Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cyberwarfare

Obama Requests Full Review of Election-related Hacks

The White House on Friday announced that President Obama has requested that U.S. intelligence provide a full review into any Russian attempts to influence the U.S. election, to be delivered before he steps down in January.

The White House on Friday announced that President Obama has requested that U.S. intelligence provide a full review into any Russian attempts to influence the U.S. election, to be delivered before he steps down in January.

Press secretary Eric Schultz said the review is not “an effort to challenge the outcome of the election.” He said it would be a ‘deep dive’, and would include looking at both the 2008 and 2012 elections. “They’re going to look at where the activity leads them to look at,” he said. 

White House terrorism and homeland security advisor Lisa Monaco had earlier announced at a Christian Science Monitor breakfast event, “The president has directed the intelligence community to conduct a full review of what happened during the 2016 election process, and to capture lessons learned from that and to report to a range of stakeholders, to include the Congress.”

This coincides with two separate reports from The Washington Post and the New York Times, published that Friday, claiming that US intelligence services had already concluded with a degree of certainty that Russia had acted covertly to damage Hilary Clinton’s campaign and promote Donald Trump.

Part of that certainty, wrote the NYT, comes from the agencies’ conclusion “that the Russians hacked the Republican National Committee’s computer systems in addition to their attacks on Democratic organizations, but did not release whatever information they gleaned from the Republican networks.”

Both the US government and private security firms have already attributed the summer hacks of the DNC to Russian actors — specifically APT28 and APT29, both of which are believed to be Russian government-sponsored hacking groups. Although there have been rumors of a similar RNC hack, and a few fairly innocuous emails released to DCLeaks.com, this is the first direct suggestion that the RNC itself had been breached.

The RNC has consistently denied such a breach. The first response came in a statement from Mr Trump’s transition team, Friday evening: “These are the same people [the intelligence agencies] that said Saddam Hussein had weapons of mass destruction. The election ended a long time ago in one of the biggest Electoral College victories in history. It’s now time to move on and ‘Make America Great Again.'”

More directly, Republican National Committee communications director Sean Spicer told CNN in a Saturday morning interview that the RNC had not been hacked. “I know that we have worked with intelligence agencies right now that are saying that we have not been hacked. Our own systems show that we have not been hacked.”

CNN’s Michael Smerconish, was not convinced. “I’m casting doubt on whether Sean Spicer can definitively know the answer to the question of the extent of the Russian hack and my frustration is at the idea that until this thing is fully developed already President-elect Trump is saying, ‘Move on folks there’s nothing to see here.'”

But the unpublished CIA report alluded to by the Washington Post breaks new ground. The official stance has always been that Russia had meddled in the election process rather than tried to influence its outcome. Now, reports the Post, “The CIA has concluded in a secret assessment that Russia intervened in the 2016 election to help Donald Trump win the presidency, rather than just to undermine confidence in the U.S. electoral system, according to officials briefed on the matter.”

It is not the unanimous view of all 17 intelligence agencies, but it is “the consensus view.” The ‘actors’ are one-step removed from the actual government. The general opinion of the cyber security industry is that the attacks were conducted by two Russia-based groups known as Fancy Bear and Cozy Bear, and that both have links to the Kremlin. It is that final step of 100% confident attribution that seems to be concerning some of the intelligence agencies — albeit not the CIA.

The attribution issue was stressed by Mr Trump in an interview published in Time Magazine. “I don’t believe they interfered” in the election, he told the magazine. The hacking, he said, “could be Russia. And it could be China. And it could be some guy in his home in New Jersey.”

On Thursday, however, the day before the Post article, the German internal intelligence agency warned that Russia is also meddling in German politics ahead of next year’s elections. “Propaganda, disinformation, cyber-attacks, cyber espionage and cyber sabotage are part of hybrid threats against western democracies,” he said.

Meanwhile, a new report from Yahoo News claims that Russian attacks continued right up to the election in November. “In the closing days of the 2016 election campaign, hackers believed to be working for Russian intelligence launched a new wave of attacks on Hillary Clinton’s campaign and the Democratic National Committee,” it reports.

“They were targeting us throughout the election,” said an unnamed former senior Clinton campaign staffer. “They never stopped trying to get back in.”

Written By

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

Click to comment

Expert Insights

Related Content

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Cyberwarfare

Iranian APT Moses Staff is leaking data stolen from Saudi Arabia government ministries under the recently created Abraham's Ax persona

Cybercrime

Artificial intelligence is competing in another endeavor once limited to humans — creating propaganda and disinformation.

Cyberwarfare

The UK’s NCSC has issued a security advisory to warn about spearphishing campaigns conducted by two unrelated Russian and Iranian hacker groups.

Cyberwarfare

WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...

Cybercrime

Albanian prosecutors on Wednesday asked for the house arrest of five public employees they blame for not protecting the country from a cyberattack by...

Cyberwarfare

Cybersecurity firm Group-IB is raising the alarm on a newly identified advanced persistent threat (APT) actor targeting government and military organizations in Asia and...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...