Russian hackers stole DNC’s research on Trump

Russian government hackers have infiltrated the Democratic National Committee’s (DNC) computer networks, gaining access to its entire trove of opposition research on Donald Trump. 

The hackers were so deep into the DNC’s network that they were able to read all email and online chat communications, committee officials and security experts told The Washington Post, which first reported the hack. 

DNC chairman Rep. Debbie Wasserman Schultz (D-Fla.) acknowledged the breach in a statement Tuesday afternoon. 

“The security of our system is critical to our operation and to the confidence of the campaigns and state parties we work with,” she said. “When we discovered the intrusion, we treated this like the serious incident it is and reached out to [cybersecurity firm] CrowdStrike immediately. Our team moved as quickly as possible to kick out the intruders and secure our network.”

{mosads}No donor, financial or personal information was accessed in the breach, which suggests the hackers were conducting traditional espionage, not cybercrime for financial gain.

The hackers also targeted the campaigns of Trump, the presumptive GOP presidential nominee; and Hillary Clinton, the presumptive Democratic nominee; as well as several GOP political action committees, officials told the Post. But they provided no further details.

The Russian Embassy has denied knowledge of the breach.

Some of the hackers had access to the DNC’s systems for over a year, officials said, but were booted out over the weekend during a major system cleanup. 

Security experts say Russian hackers routinely conduct traditional intelligence gathering on American targets, including mapping critical infrastructure like the electric grid for weaknesses. 

The U.S. government has tried to draw a distinction between hacking for economic gain — so-called economic espionage — and hacking for intelligence purposes, in which the U.S. actively engages. 

Through a series of international agreements — the most high-profile of which was struck with China in September — the government has attempted to set a global norm outlawing economic espionage. 

Two separate Russian government hacking groups that did not appear to be working together infiltrated the DNC’s systems, according to CrowdStrike, which is helping the committee investigate the breach.

One group, which the firm has nicknamed “Fancy Bear,” is responsible for the theft of the Trump opposition research and is believed to work for Russia’s military intelligence service. 

Less is known about the other group, nicknamed “Cozy Bear.” CrowdStrike thinks it may be contracted by the Federal Security Service, the Russia’s security agency once headed by Russian President Vladimir Putin. 

The group was also behind the 2014 hacks on the unclassified email systems of the White House, the State Department and the Joint Chiefs of Staff, according to CrowdStrike co-founder and chief technology officer Dmitri Alperovitch. 

It’s not unusual that the two groups would not be working in tandem, Alperovitch said. 

“There’s an amazing adversarial relationship” between Russia’s various intelligence agencies, Alperovitch told the Post. 

“We have seen them steal assets from one another, refuse to collaborate. They’re all vying for power, to sell Putin on how good they are,” he said. 

And according to Alperovitch, both groups are very effective. Both have “superb operational tradecraft,” he said, citing the group’s reliance on undiscovered software flaws in the DNC’s system. 

“They flew under the radar,” he told the Post. 

CrowdStrike does not yet know how the hackers gained access to the DNC system but suspects a spear-phishing campaign, which uses fake emails to trick people into downloading software that allows hackers in. 

Updated at 2:24 p.m.