Is Moscow Trying To Influence The US Presidential Election?

The unknown identity of a mysterious hacker claiming to be the sole architect behind the infiltration of the Democratic National Committee (DNC) has raised fears that Russia may be trying to influence the US election.

The idea sounds like the work of conspiracy theorists, but both security and foreign policy experts say it fits with a historical pattern of Russian intelligence operations.  

“I think it would naive of us to rule that out,” said Jason Healey, a director at the Atlantic Council who has worked on cyber defenses at the White House.

The hack comes as the Senate is weighing its annual intelligence policy bill, which would establish a committee specifically to counter “active measures by Russia to exert covert influence.”

The firm that investigated the breach for the DNC attributed the attack to the Russian government and most onlookers originally interpreted it as traditional espionage, a straightforward way of gathering intelligence about the American political landscape, something the US itself does.

But things became much murkier when a hacker calling himself or herself “Guccifer 2.0” dumped a trove of documents he claimed were among “thousands” stolen from the committee. The documents have yet to be verified but include opposition research on Donald Trump and a dossier of ways to defend Democratic frontrunner Hillary Clinton against political attacks.

“What appears evident is that the Russian groups responsible for the DNC hack are intent on attempting to influence the outcome of this election,” a spokesman for Democratic presidential candidate Hillary Clinton’s campaign told Bloomberg after the outlet reported that the same hackers behind the DNC breach had infiltrated the Clinton Foundation.

“Significance is more than docs,” tweeted ex-National Security Agency contractor Edward Snowden. “Hacktivists, possibly state-sponsored, now demonstrating intent, and capability, to influence elections.”

For some, handicapping the motivations behind the hack hinges on whether Guccifer 2.0 is who he says he is.

In interviews with Vice’s tech publication, Motherboard, Guccifer 2.0 claims to be Romanian, and to have acted independently.

Asked by Motherboard if he worked for the Russian government, Guccifer 2.0 responded, “No because I don't like Russians and their foreign policy. I hate being attributed to Russia.”

Onlookers are skeptical. For one thing, Guccifer 2.0’s Romanian is reportedly awkward for a native speaker. Others have noted the suspicious timing of Guccifer 2.0’s appearance on the web, the day after the attack was publicly attributed to Russia. There is no apparent documented history of his existence before that day.

The DNC almost immediately fired back, insisting that Guccifer 2.0 was a “misinformation campaign” by the Russian government. The security firm that investigated the breach, CrowdStrike, also said it stands by its assessment that the perpetrators of the breach were Russian government, forensic analysis that has since been backed up by other cyber companies.

Onlookers see two plausible scenarios. In both, the Russian government infiltrated the DNC’s servers.

Under one scenario, Guccifer 2.0 is an independent hacker who also infiltrated the DNC’s systems and subsequently chose to release the documents he stole. If that is the case, some say, then the Russian government was likely engaging in a traditional intelligence-gathering mission, not influence operations.

But if Guccifer 2.0 is a Russian government plant, there’s a possibility that the release of the documents is intended to shift the results of the US election in some way.

“I see as either straight espionage if Guccifer is not connected to Russia or influence operations trying to influence an election if Guccifer is connected to Russia,” Healey said.

Russia has long employed information warfare tactics to bolster their geopolitical position, arguing that it is necessary to counteract “informational aggression from the Atlantic civilization led by the USA.”

“This idea that they are seeking to influence the perception of some kind of issue or change that issue based on information they release or get out” has “a long and storied history,” said Jordan Berry, principal threat intelligence analyst at the security firm FireEye.

The intelligence community and lawmakers are carefully watching Russia’s ability to sow misinformation as a way to advance its own interests.

“Russian cyber actors, who post disinformation on commercial websites, might seek to alter online media as a means to influence public discourse and create confusion,” Director of National Intelligence James Clapper warned in his 2016 threat assessment.

The committee that would be established by the 2017 Intelligence Authorization Act would target Russian activities that are intended to influence either individuals or governments.

According to the bill, that includes everything from the establishment or funding of a front group, covert broadcasting, media manipulation and disinformation campaigns.

Experts cite the vast misinformation campaign that Russia, famous for its propaganda, has launched surrounding the situation in Ukraine, “which is being waged on an unprecedentedly large scale,” according to a Polish report on Russian information warfare strategy.

But whether the Kremlin would use that apparatus to influence the US election is still a matter of speculation. The theory is predicated on the assumption that Russian President Vladimir Putin is a supporter of presumptive Republican nominee Donald Trump.

“It is widely known that Putin greatly favors Donald Trump,” said Scott Borg, director of the nonprofit research institute US Cyber Consequences Unit. “Everything points to this being an attempt to influence an American election by a foreign power in a really dramatic way.”

Trump has spoken repeatedly of his admiration for Putin and has said he intends to ease tensions with Russia, a claim that has raised some eyebrows in the foreign relations community.

The Kremlin has signaled that it is pleased with Trump’s success. In December, Putin said Trump “says he wants to move to another level of relations, to closer and deeper relations with Russia, how can we not welcome that? Of course, we welcome it.”

Trump himself believes the hack was a hoax, perpetrated by the DNC itself.

“We believe it was the DNC itself that did the ‘hacking’ as a way to distract from the many issues facing their deeply flawed candidate and failed party leader,” the GOP standard-bearer tweeted last week.

And even those who say the theory is plausible caution that it should be taken with a grain of salt.

“It seems like an odd way to go about it,” Healey mused. “I have to work backwards, this bro-mance between Putin and Trump, somehow, this is meant to help Trump, but I don’t quite see how it does that?”

The Hill

« Frankenstein’s Paperclips
US & Israel Agree To Co-operate In Cyber Defense »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

RedTeam Security

RedTeam Security

RedTeam Security is a provider of Penetration Testing, Social Engineering, Red Teaming and Red Team Training services.

Acunetix

Acunetix

Acunetix is a leading web vulnerability scanner, widely acclaimed to include the most advanced SQL injection and XSS black box scanning technology.

Hodgson Russ

Hodgson Russ

Hodgson Russ is a US business law firm. Practice areas include Privacy, Data Breach & Cybersecurity.

National Agency for Information & Communication Technologies (ANTIC) - Cameroon

National Agency for Information & Communication Technologies (ANTIC) - Cameroon

ANTIC is responsible for regulating the activities of electronic security and regulation of the Internet in Cameroon.

Netwrix

Netwrix

Netwrix empowers information security and governance professionals to identify and protect sensitive data to reduce the risk of a breach.

Ignyte Assurance Platform

Ignyte Assurance Platform

Ignyte Assurance Platform™ is a leader in collaborative security and integrated GRC solutions for global corporations in Healthcare, Defense, and Technology.

Taqnia Cyber

Taqnia Cyber

Taqnia Cyber specializes in the fields of cyber security, intelligence, operations, and training. It offers its services and consultations to both public and private sectors.

VXRL

VXRL

VXRL is a Hong Kong-based cybersecurity company. We provide consulting services, penetration testing, and corporate training.

Department of Justice - Computer Crime and Intellectual Property Section (CCIPS)

Department of Justice - Computer Crime and Intellectual Property Section (CCIPS)

The Computer Crime and Intellectual Property Section (CCIPS) is responsible for implementing the Department's national strategies in combating computer and intellectual property crimes worldwide.

Japan Cybersecurity Innovation Committee (JCIC)

Japan Cybersecurity Innovation Committee (JCIC)

JCIC is an independent and not-for-profit thinktank to establish a secure and safe digital society.

Tugboat Logic

Tugboat Logic

Tugboat Logic was created to address the skills and expertise gap in the security and compliance industry. Our goal is to simplify and automate information security management for every enterprise.

Atlas VPN

Atlas VPN

Atlas VPN is a highly secure freemium VPN service with a goal to make safe and open internet accessible for everyone.

Red Maple Technologies

Red Maple Technologies

Started and run by engineers from the UK Intelligence and Defence communities, Red Maple is a technical consultancy and product company.

Nexer

Nexer

Nexer is a modern tech company with expertise in strategy, technology and communication with a strong vision.

SafeBase

SafeBase

Safebase provide the infrastructure for Trust Communication. Our Trust Center enables Security and Sales teams to share and automate access to security, compliance, and privacy information.

Sinergi Digital

Sinergi Digital

Sinergi Digital is a business unit of the Metrodata Group with a focus on providing ICT solution to help accelerating digital transformation.