DNC Cyber Attacks
   HOME

TheInfoList



OR:

The Democratic National Committee cyber attacks took place in 2015 and 2016, in which two groups of Russian
computer hackers A security hacker or security researcher is someone who explores methods for breaching or bypassing defenses and exploiting weaknesses in a computer system or network. Hackers may be motivated by a multitude of reasons, such as profit, prot ...
infiltrated the
Democratic National Committee The Democratic National Committee (DNC) is the principal executive leadership board of the United States's Democratic Party (United States), Democratic Party. According to the party charter, it has "general responsibility for the affairs of the ...
(DNC)
computer network A computer network is a collection of communicating computers and other devices, such as printers and smart phones. In order to communicate, the computers and devices must be connected by wired media like copper cables, optical fibers, or b ...
, leading to a
data breach A data breach, also known as data leakage, is "the unauthorized exposure, disclosure, or loss of personal information". Attackers have a variety of motives, from financial gain to political activism, political repression, and espionage. There ...
.
Cybersecurity Computer security (also cybersecurity, digital security, or information technology (IT) security) is a subdiscipline within the field of information security. It consists of the protection of computer software, systems and networks from thr ...
experts, as well as the U.S. government, determined that the
cyberespionage Cyber espionage, cyber spying, or cyber-collection is the act or practice of obtaining secrets and information without the permission and knowledge of the holder of the information using methods on the Internet, networks or individual computers th ...
was the work of Russian intelligence agencies. Forensic evidence analyzed by several cybersecurity firms,
CrowdStrike CrowdStrike Holdings, Inc. is an American cybersecurity technology company based in Austin, Texas. It provides endpoint security, threat intelligence, and cyberattack response services. The company has been involved in investigations of seve ...
, Fidelis, and
Mandiant Mandiant, Inc. is an American cybersecurity firm and a subsidiary of Google. Mandiant received attention in February 2013 when it released a report directly implicating China in cyber espionage. In December 2013, Mandiant was acquired by FireE ...
(or
FireEye Trellix (formerly FireEye and McAfee Enterprise) is a privately held cybersecurity company that was founded in 2022. It provides hardware, software, and services to investigate cybersecurity attacks, protect against malicious software, and ana ...
), strongly indicated that two
Russian Russian(s) may refer to: *Russians (), an ethnic group of the East Slavic peoples, primarily living in Russia and neighboring countries *A citizen of Russia *Russian language, the most widely spoken of the Slavic languages *''The Russians'', a b ...
intelligence agencies separately infiltrated the DNC computer systems. CrowdStrike, which removed the hacking programs, revealed a history of encounters with both groups and had already named them, calling one of them
Cozy Bear Cozy Bear is a Russian advanced persistent threat hacker group believed to be associated with intelligence agencies of Russia, Russian foreign intelligence by United States Intelligence Community, United States intelligence agencies and those o ...
and the other
Fancy Bear Fancy Bear is a Russian cyber espionage group. American cybersecurity firm CrowdStrike has stated with a medium level of confidence that it is associated with the Russian military intelligence agency GRU. The UK's Foreign and Commonwealth Offic ...
, names which are used in the media. On December 9, 2016, the
CIA The Central Intelligence Agency (CIA; ) is a civilian foreign intelligence service of the federal government of the United States tasked with advancing national security through collecting and analyzing intelligence from around the world and ...
told U.S. legislators that the U.S. Intelligence Community had concluded Russia conducted the cyberattacks and other operations during the 2016 U.S. election to assist
Donald Trump Donald John Trump (born June 14, 1946) is an American politician, media personality, and businessman who is the 47th president of the United States. A member of the Republican Party (United States), Republican Party, he served as the 45 ...
in winning the presidency. Multiple U.S. intelligence agencies concluded that specific individuals tied to the Russian government provided WikiLeaks with stolen emails from the DNC, as well as stolen emails from
Hillary Clinton Hillary Diane Rodham Clinton ( Rodham; born October 26, 1947) is an American politician, lawyer and diplomat. She was the 67th United States secretary of state in the administration of Barack Obama from 2009 to 2013, a U.S. senator represent ...
's campaign chairman, who was also the target of a cyberattack. These intelligence organizations additionally concluded Russia hacked the
Republican National Committee The Republican National Committee (RNC) is the primary committee of the Republican Party of the United States. Its members are chosen by the state delegations at the national convention every four years. It is responsible for developing and pr ...
(RNC) as well as the DNC, but chose not to leak information obtained from the RNC.


Cyber attacks and responsibility

Cyber attacks that successfully penetrated the DNC computing system began in 2015. Attacks by "Cozy Bear" began in the summer of 2015. Attacks by "Fancy Bear" began in April 2016. It was after the "Fancy Bear" group began their activities that the compromised system became apparent. The groups were presumed to have been spying on communications, stealing
opposition research In politics, opposition research (also called oppo research) is the practice of collecting information on a political opponent or other adversary that can be used to discredit or otherwise weaken them. The information can include biographical, l ...
on
Donald Trump Donald John Trump (born June 14, 1946) is an American politician, media personality, and businessman who is the 47th president of the United States. A member of the Republican Party (United States), Republican Party, he served as the 45 ...
, as well as reading all
email Electronic mail (usually shortened to email; alternatively hyphenated e-mail) is a method of transmitting and receiving Digital media, digital messages using electronics, electronic devices over a computer network. It was conceived in the ...
and chats. Both were finally identified by CrowdStrike in May 2016. Both groups of intruders were successfully expelled from the DNC systems within hours after detection. These attacks were part of a group of attacks targeting U.S. government departments and several political organizations, including 2016 campaign organizations. On July 22, 2016, a person or entity going by the moniker " Guccifer 2.0" claimed on a
WordPress WordPress (WP, or WordPress.org) is a web content management system. It was originally created as a tool to publish blogs but has evolved to support publishing other web content, including more traditional websites, electronic mailing list, ma ...
-hosted blog to have been acting alone in hacking the DNC. He also claimed to send significant amounts of stolen electronic DNC documents to
WikiLeaks WikiLeaks () is a non-profit media organisation and publisher of leaked documents. It is funded by donations and media partnerships. It has published classified documents and other media provided by anonymous sources. It was founded in 2006 by ...
. WikiLeaks has not revealed the source for their leaked emails. However,
cybersecurity Computer security (also cybersecurity, digital security, or information technology (IT) security) is a subdiscipline within the field of information security. It consists of the protection of computer software, systems and networks from thr ...
experts and firms, including
CrowdStrike CrowdStrike Holdings, Inc. is an American cybersecurity technology company based in Austin, Texas. It provides endpoint security, threat intelligence, and cyberattack response services. The company has been involved in investigations of seve ...
, Fidelis Cybersecurity,
Mandiant Mandiant, Inc. is an American cybersecurity firm and a subsidiary of Google. Mandiant received attention in February 2013 when it released a report directly implicating China in cyber espionage. In December 2013, Mandiant was acquired by FireE ...
,
SecureWorks Secureworks Inc. is an American cybersecurity company. The company has approximately 4,000 customers in more than 50 countries, ranging from Fortune 100 companies to mid-sized businesses in a variety of industries. It became part of Dell, Dell ...
,
ThreatConnect ThreatConnect is a cyber-security firm based in Arlington, Virginia. They provide a Threat Intelligence Platform for companies to aggregate and act upon threat intelligence. History The firm was founded in 2011 as Cyber Squared Inc. by Adam Vinc ...
, and the editor for
Ars Technica ''Ars Technica'' is a website covering news and opinions in technology, science, politics, and society, created by Ken Fisher and Jon Stokes in 1998. It publishes news, reviews, and guides on issues such as computer hardware and software, sci ...
, have rejected the claims of "Guccifer 2.0" and have determined, on the basis of substantial evidence, that the cyberattacks were committed by two Russian state-sponsored groups (Cozy Bear and Fancy Bear). According to separate reports in ''The New York Times'' and ''The Washington Post'', U.S. intelligence agencies have concluded with "high confidence" that the Russian government was behind the theft of emails and documents from the DNC.Ellen Nakashima
Is there a Russian master plan to install Trump in the White House? Some intelligence officials are skeptical
''New York Times'' (July 27, 2016).
While the U.S. intelligence community has concluded that Russia was behind the cyberattack, intelligence officials told ''The Washington Post'' that they had "not reached a conclusion about who passed the emails to WikiLeaks" and so did not know "whether Russian officials directed the leak." A number of experts and cybersecurity analysts believe that "Guccifer 2.0" is probably a Russian government disinformation cover story to distract attention away from the DNC breach by the two Russian intelligence agencies. Note:
Dmitri Alperovitch Dmitri Alperovitch (; born 1980) is an American think-tank founder, author, philanthropist, podcast host and former computer security industry executive. He is the chairman of Silverado Policy Accelerator, a geopolitics think-tank in Washingto ...
is a CrowdStrike co-founder, CTO, and cybersecurity expert.
Note: This news article is licensed under a Creative Commons Attribution-Share Alike 3.0 License President Obama and Russian President
Vladimir Putin Vladimir Vladimirovich Putin (born 7 October 1952) is a Russian politician and former intelligence officer who has served as President of Russia since 2012, having previously served from 2000 to 2008. Putin also served as Prime Minister of Ru ...
had a discussion about
computer security Computer security (also cybersecurity, digital security, or information technology (IT) security) is a subdiscipline within the field of information security. It consists of the protection of computer software, systems and computer network, n ...
issues, which took place as a side discussion during the then-ongoing G20 summit in China in September 2016. Obama said Russian hacking stopped after his warning to Putin. In a joint statement on October 7, 2016, the
United States Department of Homeland Security The United States Department of Homeland Security (DHS) is the U.S. United States federal executive departments, federal executive department responsible for public security, roughly comparable to the Interior minister, interior, Home Secretary ...
and the Office of the Director of National Intelligence stated that the US intelligence community is confident that the Russian government directed the breaches and the release of the obtained material in an attempt to "… interfere with the US election process."


Background

As is common among Russian intelligence services, both groups used similar hacking tools and strategies. It is believed that neither group was aware of the other. This type of operation is antithetical to American computer intelligence methods, for fear of undermining or defeating intelligence operations of the other. However, this has been common practice for the Russian intelligence community since 2004. This intrusion was part of several attacks attempting to access information from American political organizations, including the 2016 U.S. presidential campaigns. Both "Cozy Bear" and "Fancy Bear" are known adversaries of the United States, who have extensively engaged in political and economic espionage that benefits the
Russian Federation Russia, or the Russian Federation, is a country spanning Eastern Europe and North Asia. It is the list of countries and dependencies by area, largest country in the world, and extends across Time in Russia, eleven time zones, sharing Borders ...
government. Both groups are believed to be connected to the Russian intelligence services. Also, both access resources and demonstrate levels of proficiency matching nation-state capabilities. "Cozy Bear" has in the past year infiltrated unclassified computer systems of the
White House The White House is the official residence and workplace of the president of the United States. Located at 1600 Pennsylvania Avenue Northwest (Washington, D.C.), NW in Washington, D.C., it has served as the residence of every U.S. president ...
, the
U.S. State Department The United States Department of State (DOS), or simply the State Department, is an executive department of the U.S. federal government responsible for the country's foreign policy and relations. Equivalent to the ministry of foreign affairs ...
, and the U.S. Joint Chiefs of Staff. According to
CrowdStrike CrowdStrike Holdings, Inc. is an American cybersecurity technology company based in Austin, Texas. It provides endpoint security, threat intelligence, and cyberattack response services. The company has been involved in investigations of seve ...
, other targeted sectors include: Defense, Energy,
Mining Mining is the Resource extraction, extraction of valuable geological materials and minerals from the surface of the Earth. Mining is required to obtain most materials that cannot be grown through agriculture, agricultural processes, or feasib ...
, Financial, Insurance, Legal, Manufacturing, Media,
Think tank A think tank, or public policy institute, is a research institute that performs research and advocacy concerning topics such as social policy, political strategy, economics, military, technology, and culture. Most think tanks are non-governme ...
s, Pharmaceutical,
Research Research is creative and systematic work undertaken to increase the stock of knowledge. It involves the collection, organization, and analysis of evidence to increase understanding of a topic, characterized by a particular attentiveness to ...
and
Technology Technology is the application of Conceptual model, conceptual knowledge to achieve practical goals, especially in a reproducible way. The word ''technology'' can also mean the products resulting from such efforts, including both tangible too ...
industries as well as universities. "Cozy Bear" observed attacks have occurred in
Western Europe Western Europe is the western region of Europe. The region's extent varies depending on context. The concept of "the West" appeared in Europe in juxtaposition to "the East" and originally applied to the Western half of the ancient Mediterranean ...
, Brazil,
China China, officially the People's Republic of China (PRC), is a country in East Asia. With population of China, a population exceeding 1.4 billion, it is the list of countries by population (United Nations), second-most populous country after ...
, Japan, Mexico,
New Zealand New Zealand () is an island country in the southwestern Pacific Ocean. It consists of two main landmasses—the North Island () and the South Island ()—and List of islands of New Zealand, over 600 smaller islands. It is the List of isla ...
, South Korea,
Turkey Turkey, officially the Republic of Türkiye, is a country mainly located in Anatolia in West Asia, with a relatively small part called East Thrace in Southeast Europe. It borders the Black Sea to the north; Georgia (country), Georgia, Armen ...
and
Central Asia Central Asia is a region of Asia consisting of Kazakhstan, Kyrgyzstan, Tajikistan, Turkmenistan, and Uzbekistan. The countries as a group are also colloquially referred to as the "-stans" as all have names ending with the Persian language, Pers ...
. "Fancy Bear" has been operating since the mid-2000s.
CrowdStrike CrowdStrike Holdings, Inc. is an American cybersecurity technology company based in Austin, Texas. It provides endpoint security, threat intelligence, and cyberattack response services. The company has been involved in investigations of seve ...
reported targeting has included
Aerospace Aerospace is a term used to collectively refer to the atmosphere and outer space. Aerospace activity is very diverse, with a multitude of commercial, industrial, and military applications. Aerospace engineering consists of aeronautics and astron ...
, Defense, Energy, Government and the Media industries. "Fancy Bear" intrusions have occurred in
United States The United States of America (USA), also known as the United States (U.S.) or America, is a country primarily located in North America. It is a federal republic of 50 U.S. state, states and a federal capital district, Washington, D.C. The 48 ...
, Western Europe, Brazil,
Canada Canada is a country in North America. Its Provinces and territories of Canada, ten provinces and three territories extend from the Atlantic Ocean to the Pacific Ocean and northward into the Arctic Ocean, making it the world's List of coun ...
, China, Republic of Georgia,
Iran Iran, officially the Islamic Republic of Iran (IRI) and also known as Persia, is a country in West Asia. It borders Iraq to the west, Turkey, Azerbaijan, and Armenia to the northwest, the Caspian Sea to the north, Turkmenistan to the nort ...
, Japan,
Malaysia Malaysia is a country in Southeast Asia. Featuring the Tanjung Piai, southernmost point of continental Eurasia, it is a federation, federal constitutional monarchy consisting of States and federal territories of Malaysia, 13 states and thre ...
and
South Korea South Korea, officially the Republic of Korea (ROK), is a country in East Asia. It constitutes the southern half of the Korea, Korean Peninsula and borders North Korea along the Korean Demilitarized Zone, with the Yellow Sea to the west and t ...
. Targeted defense ministries and military organizations parallel Russian Federation government interests. This may indicate affiliation with the Main Intelligence Directorate (GRU, a Russian military intelligence service). Specifically, "Fancy Bear" has been linked to intrusions into the
German Bundestag The Bundestag (, "Federal Diet") is the lower house of the German federal parliament. It is the only constitutional body of the federation directly elected by the German people. The Bundestag was established by Title III of the Basic Law for ...
and France's
TV5 Monde TV5Monde (), formerly known as TV5, is a French public television network, broadcasting several channels of French-language programming. It is an approved participant member of the European Broadcasting Union. The network is available across ...
(television station) in April 2015.
SecureWorks Secureworks Inc. is an American cybersecurity company. The company has approximately 4,000 customers in more than 50 countries, ranging from Fortune 100 companies to mid-sized businesses in a variety of industries. It became part of Dell, Dell ...
, a cybersecurity firm headquartered in the United States, concluded that from March 2015 to May 2016, the "Fancy Bear" target list included not merely the DNC, but tens of thousands of foes of Putin and the Kremlin in the United States, Ukraine, Russia, Georgia, and Syria. Only a handful of Republicans were targeted, however.


Hacking the DNC

On January 25, 2018,
Dutch Dutch or Nederlands commonly refers to: * Something of, from, or related to the Netherlands ** Dutch people as an ethnic group () ** Dutch nationality law, history and regulations of Dutch citizenship () ** Dutch language () * In specific terms, i ...
newspaper
de Volkskrant ''De Volkskrant'' (; ), stylized as de Volkskrant, is a Dutch daily morning newspaper. Founded in 1919, it has a nationwide circulation of about 250,000. Formerly a leading centre-left Catholic broadsheet, ''de Volkskrant'' today is a medium- ...
and TV program
Nieuwsuur Nieuwsuur (''News Hour'') is a Dutch current affairs television programme produced for the NPO, produced by the public broadcasters NOS and NTR. It is broadcast daily between 9:30 pm and 10:15 pm (9:30-10 pm at weekends) on NPO 2. The progra ...
reported that in 2014 and 2015, the Dutch Intelligence agency
General Intelligence and Security Service The General Intelligence and Security Service ( ; AIVD) is the intelligence and security agency of the Netherlands, tasked with domestic, foreign and signals intelligence and protecting national security as well as assisting the Five Eyes in i ...
(AIVD) had successfully infiltrated the computers of
Cozy Bear Cozy Bear is a Russian advanced persistent threat hacker group believed to be associated with intelligence agencies of Russia, Russian foreign intelligence by United States Intelligence Community, United States intelligence agencies and those o ...
and observed the hacking of the head office of the State Department and subsequently the White House, as well as the Democratic Party, and were the first to alert the
National Security Agency The National Security Agency (NSA) is an intelligence agency of the United States Department of Defense, under the authority of the director of national intelligence (DNI). The NSA is responsible for global monitoring, collection, and proces ...
about the cyber-intrusion. In 2015, the NSA apprised the FBI and other agencies of the DNC intrusions which the Dutch had secretly detected, and on August 15, 2015, the Washington field office first alerted DNC technical staff of the compromise of their systems. Much later, the lack of higher level communications between the DNC and the FBI was seen by the DNC as an "unfathomable lapse" and it wasn't until April 2016 when legal authorizations to share sensitive technical data with the government finally apprised DNC leaders that their systems had been penetrated. "Cozy Bear" had access to DNC systems since the summer of 2015; and "Fancy Bear", since April 2016. There was no evidence of collaboration or knowledge of the other's presence within the system. Rather, the "two Russian espionage groups compromised the same systems and engaged separately in the theft of identical credentials". "Cozy Bear" employed the "Sea Daddy" implant and an obfuscated
PowerShell PowerShell is a shell program developed by Microsoft for task automation and configuration management. As is typical for a shell, it provides a command-line interpreter for interactive use and a script interpreter for automation via a langu ...
script as a backdoor, launching
malicious code Malware (a portmanteau of ''malicious software'')Tahir, R. (2018)A study on malware and malware detection techniques . ''International Journal of Education and Management Engineering'', ''8''(2), 20. is any software intentionally designed to caus ...
at various times and in various DNC systems. "Fancy Bear" employed X Agent malware, which enabled distant command execution, transmissions of files and keylogging, as well as the "X-Tunnel" malware. DNC leaders became aware of the compromise in April 2016. These attacks broadly reflect Russian government interest in the U.S. political system, as well as political leaders' policies, tendencies and proclivities while assessing possible beneficial outcomes. The attacks also broadly reflect Russian government interest in the strategies, policies, and practices of the U.S. Government. This also globally reflects foreign governments' interest in ascertaining information on Donald Trump as a new entry into U.S. political leadership roles, in contrast to information likely to have been garnered over the decades pertaining to the Clintons. The DNC commissioned the cybersecurity company
CrowdStrike CrowdStrike Holdings, Inc. is an American cybersecurity technology company based in Austin, Texas. It provides endpoint security, threat intelligence, and cyberattack response services. The company has been involved in investigations of seve ...
to defeat the intrusions. Its chief technology officer,
Dmitri Alperovitch Dmitri Alperovitch (; born 1980) is an American think-tank founder, author, philanthropist, podcast host and former computer security industry executive. He is the chairman of Silverado Policy Accelerator, a geopolitics think-tank in Washingto ...
, who is also a cybersecurity expert, stated: Other cybersecurity firms, Fidelis Cybersecurity and
FireEye Trellix (formerly FireEye and McAfee Enterprise) is a privately held cybersecurity company that was founded in 2022. It provides hardware, software, and services to investigate cybersecurity attacks, protect against malicious software, and ana ...
, independently reviewed the malware and came to the same conclusion as
CrowdStrike CrowdStrike Holdings, Inc. is an American cybersecurity technology company based in Austin, Texas. It provides endpoint security, threat intelligence, and cyberattack response services. The company has been involved in investigations of seve ...
—that expert Russian hacking groups were responsible for the breach. In November 2017, US authorities identified 6 Russian individuals who conducted the hack. Beginning in December 2016 the Russian government arrested Sergei Mikhailov, a high ranking government cyber-spy, Ruslan Stoyanov, a private sector cyber-security expert, Georgy Fomchenkov, a former government cyber-spy, and Dmitry Dokuchaev, a Mikhailov associate and charged them with aiding U.S. intelligence agencies which the New York Times associated with the DNC hacking.


Donor information

Although the DNC claimed that no personal, financial, or donor information was accessed, "Guccifer 2.0" leaked what he, she or they claimed were donor lists detailing DNC campaign contributions to
Gawker ''Gawker'' was an American blog founded by Nick Denton and Elizabeth Spiers that was based in New York City and focused on celebrities and the media industry. According to SimilarWeb, the site had over 23 million visits per month in 2015. Fo ...
and
The Smoking Gun The Smoking Gun is a website that posts legal documents, arrest records, and police mugshots on a daily basis. The intent is to bring to the public light information that is somewhat obscure or unreported by more mainstream media sources. Most ...
. However, this information has not been authenticated, and doubts remain about Guccifer 2.0's backstory.


Guccifer 2.0

In June 2016, a person or person(s) claimed to be the hacker who had hacked the DNC servers and then published the stolen documents online.Tal Kopan, "Guccifer 2.0" later also claimed to have leaked 20.000 emails to
WikiLeaks WikiLeaks () is a non-profit media organisation and publisher of leaked documents. It is funded by donations and media partnerships. It has published classified documents and other media provided by anonymous sources. It was founded in 2006 by ...
.


U.S. intelligence conclusions

The U.S. Intelligence Community tasked resources debating why Putin chose summer 2016 to escalate active measures influencing U.S. politics.
Director of National Intelligence The director of national intelligence (DNI) is a Cabinet of the United States#Current Cabinet and Cabinet-rank officials, cabinet-level Federal government of the United States, United States government intelligence and security official. The p ...
James R. Clapper James Robert Clapper Jr. (born March 14, 1941) is a retired lieutenant general in the United States Air Force and former Director of National Intelligence. Clapper has held several key positions within the United States Intelligence Community. ...
said after the 2011–13 Russian protests that Putin's confidence in his viability as a politician was damaged, and Putin responded with the propaganda operation. Former
CIA The Central Intelligence Agency (CIA; ) is a civilian foreign intelligence service of the federal government of the United States tasked with advancing national security through collecting and analyzing intelligence from around the world and ...
officer Patrick Skinner explained the goal was to spread uncertainty. U.S. Congressman
Adam Schiff Adam Bennett Schiff (born June 22, 1960) is an American lawyer, author, and politician serving as the Seniority in the United States Senate, junior United States Senate, United States senator from California, a seat he has held since 2024. A m ...
, Ranking Member of the
House Permanent Select Committee on Intelligence A house is a single-unit residential building. It may range in complexity from a rudimentary hut to a complex structure of wood, masonry, concrete or other material, outfitted with plumbing, electrical, and heating, ventilation, and air condi ...
, commented on Putin's aims, and said U.S. intelligence agencies were concerned with Russian propaganda. Speaking about disinformation that appeared in
Hungary Hungary is a landlocked country in Central Europe. Spanning much of the Pannonian Basin, Carpathian Basin, it is bordered by Slovakia to the north, Ukraine to the northeast, Romania to the east and southeast, Serbia to the south, Croatia and ...
,
Slovakia Slovakia, officially the Slovak Republic, is a landlocked country in Central Europe. It is bordered by Poland to the north, Ukraine to the east, Hungary to the south, Austria to the west, and the Czech Republic to the northwest. Slovakia's m ...
, the
Czech Republic The Czech Republic, also known as Czechia, and historically known as Bohemia, is a landlocked country in Central Europe. The country is bordered by Austria to the south, Germany to the west, Poland to the northeast, and Slovakia to the south ...
, and
Poland Poland, officially the Republic of Poland, is a country in Central Europe. It extends from the Baltic Sea in the north to the Sudetes and Carpathian Mountains in the south, bordered by Lithuania and Russia to the northeast, Belarus and Ukrai ...
, Schiff said there was an increase of the same behavior in the U.S. Schiff concluded Russian propaganda operations would continue against the U.S. after the election. On December 9, 2016, the
CIA The Central Intelligence Agency (CIA; ) is a civilian foreign intelligence service of the federal government of the United States tasked with advancing national security through collecting and analyzing intelligence from around the world and ...
told U.S. legislators the U.S. Intelligence Community concluded Russia conducted operations during the 2016 U.S. election to assist Donald Trump in winning the presidency. Multiple U.S. intelligence agencies concluded people with specific individuals tied to the Russian government gave
WikiLeaks WikiLeaks () is a non-profit media organisation and publisher of leaked documents. It is funded by donations and media partnerships. It has published classified documents and other media provided by anonymous sources. It was founded in 2006 by ...
hacked emails from the
Democratic National Committee The Democratic National Committee (DNC) is the principal executive leadership board of the United States's Democratic Party (United States), Democratic Party. According to the party charter, it has "general responsibility for the affairs of the ...
(D.N.C.) and additional sources such as
John Podesta John David Podesta Jr. (born January 8, 1949) is an American political consultant who served as Senior Advisor to the President for International Climate Policy from 2024 to 2025, having previously served as the Senior Advisor to the President ...
, campaign chairman for
Hillary Clinton Hillary Diane Rodham Clinton ( Rodham; born October 26, 1947) is an American politician, lawyer and diplomat. She was the 67th United States secretary of state in the administration of Barack Obama from 2009 to 2013, a U.S. senator represent ...
. These intelligence organizations additionally concluded Russia hacked the
Republican National Committee The Republican National Committee (RNC) is the primary committee of the Republican Party of the United States. Its members are chosen by the state delegations at the national convention every four years. It is responsible for developing and pr ...
(R.N.C.) as well as the D.N.C.—and chose not to leak information obtained from the R.N.C. The CIA said the foreign intelligence agents were Russian operatives previously known to the U.S. CIA officials told U.S. Senators it was "quite clear" Russia's intentions were to help Trump. Trump released a statement December 9, and disregarded the CIA conclusions.


FBI involvement

A senior law enforcement official told CNN: The FBI therefore had to rely on an assessment from
CrowdStrike CrowdStrike Holdings, Inc. is an American cybersecurity technology company based in Austin, Texas. It provides endpoint security, threat intelligence, and cyberattack response services. The company has been involved in investigations of seve ...
instead, who were hired by the DNC to investigate the cyber attacks.


U.S. legislative response

Members of the U.S. Senate Intelligence Committee traveled to Ukraine and Poland in 2016 and learned about Russian operations to influence their affairs. U.S. Senator
Angus King Angus Stanley King Jr. (born March 31, 1944) is an American lawyer and politician who has served since 2013 as the Seniority in the United States Senate, junior United States senator from Maine. A Independent politician, political independent, h ...
told the ''
Portland Press Herald The ''Portland Press Herald'' (abbreviated as ''PPH''; Sunday edition ''Maine Sunday Telegram'') is a daily newspaper based in South Portland, Maine, with a statewide readership. The ''Press Herald'' mainly serves southern Maine and is focused ...
'' that tactics used by Russia during the 2016 U.S. election were analogous to those used against other countries. On November 30, 2016, King joined a letter in which seven members of the U.S. Senate Intelligence Committee asked President Obama to publicize more information from the intelligence community on Russia's role in the U.S. election. In an interview with CNN, King warned against ignoring the problem, saying it was a bipartisan issue. Representatives in the
U.S. Congress The United States Congress is the legislative branch of the federal government of the United States. It is a bicameral legislature, including a lower body, the U.S. House of Representatives, and an upper body, the U.S. Senate. They both ...
took action to monitor the National security of the United States by advancing legislation to monitor propaganda. On November 30, 2016, legislators approved a measure within the
National Defense Authorization Act The National Defense Authorization Act (NDAA) is any of a series of United States federal laws specifying the annual budget and expenditures of the U.S. Department of Defense. The first NDAA was passed in 1961. The U.S. Congress oversees the de ...
to ask the
U.S. State Department The United States Department of State (DOS), or simply the State Department, is an executive department of the U.S. federal government responsible for the country's foreign policy and relations. Equivalent to the ministry of foreign affairs ...
to act against propaganda with an inter-agency panel. The legislation authorized funding of $160 million over a two-year-period. The initiative was developed through a
bipartisan Bipartisanship, sometimes referred to as nonpartisanship, is a political situation, usually in the context of a two-party system (especially those of the United States and some other western countries), in which opposing Political party, politica ...
bill, the Countering Foreign Propaganda and Disinformation Act, written by U.S. Senators
Rob Portman Robert Jones Portman (born December 19, 1955) is an American attorney and politician who served as a United States senator from Ohio from 2011 to 2023. A member of the Republican Party, Portman was the 35th director of the Office of Management ...
(Republican) and
Chris Murphy Christopher Scott Murphy (born August 3, 1973) is an American lawyer, author, and politician serving as the junior United States senator from the state of Connecticut since 2013. A member of the Democratic Party, he previously served in the U ...
(Democrat). Portman urged more U.S. government action to counter propaganda. Murphy said after the election it was apparent the U.S. needed additional tactics to fight Russian propaganda. U.S. Senate Intelligence Committee member
Ron Wyden Ronald Lee Wyden ( ; born May 3, 1949) is an American politician serving as the Seniority in the United States Senate, senior United States Senate, United States senator from Oregon, a seat he has held since 1996 United States Senate special el ...
said frustration over covert Russian propaganda was bipartisan. Republican U.S. Senators stated they planned to hold hearings and investigate Russian influence on the 2016 U.S. elections. By doing so they went against the preference of incoming Republican President-elect Donald Trump, who downplayed any potential Russian meddling in the election.
U.S. Senate Armed Services Committee The Committee on Armed Services, sometimes abbreviated SASC for Senate Armed Services Committee, is a committee of the United States Senate empowered with legislative oversight of the nation's military, including the Department of Defens ...
Chairman
John McCain John Sidney McCain III (August 29, 1936 – August 25, 2018) was an American statesman and United States Navy, naval officer who represented the Arizona, state of Arizona in United States Congress, Congress for over 35 years, first as ...
and U.S. Senate Intelligence Committee Chairman
Richard Burr Richard Mauze Burr (born November 30, 1955) is an American businessman and politician who served as a United States senator from North Carolina from 2005 to 2023. A member of the Republican Party, Burr was previously a member of the United Stat ...
discussed plans for collaboration on investigations of Russian
cyberwarfare Cyberwarfare is the use of cyberattack, cyber attacks against an enemy State (polity), state, causing comparable harm to actual warfare and/or disrupting vital computer systems. Some intended outcomes could be espionage, sabotage, propaganda, ...
during the election. U.S. Senate Foreign Relations Committee Chairman
Bob Corker Robert Phillips Corker Jr. (born August 24, 1952) is an American businessman and politician who served as a United States Senator from Tennessee from 2007 to 2019. A member of the Republican Party, he served as Chair of the Senate Foreign Rela ...
planned a 2017 investigation. Senator
Lindsey Graham Lindsey Olin Graham (; born July 9, 1955) is an American politician and attorney serving as the Seniority in the United States Senate, senior United States Senate, United States senator from South Carolina, a seat he has held since 2003. A membe ...
indicated he would conduct a sweeping investigation in the
115th Congress The 115th United States Congress was a meeting of the legislative branch of the United States of America federal government, composed of the Senate and the House of Representatives. It met in Washington, D.C., from January 3, 2017, to January ...
.


President Obama order

On December 9, 2016, President Obama ordered the entire
United States Intelligence Community The United States Intelligence Community (IC) is a group of separate US federal government, U.S. federal government intelligence agencies and subordinate organizations that work to conduct Intelligence assessment, intelligence activities which ...
to conduct an investigation into Russia's attempts to influence the 2016 U.S. election — and provide a report before he left office on January 20, 2017.
Lisa Monaco Lisa Oudens Monaco (born February 25, 1968) is an American attorney who served as the 39th United States Deputy Attorney General, United States deputy attorney general from 2021 to 2025. She is a member of the Democratic Party (United States), De ...
, U.S. Homeland Security Advisor and chief counterterrorism advisor to the president, announced the study, and said the intrusion of a foreign nation into a U.S. national election was an unprecedented event that would necessitate further investigation by subsequent administrations in the executive branch. The intelligence analysis will take into account data from the last three presidential elections in the U.S. Evidence showed malicious
cyberwarfare Cyberwarfare is the use of cyberattack, cyber attacks against an enemy State (polity), state, causing comparable harm to actual warfare and/or disrupting vital computer systems. Some intended outcomes could be espionage, sabotage, propaganda, ...
during the
2008 2008 was designated as: *International Year of Languages *International Year of Planet Earth *International Year of the Potato *International Year of Sanitation The Great Recession, a worldwide recession which began in 2007, continued throu ...
and 2016 U.S. elections.


See also

*
2016 Democratic National Committee email leak The 2016 Democratic National Committee email leak is a collection of Democratic National Committee (DNC) emails Democratic National Committee cyber attacks, stolen by one or more hackers operating under the pseudonym "Guccifer 2.0" who are allege ...
* Cold War II *
Conspiracy theories related to the Trump–Ukraine scandal Since 2016, 45th and 47th President of the United States Donald Trump and his allies have promoted several conspiracy theories related to the Trump–Ukraine scandal. One such theory seeks to blame Ukraine, instead of Russia, for interference ...
* Democratic Congressional Campaign Committee cyber attacks *
Foreign electoral intervention Foreign electoral interventions (FEI) are attempts by a government to influence the elections of another country. Common methods include backing a preferred party or candidate, harming the electoral chances of another party or candidate, elevati ...
*
Office of Personnel Management data breach The Office of Personnel Management data breach was a 2015 data breach targeting Standard Form 86 (SF-86) U.S. government security clearance records retained by the United States Office of Personnel Management (OPM). One of the largest breaches of ...
*
Operation Aurora Operation Aurora was a series of cyber attacks performed by advanced persistent threats such as the Elderwood Group based in Beijing, China, with associations with the People's Liberation Army. First disclosed publicly by Google (one of the vic ...
* ''
The Plot to Hack America ''The Plot to Hack America: How Putin's Cyberspies and WikiLeaks Tried to Steal the 2016 Election'' is a non-fiction book by Malcolm Nance about the Russian interference in the 2016 United States elections. It was published in paperback, audiob ...
'' *
Podesta emails In March 2016, the personal Gmail account of John Podesta, a former White House chief of staff and chair of Hillary Clinton's 2016 U.S. presidential campaign, was compromised in a data breach accomplished via a spear-phishing attack, and some ...
* Russian espionage in the United States *
Russian interference in the 2016 United States elections The Russian government conducted Foreign electoral intervention, foreign electoral interference in the 2016 United States elections with the goals of sabotaging the Hillary Clinton 2016 presidential campaign, presidential campaign of Hillar ...
*
Russian interference in the 2018 United States elections The United States Intelligence Community concluded in early 2018 that the Russian government was continuing the interference it started during the 2016 elections and was attempting to influence the 2018 United States mid-term elections by gene ...
* Social media in the 2016 United States presidential election *
Trump Tower meeting Donald John Trump (born June 14, 1946) is an American politician, media personality, and businessman who is the 47th president of the United States. A member of the Republican Party (United States), Republican Party, he served as the 45 ...
* * Yahoo! data breaches


References


External links


Timeline of hacks and publications
on Glomar Disclosure {{Hacking in the 2010s Computer security Democratic National Committee Espionage 2015 scandals 2016 scandals Data breaches in the United States 2015 in the United States 2016 in the United States Email hacking Hacking in the 2010s 2015 in computing 2016 in computing Russian interference in the 2016 United States elections