Anti-Phishing, DMARC , Email Threat Protection , Endpoint Security

Comey: Hundreds of Organizations Targeted by Russia

Former FBI Director's Testimony Adds to Broader Picture of Russian Cyber Activity
Comey: Hundreds of Organizations Targeted by Russia
Former FBI Director James Comey testifies before Senate Intelligence Committee.

Former FBI Director's James Comey's testimony before the Senate Intelligence Committee on Thursday affirmed Russia's cyber interference with the 2016 U.S. presidential election. While largely quiet about the ongoing investigation, Comey trickled a handful of new details that contribute to a broader picture of Russian hacking.

See Also: What GDPR Means for Cybersecurity

The majority of Comey's testimony focused on his interaction with President Donald Trump, who fired him on May 9. Comey contends he was dismissed for not pulling back on the Russia investigation, which Trump has characterized as a waste of taxpayer money and "fake news."

Here's a roundup of key points related to Russian cyber activity.

No Doubt on Russia

Sen. Richard Burr (R-N.C.), chairman of the committee, asked Comey if he had any doubt that Russia tried to interfere with the 2016 presidential election. Comey said, "None." Burr went on to ask if Comey had any doubt if Russia attacked the Democratic National Committee and the Democratic Congressional Campaign Committee. Again, Comey said, "None."

Burr asked further questions along the same line, according to a transcript of Comey's testimony published by The New York Times.

Burr: Do you have any doubt that the Russian government was behind the cyber intrusion in the state voter files?

Comey: No.

It was suspected that Russia was also probing local election institutions. Illinois and Arizona reported intrusions last year. Earlier this week, The Intercept published a document leaked by a NSA contractor, which described spear-phishing attempts against two voting systems vendors and 122 local election officials (see Inside Job: NSA Fails to Stop Another Leaker).

Scope of Hacking

In more questions-and-answers with Burr, Comey testified that he first became aware of Russia-connected cyber intrusions in the late summer of 2015, nearly a year before broad suspicions surfaced in the public.

Comey said there was a "massive effort to target government and nongovernmental - near-governmental agencies like nonprofits."

Burr: "What would be the estimate of how many entities out there the Russians specifically targeted in that time frame?"

Comey: "It's hundreds. I suppose it could be more than 1,000, but it's at least hundreds."

Comey says the FBI discussed the intrusions with former President Barack Obama's administration. In late 2015 or early 2016, the FBI became aware that some data had been stolen from organizations.

Burr: "And share with us, if you will, what actions they took."

Comey: "Well, the FBI had already undertaken an effort to notify all the victims - and that's what we consider the entities that were attacked as part of this massive spear phishing campaign. And so we notified them in an effort to disrupt what might be ongoing. Then there was a series of continuing interactions with entities through the rest of '15 into '16, and then, throughout '16, the administration was trying to decide how to respond to the intrusion activity that it saw."

Trump: No Russia Questions

The leaks of Democratic Party documents and emails, some of which were published by WikiLeaks, provided Trump with a steady supply of material out on the campaign trail to use against Hillary Clinton (see DNC Breach More Severe Than First Believed).

But the entire election campaign was so unorthodox that it's difficult to quantify whether Russia's cyber activity, which included seeding fake news stories, tipped the scales in favor of Trump.

Clinton won the popular vote, but Trump prevailed in the Electoral College tally, making him president. On the campaign trail in July 2016, Trump appeared to encourage Russian hackers to find missing emails that were part of the investigation into her use of a private email server as Secretary of State.

That investigation resulted in no criminal charges, but proved to be a consistent distraction for Clinton and fodder for Trump's allegations of her dishonesty.

After the election, however, Trump showed little interest in learning about the cyber intrusions, Comey testified during questioning from Sen. Joe Manchin (D-W.V.).

Manchin: "Did the president ever show any concern or interest or curiosity about what the Russians were doing?"

Comey: "Thank you, Senator. As I said earlier, I don't remember any conversations with the president about the Russia election interference."

The Stakes

During Manchin's questioning, Comey summed up why the Russia investigation into cyber meddling has such a profound importance for the U.S.

Comey: "The reason this is such a big deal is - we have this big, messy, wonderful country where we fight with each other all the time, but nobody tells us what to think, what to fight about, what to vote for, except other Americans, and that's wonderful and often painful.

"But we're talking about a foreign government that, using technical intrusion, lots of other methods, tried to shape the way we think, we vote, we act. That is a big deal. And people need to recognize it.

"It's not about Republicans or Democrats. They're coming after America, which I hope we all love equally. They want to undermine our credibility in the face of the world. They think that this great experiment of ours is a threat to them, and so they're going to try to run it down and dirty it up as much as possible."


About the Author

Jeremy Kirk

Jeremy Kirk

Executive Editor, Security and Technology, ISMG

Kirk was executive editor for security and technology for Information Security Media Group. Reporting from Sydney, Australia, he created "The Ransomware Files" podcast, which tells the harrowing stories of IT pros who have fought back against ransomware.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.