Article Lead Image

Photo via President of Russia

U.S. intelligence sources point to Russian hacking far beyond DNC

'The law firms will be hacked, the insurance companies will be hacked, because that’s where all the information is.'

 

Patrick Howell O'Neill

Tech

Posted on Sep 28, 2016   Updated on May 25, 2021, 10:09 pm CDT

While Republican presidential candidate Donald Trump continues to cast doubt on the charge that the Russian government is hacking major U.S. targets, the American intelligence community is looking at a wide scope of Moscow-sponsored cyberattacks extending far beyond ultra-high-profile targets like the Democratic National Committee.

Even in the political realm, where public allegations against Russian government hacking and leaking include some of the biggest targets in the country, the true scope of the hacking touches many more victims, according to U.S intelligence officials who spoke to the Daily Dot on the condition of anonymity.

Hacking against political targets is an international pastime widely accepted as normal from Washington to Beijing. Third-party firms of all sizes that support U.S. institutions—ranging from the data and analytics companies to public relations firms and beyond—have virtually all been targeted. Numerous firms have been successfully breached, a person familiar with the matter said.

These companies make high-value targets because of the sheer amount of sensitive information they posses.

“We’ve seen this in trade negotiations and in lawsuits against major firms in other countries,” Ari Schwartz, the former senior director for cybersecurity on the United States National Security Council staff at the White House, said. 

“A PR firm for a campaign is a perfect target. A law firm for a campaign is a perfect target.”

“The law firms will be hacked, the insurance companies will be hacked, because that’s where all the information is,” Schwartz added. “What they’re trying to get to is the documents these campaigns put out. So a PR firm for a campaign is a perfect target. A law firm for a campaign is a perfect target.”

Schwartz, now a cybersecurity director at Venable, added that the firms are “soft” targets, meaning they’re relatively easy to hack. And then he laughed. 

“In this case, the campaigns are pretty soft targets themselves.”

The Russians are American officials’ top suspect in the recently disclosed hack of Yahoo that exposed 500 million user accounts, according to a person familiar with the matter. Yahoo publicly blamed the hack—the largest data breach in history—on a “state-sponsored actor.” While the firm did not name a specific country, a recent Wall Street Journal report attributed a 2014 hack against Yahoo to Russians as well.

Broad political and commercial targets have proven fair game for an ongoing cyber conflict between Moscow and Washington that American officials readily admit goes both ways.

“Just taking the Russia part of it out, if you’re a sophisticated state intelligence agency and you’re not collecting information on prominent politicians in other countries, you’re guilty of malpractice,” Michael McNerney, a former cyber policy advisor to the Secretary of Defense, said. “No question that is going on and everybody is doing it.”

The crucial difference in this brand of espionage—which American officials compare to the old KGB’s disinformation campaigns—is the very loud and public leaking of documents designed to influence American elections.

“They’ve tried to weaponize this information and conduct a form of information warfare,” McNerney, now the CEO at the cybersecurity firm Efflux Systems, explained.

Even though many U.S. intelligence agencies privately blame Russian state-sponsored hackers for a vast front of attacks against political targets—many of which came to light this year but have been ongoing for far longer than that—American officials also know that almost all of these companies have been attacked, at times successfully, by numerous other adversaries.

These kinds of cyberattacks are inevitable and, in the world of intelligence and hacking, they are widely considered acceptable.

Campaigns are regular targets of cyberattacks and have been for many elections. U.S. intelligence officials said both the Obama and McCain campaigns were hacked by Chinese attackers in 2008.

Since then, U.S. intelligence agencies have worked with campaigns and elected politicians to investigate attacks and thwart future breaches. Elected U.S. politicians have been among those who have had their data successfully hacked, according to a source familiar with the matter. 

The FBI is currently investigating suspected attempted hacks of Democratic Party mobile phones by Russian state-sponsored hackers, according to a Tuesday report by Reuters.

“It is known and has been known that campaigns are targets,” Schwartz said. “There are more hackers out there, definitely, but there are also more tools to find it and people are seeing it more, too. The combination of those two make it seem like the numbers are going to exponentially and scare the public. But this has been going on.”

Contact the author: Patrick Howell O’Neill, pat@dailydot.com

Share this article
*First Published: Sep 28, 2016, 6:30 am CDT