from 5,500 to over 77,000 a year at 24 federal agencies.
- Last March, China government hackers continued a malicious pattern of cyber attacks on U.S. government and private networks, according to U.S. Cyber Command chief Mike Rogers. China has been linked by U.S. intelligence agencies to wide-ranging cyber attacks aimed at stealing information and mapping critical computer networks for future attacks in a crisis or conflict. [quote]Despite the Chinese hacking activity, the Obama administration has taken no action against China for years of large-scale cyber attacks that officials say have cost the nation billions of dollars in stolen intellectual property and compromised networks.[/quote]
Additionally, there have been no publicly-known retaliatory actions taken by the U.S. for hostile, non-cyber foreign threats such as Chinese fighter jets buzzing U.S. warships and spy planes, and Iran detaining 10 U.S. sailors. (However, the U.S. punished the sailors.)
8. The New York Times recently quoted anonymous U.S. officials who said they concluded Russians hacked the Republican National Committee (RNC), but did not release the information to WikiLeaks, proving that the intent was to help Trump. However, the RNC states that its network systems were not successfully hacked. The Times also anonymously quoted a senior government official who said attempts to penetrate the RNC were not successful.[hr]
Preorder The Smear, the sequel to my NYT bestseller Stonewalled.
Watch my weekly Sunday TV program Full Measure.
Thanks Sharyl. Once again you have the facts without the BS.
I wonder if the Russians could have breached the DNC and Podesta’s emails but NOT been the source for wikileaks.
What if, like wikileaks claims, some unhappy Sanders supporter leaked the emails? Does the the US have any evidence connecting the Russians to wikileaks, or are they assumed to be the source?
Like Seth Rich?
This is a great article, well done, great summary of the available information. Phishing e-mails sent to unclassified networks to insufficiently trained users is still any organization’s biggest vulnerability, followed by insider threat. I must take exception to your fourth point. The degree to which voters were or were not swayed by these disclosures is clearly a matter of degree; these e-mails might have been sufficient to sway some and not others. Also the Electoral College is – in a general sense – a form of popular vote… state by state; it is misleading to stay “One would have to believe the emails somehow managed to only affect the electoral vote but not the popular vote (which Clinton won).” I think that the DNC is resting much of their protestations on the fact that the GOP was not similarly exposed. Your other points are spot on.
Hi Sharyl.
It should also be pointed out that the same agencies which now claim the Russians hacked the DNC server have also asserted that the private Clinton email server wasn’t penetrated. Is it really credible to believe a foreign adversary would pass up the unsecured confidential correspondence of the Sec. of State in favor of mundane political gossip?
That is an great point that I never thought of before!
This Administration orchestrated accusation has had all the lasting impact of a swoon. The only people who care are the ones involved. Out here in the deplorable universe it is another micro meteorite going to ashes. SA has presented here the only credible and succinct examination of the debris field I have come across. It is keenly interesting to see how the many elements connect here and one is left with the secure feeling that yet again manipulation of reality was the primary objective by the Administration.. Nice work SA.
Excellent overview and I have tremendous respect for your work, but… point 4 is weak.
E.g., “4. It seems a difficult task to prove the hacks somehow “affected the election” or “helped Donald Trump win.”
Well, they didn’t help, and there is a zero-sum dynamic here. Hillary’s collapse at the 9/11 ceremony, and subsequent pneumonia cover-up, surely hurt Hillary, but can anyone “prove” that that was the straw that broke the camel’s back? It took the cumulative impact of lots of straws for Hillary to squander her cash and media advantages.
As to
“One would have to believe the emails somehow managed to only affect the electoral vote but not the popular vote (which Clinton won).
One would have to believe the emails somehow selectively swayed voters in key swing states, but not voters in states where Clinton won.’
Why can’t I simply believe that WikiLeaks depressed Hillary’s vote totals everywhere, turning narrow wins into narrow losses and blow-out wins into easy wins?
right. the scenarios I posed were intended as examples of the sorts of knowledge one would need to “prove” Russia “hacked the elections.” Nobody has proven these things yet the claims are being made.
The APT 28 and 29 hacks began in 2015 when Few People thought Trump would win the GOP nomination so the claim the intent was to elect Trump is nonsense
Thanks for putting all this together. I noticed last night that NBC didn’t use the term “”hacked the election”, but instead referred to “hacking during the campaign”. Maybe they got pushback.
nice to see real reporting and investigation, not copying what another person wrote
Both of the “hacks” were well before Trump was the Republican nominee, so it’s hard to see how they were designed to help him.
The whole Russian Hack has been and continues to be, a diversion to keep American’s minds and thoughts on anything other than the invasion taking place at our borders. With the help of Media, the Democrat Party, and both the GOP Senate and House, this diversion has been working wonderfully.
Dear Ms. Attkisson: In my opinion, your Fact #4 is a weak argument. I believe that ALL of those hard-to-believe points DID truly happened…the information spread by WikiLeaks DID open many undecided and independent voters eyes to the truth of Clinton and the DNC.
However, the salient point is NOT that “malicious activity by Russia” changed their votes, it was that finally obtaining the knowledge of the TRUTH about the “malicious Clinton/DNC machine” changed their votes.
Those were intended as examples of what we would have to know rather than arguments. To briefly elaborate, we would then have to know that those things outweighed the incorrect news coverage (which was much broader) about Trump on several key matters, and then we would have to know which affected more people etc. (to make the claim that Russia helped Trump win). In fact, people are making the claim without the knowledge necessary to make it.
Sharply Atkisson is a national treasure. Thank you for your courage and diligence.
It seems you were punished for being a truth-telling, unbiased reporter who refused to become a sycophant. As a result you and your reporting have superior credibility.
Such clear and clean analysis! In this time where I see so many irrational arguments, sadly, from a lot of ‘smart’ women I’ve known, I find it refreshingly reassuring to hear your thoughts.
Thank you for the summary. You prove once again to be one of the best sources of *reliable* information on the web!
Sharyl, thank you for your in depth research. Once again, your findings set the record straight..TRUTH wins out…
If the US Intelligence Community is so goo, then why is Anonymous not in jail?
Ms. Attkisson,
Thank you for keeping us informed with your true and accurate journalism. You are truly the epitome of what a journalist should be. I’ve read all your books and I watch Full Measure every Sunday morning. In my eyes you are a warrior fighting for the truth. Again, thank you!
Warmly,
Gail Fleming
You pointed out one thing in item 8 that may be the key to this. There’s a big difference between attempting a system crack and succeeding at cracking a system (sorry, I don’t like the word ‘hack’ used in this context – all coders are hackers, but not crackers). I work in the IT world of web site and system security, and thousands of attempts to crack into the most benign systems are attempted daily. Most fail.
There’s nothing secret about both Russian and Chinese attempts at getting into US systems of all types; this has been the case for decades. And some government systems have been sorely lacking in even the most fundamental security practices (the OPM crack is a prime example). But you can have a ton of digital evidence of attempted breaches and not have a byte of evidence that any information was actually accessed or taken.
That being said, I tend to believe Assange and others who claim these were leaks, not cracks, and that the data was provided as a way to keep an unlikable candidate from succeeding at winning the presidency.
What I find particularly ironic about all this is that the smartest candidate ever wasn’t bright enough to figure out what Mr. Trump did: that focusing your campaigning on specific states to convince voters that his platform was superior and winning those states, even by narrow margins, would be enough to put him over the top. Had people paid more attention to that then to this straw man of Russian intrusion and illicit data mining, there would have been a lot fewer surprised “experts” on election night.
Keep up the terrific work.
Sharyl Attkisson is splendid.
I do not care who released the information, no one has said that the data is not true. Secrets beg to see the light of day. It is very frustrating to find out incompetent government officials and staffers get to decide what the general population is wise enough to know. Hooray for the leakers.
The most interesting part of this whole thing is the fact that nobody in the DNC or Ms. Clinton’s campaign has even tried to dispute the accuracy of the leaks. From what I can tell, the only thing they’ve been objecting to is having their private correspondence made public without their consent. I don’t know if they don’t see anything wrong with what they were doing or if they simply assumed that nobody would believe any denials that they issued. In either case, it says quite a bit about them, none of it good.