Governance & Risk Management , Incident & Breach Response , Managed Detection & Response (MDR)

Trump Confirms Russian Hacking Campaign, Aide Says

Incoming Chief of Staff for Trump Stops Short of Blaming Putin
Trump Confirms Russian Hacking Campaign, Aide Says
President-elect Donald Trump. Photo: Michael Vadon (Creative Commons)

President-elect Donald Trump reportedly now accepts the U.S. intelligence community's assessment that Russia attempted to meddle in U.S. elections, and may take action in response once he takes power, an aide says (see Intelligence Report Blames Putin for Election-Related Hacks).

See Also: Real-World Strategies for Securing Remote Workforces and Data

"I think he accepts the finding," Trump's incoming chief of staff, Reince Priebus, told "Fox News Sunday" on Jan. 8. "He's not denying that entities in Russia were behind this particular hack campaign."

The remarks by Priebus represent the first time that one of Trump's team has acknowledged Russia's involvement in attempted U.S. electoral meddling. "Action may be taken" in response to the attacks, Priebus said.

But he stopped short of addressing whether Trump accepted the intelligence community's finding that Russian President Vladimir Putin had personally authorized the campaign to help Trump by discrediting Democratic presidential candidate Hillary Clinton.

Allegation: 'Gross Negligence' Aided Hackers

Priebus also blamed the Democratic National Committee for having gotten itself hacked and failing to heed related FBI warnings. "We have a DNC as a sitting duck," he said. "If the DNC allows any foreign entity into their system and then says here, here's 50,000 emails, you can have them, well voila. Now you have the biggest dissemination of emails that you've ever seen in the history of America." He added that after the FBI sounded hack-attack warnings to the RNC, it brought the bureau in to investigate.

Priebus also attempted to contrast the RNC's strong cybersecurity with weak DNC defenses. "They lacked defenses. They lacked training. They allowed foreign governments into their system."

That argument has been emphasized in recent days by Trump. "Gross negligence by the Democratic National Committee allowed hacking to take place. The Republican National Committee had strong defense!" Trump claimed in a Jan. 7 tweet. "Only reason the hacking of the poorly defended DNC is discussed is that the loss by the Dems was so big that they are totally embarrassed!"

But as part of the same campaign, it appears that at least some Republican state party officials were also hacked, although relatively few related emails were dumped publicly, as The Hill has reported. Furthermore, leaks of Republican emails were made in August 2016 via the DCLeaks.com website, which also hosted leaked DNC emails.

Several information security experts have also questioned whether Republican officials' emails might also have been stolen en masse, but perhaps held in reserve for potential future propaganda efforts or potentially blackmail purposes.

Report Ties Guccifer to GRU to Kremlin

The U.S. intelligence community's assessment is that DCLeaks was created by a Kremlin-aligned hacking operation being run by Russia's GRU military intelligence agency. "We assess with high confidence that Russian military intelligence (General Staff Main Intelligence Directorate or GRU) used the Guccifer 2.0 persona and DCLeaks.com to release U.S. victim data," according to an unclassified version of a top-secret report released last week by the U.S. intelligence community (see Russian Interference: Anatomy of a Propaganda Campaign).

"Putin and the Russian Government aspired to help President-elect Trump's election chances when possible by discrediting Secretary Clinton and publicly contrasting her unfavorably to him," the report concludes.

Report Gathered via Spying Capabilities

The DNC hacking and related dumps of stolen emails via DCLeaks.com, the Guccifer 2.0 online persona and WikiLeaks - as well as via exclusives shared with multiple media outlets - were part of a broader effort to destabilize faith in U.S. democratic institutions, including the election process, according to the report.

It says Russia's intelligence services targeted both the Democratic and Republican political parties.

Based on a close reading of the intelligence community's report, many of its conclusions weren't made using technical indicators, but rather through old-fashioned "spying capabilities," according to forensic scientist Jonathan Zdziarski.

Kremlin Slams 'Witch-Hunt'

The Kremlin, however, has dismissed the report's conclusions. "These are baseless allegations substantiated with nothing, done on a rather amateurish, emotional level," Vladimir Putin's spokesman, Dmitry Peskov, told journalists on Jan. 9, the Guardian reports. "We still don't know what data is really being used by those who present such unfounded accusations."

In language that echoes language previously used by Trump, Peskov added: "We are growing rather tired of these accusations. It is becoming a full-on witch-hunt."

Hacking as Political Football

Trump has used the question of whether Russia attempted to meddle in U.S. elections as a political football. He characterized the related investigation, ordered by President Barack Obama in December 2016, to The New York Times as a "political witch-hunt" triggered by Democrats' embarrassment at their election failure.

Subsequently, on Jan. 6, Trump was given a related, two-hour briefing by National Intelligence Director James Clapper, CIA Director John Brennan and FBI Director James Comey, into what the U.S. intelligence community says was a campaign, authorized by Putin, designed partially to meddle in the U.S. election process.

Following the briefing, Trump issued a statement saying that the meeting had been "constructive." He also claimed that "there was absolutely no effect on the outcome of the election including the fact that there was no tampering whatsoever with voting machines."

It's important to note that Trump's claim that the hacking and related data dumps had no impact on the election is only his opinion, rather than a reflection of what he likely heard in the intelligence briefing.

Indeed, in testimony delivered Jan. 5 to the Senate Armed Services Committee, Clapper said there's no way for U.S. intelligence agencies to know what effect Russia's meddling may have had. "The intelligence community can't gauge the impact it had on the choices the electorate made," he said, although he emphasized that there was no indication that any voting machines had been hacked.

But the hacking was only one part "of a multifaceted campaign that the Russians mounted," Clapper told the committee, characterizing related efforts as nothing less than "an existential threat to the United States."

Trump Promises to Combat Cyber Attacks

Following the briefing, Trump issued a rare pronouncement on cybersecurity, promising get tough on cyberattacks once he takes office Jan. 20, while suggesting that any related moves would be cloaked in secrecy (see Obama Panel Urges Trump to Quickly Address Cybersecurity).

"Whether it is our government, organizations, associations or businesses we need to aggressively combat and stop cyberattacks. I will appoint a team to give me a plan within 90 days of taking office," Trump said. "The methods, tools and tactics we use to keep America safe should not be a public discussion that will benefit those who seek to do us harm."

The same day, however, Trump tweeted that he also wants to improve relations with Russia. "Having a good relationship with Russia is a good thing, not a bad thing," Trump said. "When I am President, Russia will respect us far more than they do now."


About the Author

Mathew J. Schwartz

Mathew J. Schwartz

Executive Editor, DataBreachToday & Europe, ISMG

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.