The FBI warned the Clinton campaign and dozens of lawmakers in recent months that they were being targeted by hackers, according to people familiar with the discussions.
There is no evidence that those hacks were successful. But the FBI’s warning came weeks before The Washington Post reported that Russian hackers had twice broken into computers at the Democratic National Committee, underscoring concerns of national security experts that foreign adversaries might be trying to influence the presidential election.
Those fears burst onto the public stage this week as Democrats gathered in Philadelphia for their national convention in the wake of Friday’s release of thousands of damaging emails on the website WikLeaks. The embarrassing emails spurred the resignation of the party chairwoman and marred a carefully orchestrated opening of the Democrats’ convention.
Activists and campaign officials, anxious about what leaks may be yet to come, also worried about the alleged involvement of the Russian government, with campaign officials suggesting that the Kremlin was releasing the documents to damage Clinton’s candidacy. National security experts, while cautious about leaping to premature conclusions, warned of the possibility of a startling escalation in an ongoing cyberwar.
If the Russians were behind the leaks, said former CIA director Michael Hayden, “they’re clearly taking their game to another level. It would be weaponizing information.” He added: “You don’t want a foreign power affecting your election. We have laws against that.”
On Monday, the FBI formally acknowledged that it is looking into the DNC hack. The agency has been probing the matter for months and on Monday said publicly that it will “investigate and hold accountable those who pose a threat in cyberspace.” The FBI announcement followed the stunning allegation by the Clinton campaign Sunday that the Russian government was behind the release of damaging documents on the WikiLeaks website as part of a ploy to help Republican nominee Donald Trump.
Trump’s campaign manager, Paul Manafort, called the suggestions “absurd” and suggested that Democrats were looking to shift attention away from damaging information about the party’s conduct during the primary campaign.
On Monday, fallout from the hack also reverberated at the Kremlin, where a spokesman declined to comment on the hack except to refer reporters to comments by Trump’s son, Don Jr., calling the allegations part of a pattern of “lie after lie.”
“Mr. Trump Jr. has already strongly responded” to the Clinton campaign’s claims, the Russian spokesman said, according to the news agency Tass.
The founder of WikiLeaks and its current top editor, Julian Assange, told the Democracy Now radio show Monday that he would not discuss the source of the data.
“In relation to sourcing, I can say some things. (A), we never reveal our sources, obviously. That’s what we pride ourselves on. And we won’t in this case, either. But no one knows who our source is.” Assange has said the release Friday was the first in a series.
U.S. law enforcement and intelligence experts acknowledge they are taking the claim seriously but cautioned Monday that they have reached no conclusions.
The FBI is focusing on the Russian military intelligence agency, the GRU, and investigating whether it was responsible for passing the emails to WikiLeaks, according to individuals familiar with the investigation.
The GRU is one of two Russian spy agencies that apparently compromised the DNC’s computer systems, according to CrowdStrike, a cyber-firm that investigated the breach this spring on behalf of the DNC.
The GRU, which broke into the DNC’s computers in late April, also stole opposition research files on Trump, according to CrowdStrike.
Another Russian spy agency, the FSB, or an affiliate, had penetrated the DNC’s computers last summer and was monitoring DNC email and chat traffic, CrowdStrike said.
The FBI is trying to determine with certainty whether Russian intelligence passed the emails to WikiLeaks.
That line of inquiry probably will involve intelligence agencies such as the National Security Agency and the CIA, which might be able to pick up intercepts or gather intelligence overseas, according to intelligence experts.
A big question looming over the investigation is what, if anything, should be done if it is shown that Russian intelligence is responsible for the leak.
The email releases continued to cause anxiety among Democratic officials as the party gathered for its convention in Philadelphia.
Most unnerving to activists here is the uncertainty over what may come next.
Former Senate majority leader Tom Daschle told The Post that his email account was hacked recently, but he said he had no indication that the hack originated overseas or was a matter of concern to law enforcement.
Former White House chief of staff William M. Daley, attending the convention, called the Russian hack of DNC emails “pretty frightening.”
Given Russia’s sophistication in this realm, Daley said that it would be reasonable to conclude that President Vladimir Putin and his government are behind the email leak in an effort to undermine Hillary Clinton’s candidacy.
“I don’t think anybody would be surprised if Putin would try to affect the election,” Daley said in an interview Monday. “That’s like the old ‘Casablanca’ – there’s gambling in the casino. It doesn’t surprise me at all. Period. I think anybody who dismisses that is living in fairy land here.”
Steve Elmendorf, a lobbyist and former aide to House Democratic leader Dick Gephardt, said the link to Russia was particularly concerning and yet not surprising given its concerted effort to infiltrate various arms of the U.S. government.
Washington lobbyist Tony Podesta said he expects hacks of private information in the digital age.
“I assume that all private information is public – it’s the safest way to live,” he said.
John Cordisco, a former member of the Pennsylvania House of Representatives and the current chairman of the Bucks County Democratic Party with long-standing ties to Democratic donors across the state, said the consequence of the breach is that any personal information transmitted through the Internet could become compromised.
“Anyone would be worried,” he said about the chilling effect on donations.
Podesta cautioned party officials to be more careful about how they communicate about donors, given the risk of exposure.
“Everything you say can and will be used against you,” he said with a grin.
While federal agencies would not discuss their response in any detail, former government intelligence officials offered insight in to what is happening. Michael G. Vickers, who served as undersecretary of defense for intelligence from 2011 to 2015, said the approach would probably include three steps involving multiple federal agencies. First, there would be an effort by the FBI, assisted by other intelligence agencies, to nail down “attribution,” the identity of the hackers, by looking for telltale bits of identifying code that are left when such breaches occur. Second, he said, there would be discussion among interagency experts “about the intelligence, the timing of the attack, and the release of the information.” Was information collected just to gain intelligence, to influence policy or politics, or as a “destructive act”? Third, he said, there would careful deliberations about how to respond.
Vickers was at the Defense Department in 2014 when the most recent destructive cyberattack occurred, one against Sony Pictures apparently initiated by North Korea. Responses could range from a diplomatic wrist slap or warning to countermeasures. Of course, the federal investigators first need to determine that the hack was indeed conducted by the Russians.
In the case of Sony, the administration imposed economic sanctions on North Korea in response to the attack. Later, President Obama signed an executive order establishing a program that enables officials to impose economic sanctions specifically in response to significant cyber-incidents. That tool has not yet been used.
(c) 2016, The Washington Post · Tom Hamburger, Ellen Nakashima