Is Moscow Trying To Influence The US Presidential Election?

The unknown identity of a mysterious hacker claiming to be the sole architect behind the infiltration of the Democratic National Committee (DNC) has raised fears that Russia may be trying to influence the US election.

The idea sounds like the work of conspiracy theorists, but both security and foreign policy experts say it fits with a historical pattern of Russian intelligence operations.  

“I think it would naive of us to rule that out,” said Jason Healey, a director at the Atlantic Council who has worked on cyber defenses at the White House.

The hack comes as the Senate is weighing its annual intelligence policy bill, which would establish a committee specifically to counter “active measures by Russia to exert covert influence.”

The firm that investigated the breach for the DNC attributed the attack to the Russian government and most onlookers originally interpreted it as traditional espionage, a straightforward way of gathering intelligence about the American political landscape, something the US itself does.

But things became much murkier when a hacker calling himself or herself “Guccifer 2.0” dumped a trove of documents he claimed were among “thousands” stolen from the committee. The documents have yet to be verified but include opposition research on Donald Trump and a dossier of ways to defend Democratic frontrunner Hillary Clinton against political attacks.

“What appears evident is that the Russian groups responsible for the DNC hack are intent on attempting to influence the outcome of this election,” a spokesman for Democratic presidential candidate Hillary Clinton’s campaign told Bloomberg after the outlet reported that the same hackers behind the DNC breach had infiltrated the Clinton Foundation.

“Significance is more than docs,” tweeted ex-National Security Agency contractor Edward Snowden. “Hacktivists, possibly state-sponsored, now demonstrating intent, and capability, to influence elections.”

For some, handicapping the motivations behind the hack hinges on whether Guccifer 2.0 is who he says he is.

In interviews with Vice’s tech publication, Motherboard, Guccifer 2.0 claims to be Romanian, and to have acted independently.

Asked by Motherboard if he worked for the Russian government, Guccifer 2.0 responded, “No because I don't like Russians and their foreign policy. I hate being attributed to Russia.”

Onlookers are skeptical. For one thing, Guccifer 2.0’s Romanian is reportedly awkward for a native speaker. Others have noted the suspicious timing of Guccifer 2.0’s appearance on the web, the day after the attack was publicly attributed to Russia. There is no apparent documented history of his existence before that day.

The DNC almost immediately fired back, insisting that Guccifer 2.0 was a “misinformation campaign” by the Russian government. The security firm that investigated the breach, CrowdStrike, also said it stands by its assessment that the perpetrators of the breach were Russian government, forensic analysis that has since been backed up by other cyber companies.

Onlookers see two plausible scenarios. In both, the Russian government infiltrated the DNC’s servers.

Under one scenario, Guccifer 2.0 is an independent hacker who also infiltrated the DNC’s systems and subsequently chose to release the documents he stole. If that is the case, some say, then the Russian government was likely engaging in a traditional intelligence-gathering mission, not influence operations.

But if Guccifer 2.0 is a Russian government plant, there’s a possibility that the release of the documents is intended to shift the results of the US election in some way.

“I see as either straight espionage if Guccifer is not connected to Russia or influence operations trying to influence an election if Guccifer is connected to Russia,” Healey said.

Russia has long employed information warfare tactics to bolster their geopolitical position, arguing that it is necessary to counteract “informational aggression from the Atlantic civilization led by the USA.”

“This idea that they are seeking to influence the perception of some kind of issue or change that issue based on information they release or get out” has “a long and storied history,” said Jordan Berry, principal threat intelligence analyst at the security firm FireEye.

The intelligence community and lawmakers are carefully watching Russia’s ability to sow misinformation as a way to advance its own interests.

“Russian cyber actors, who post disinformation on commercial websites, might seek to alter online media as a means to influence public discourse and create confusion,” Director of National Intelligence James Clapper warned in his 2016 threat assessment.

The committee that would be established by the 2017 Intelligence Authorization Act would target Russian activities that are intended to influence either individuals or governments.

According to the bill, that includes everything from the establishment or funding of a front group, covert broadcasting, media manipulation and disinformation campaigns.

Experts cite the vast misinformation campaign that Russia, famous for its propaganda, has launched surrounding the situation in Ukraine, “which is being waged on an unprecedentedly large scale,” according to a Polish report on Russian information warfare strategy.

But whether the Kremlin would use that apparatus to influence the US election is still a matter of speculation. The theory is predicated on the assumption that Russian President Vladimir Putin is a supporter of presumptive Republican nominee Donald Trump.

“It is widely known that Putin greatly favors Donald Trump,” said Scott Borg, director of the nonprofit research institute US Cyber Consequences Unit. “Everything points to this being an attempt to influence an American election by a foreign power in a really dramatic way.”

Trump has spoken repeatedly of his admiration for Putin and has said he intends to ease tensions with Russia, a claim that has raised some eyebrows in the foreign relations community.

The Kremlin has signaled that it is pleased with Trump’s success. In December, Putin said Trump “says he wants to move to another level of relations, to closer and deeper relations with Russia, how can we not welcome that? Of course, we welcome it.”

Trump himself believes the hack was a hoax, perpetrated by the DNC itself.

“We believe it was the DNC itself that did the ‘hacking’ as a way to distract from the many issues facing their deeply flawed candidate and failed party leader,” the GOP standard-bearer tweeted last week.

And even those who say the theory is plausible caution that it should be taken with a grain of salt.

“It seems like an odd way to go about it,” Healey mused. “I have to work backwards, this bro-mance between Putin and Trump, somehow, this is meant to help Trump, but I don’t quite see how it does that?”

The Hill

« Frankenstein’s Paperclips
US & Israel Agree To Co-operate In Cyber Defense »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Professional Information Security Association (PISA)

Professional Information Security Association (PISA)

PISA is an independent and not-for-profit organization for information security professionals, with the primary objective of promoting information security awareness and best practice.

National Defense Industry Association (NDIA)

National Defense Industry Association (NDIA)

The National Defense Industrial Association Cyber Division contributes to US national security by promoting interaction between the cyber defense industry, government and military.

Ravelin Technology

Ravelin Technology

Ravelin prevents chargebacks, fraud, and account takeover. Machine learning and human insight combine for highly accurate fraud detection and prevention.

Penacity

Penacity

Penacity, LLC provides strategic consulting technology services and Information Security Services to commercial and government organizations.

Mendoza Ventures

Mendoza Ventures

Mendoza Ventures is a venture capital fund focusing on pre-seed Artificial Intelligence (AI), Fintech, and Cybersecurity startups.

ARCON

ARCON

ARCON offers a proprietary unified governance framework, which addresses risk across various technology platforms.

Team Secure

Team Secure

Team Secure provide Enterprise-grade Cyber Security consultancy, managed security services and cyber security staffing services.

BrainStorm

BrainStorm

BrainStorm Threat Defense takes a new human-focused approach to security awareness that traditional training lacks. It’s a cutting-edge platform to make your users more security savvy.

Digital Edge

Digital Edge

Digital Edge provides unparalleled Managed Cloud Solutions, as well as superior Information Technology Support Services.

Fusion Cyber

Fusion Cyber

Fusion Cyber educates students in Zero Trust Risk Management, Defense, and Cyber Offense that lead to taking industry-accepted cybersecurity certifications.

Cisco Systems

Cisco Systems

Cisco helps seize the opportunities of tomorrow by proving that amazing things can happen when you connect the unconnected.

ITC Federal

ITC Federal

ITC Federal delivers IT cybersecurity assessment services to support agencies in meeting their security strategies and federal security compliance goals.

Threatsys Technologies

Threatsys Technologies

Threatsys’s Integrated cyber security process helps your organizations to ensure that it’s secure from any fraudulent attacks.

Intellinexus

Intellinexus

Intellinexus turns data into actionable insights to revolutionise decision-making in your business.

Silobreaker

Silobreaker

Silobreaker is a SaaS platform that enables threat intelligence teams to produce high-quality and relevant intelligence at a faster pace.

Bestman Solutions

Bestman Solutions

As a specialist cyber security practice, we believe that people are an organisation’s most valuable asset. Success depends on hiring the right people, and this is where we come in.