Clinton campaign manager Robby Mook sounded pretty certain Russia was behind a recent leak of approximately 20,000 of the Democratic National Committee's emails during a Sunday interview on CNN.
"Experts are telling us that Russian state actors broke into the DNC and stole these emails and other experts are now saying that the Russians are releasing these emails for the purposes of helping Donald Trump," Mook said.
Coming out on CNN and saying that a foreign power is trying to swing an election is a pretty serious charge and the FBI announced earlier today they were opening an official probe into the case.
Based on what's publicly available, here is what we know for sure about the potential Russian involvement in the DNC hack.
When the hack is said to have happened
This all starts with a report issued in June by the private cybersecurity company CrowdStrike, which was hired by the DNC to investigate reports that its computer systems had been infiltrated. The company's report pointed to two separate groups ("Cozy Bear" and "Fancy Bear") that it said were running roughshod through the organization's email servers.
The company was familiar with "Cozy Bear" as a group that had previously broken into unclassified email systems at the White House and State Department. "Fancy Bear" was traced to a unit CrowdStrike believed to be a part of Russian military intelligence. It had also been found to have carried out cyber-attacks on military targets in the U.S., Europe, Canada, Japan, and South Korea.
At least two other cyber-security firms also examined the evidence and also concluded that the attacks originated with the Russian groups identified by CrowdStrike.
Enter Guccifer 2.0…
A day after CrowdStrike released its report, a person claiming to be a hacker not belonging to either "Cozy Bear" or "Fancy Bear" set up a blog saying that they were exclusively responsible for the DNC leak, mocking Crowdstrike for its conclusion that there were two parties involved.
Worldwide known cyber security company CrowdStrike announced that the Democratic National Committee (DNC) servers had been hacked by “sophisticated” hacker groups.
I’m very pleased the company appreciated my skills so highly))) But in fact, it was easy, very easy.
The hacker called themselves "Guccifer 2.0" after Romanian hacker Marcel Lehel Lazar, who recently pled guilty to breaking into former President George W. Bush's email, among others. Guccifer 2.0 began to release DNC documents, like the organization's opposition file on Donald Trump and donor records, continually proclaiming that they worked alone. They also said they were releasing all the information taken off the DNC email servers to Wikileaks:
The main part of the papers, thousands of files and mails, I gave to Wikileaks. They will publish them soon.
I guess CrowdStrike customers should think twice about company’s competence.
Fuck the Illuminati and their conspiracies!!!!!!!!! Fuck CrowdStrike!!!!!!!!!
Guccifer 2.0 has kept their identity a secret, however an examination by Ars Technica of the files leaked on their blog found evidence that they had passed through a system that used Russian language settings.
… and on to Wikileaks
Wikileaks would post all of the emails purportedly obtained in the hack a month later in a searchable format, saying that they were part of a new, ongoing "Hillary Leaks" series. Wikileaks will not identify their sources, which they say are many, but as recently as July 14, Guccifer 2.0 told The Hill that they had provided Wikileaks with the emails.
Guccifer 2.0's original leaks back in June seemed to upset the Trump campaign more than anyone else (they claimed that the DNC had staged its own hacking to release damaging info about him). But the new leaks are quite embarrassing to Democrats, leading to DNC chair Debbie Wasserman Schultz's resignation over accusations the neutral group favored Hillary Clinton over Bernie Sanders in the Democratic primary.
The Russia-Trump connection (if there is one)
Other media outlets have pointed out some ancillary information supporting the idea that Russia could be involved, but the links are a bit tenuous: Trump has gone out of his way to praise Russian President Vladimir Putin. Trump's campaign manager, Paul Manafort, has financial links to Putin allies (which Manafort denies). And Russian propaganda outlets have taken an increasingly anti-Hillary, pro-Trump tone.
The circumstantial evidence is a bit frightening, but if you sum up the direct evidence of Russian involvement, it comes down to:
- Cyber-security experts say Russian intelligence infiltrated DNC systems.
- Anonymous hacker says it was really him.
- Wikileaks won't say how they got their information.
For his part, Trump was quick to dismiss the theory:
Trump's campaign manager, Paul Manafort, was also critical of the theory. He told George Stephanopoulos on Sunday's broadcast of ABC's "The Week," “No, there are not. That’s absurd. And, you know, there’s no basis to it.”
The Kremlin, meanwhile, has yet to comment on the latest allegations, but a spokesman for President Vladimir Putin said after news of the hack broke in June, "I absolutely rule out the possibility that the government or government agencies were involved in this."
We've reached out to the DNC for comment and will update if we hear back.
As cyber security experts have pointed out, it will be difficult to pinpoint who exactly is responsible for the hack, but as it stands, the infiltration of committee's servers is one of the more prominent cyber attacks in recent memory.