There have been a plethora of news reports about official US Government warnings provided to the campaigns of Trump, Clinton and Sanders, as well as the GOP and DNC, that sophisticated hackers operating on behalf of nation states were attempting to penetrate their computers. Indeed, Bloomberg reports 4,000 individuals associated with U.S. politics have been targeted. This includes party aides, advisers, lawyers and foundations.
Today the vast majority of candidate and party data is kept in electronic format. That means attacks to acquire election information will be technical attacks. The DNC was put on notice early in the 2016 campaign cycle that their infrastructure was not up-to-snuff by the Sanders campaign. The DNC was sued by Sanders surrounding a December 2015 security event. Within the complaint, the DNC was specifically called out for poor security measures, not only with respect to the 2016 presidential election, but also the 2008 election. This exposure took place when the Sanders campaign was provided access to other candidate’s data sets due to a “security bug” not having been appropriately mitigated.
The DNC’s treasure trove of personal identifying information (PII), internal party platform discussions, analysis of candidates from other political parties was vulnerable. The Sanders complaint was tantamount to a burst of signal flares being shot into the sky highlighting opportunity both for the criminals and the nation states’ intelligence services interested understanding the presidential candidates’ positions.
Nation State cyber mischief identified
Fast forward to mid-2016 and we learn that the DNC computer system has been breached. Two cyber security firms (Crowdstrike and Fidelis) attribute the attack to two Russian entities. Crowdstrike went one step further and specifically called out one group, known as “Cozy Bear” operating on behalf of the SVR (Russian External Security Service) and a separate group “Fancy Bear” operating on behalf of the GRU (Russian Military Intelligence Service). The cyber security firms note that the breach compromised significant amounts of DNC data, to include DNC’s research into GOP candidates, most notably the confidential analysis of GOP presidential candidate Donald Trump (DNC analysis of Donald Trump, December 2015, 237 pages). In addition, political parties plan to win, so lists and analysis on best candidates for key administration posts (cabinet and select appointees) will always be of interest to an adversary, as will the national security transition. Once the national primaries are concluded and the candidates for president solidified, these individuals will begin receiving national security briefings.
When the DNC was queried by Bloomberg, Clinton spokesman Glen Caplin said “We routinely communicate and cooperate with government agencies on security-related matters,” he said. “What appears evident is that the Russian groups responsible for the DNC hack are intent on attempting to influence the outcome of this election.”
Caplin’s comment was showed a good deal of prescience, as data from the DNC hack and the separate attack on the Clinton Foundation began appearing on a website controlled by an individual identifying him/herself as Guccifer 2.0. This individual claims that the DNC Hack was the work of a lone wolf; a claim which Crowdstrike challenged.
Indeed, Crowdstrike went so far as to suggest that Guccifer 2.0 is a fictitious person and a novel piece of Russian disinformation at work. This disinformation causes the original analysis to be more actively challenged (nothing wrong with that), but also provides an avenue by which select documents can be made public with the hope of influencing the US election process. We should expect to see more of the foreign hand sliding its way into US political milieu via these cyber intrusions and select release of content.
Those who enjoy the trust and confidence of the US Government via a security clearance understand foreign intelligence services have an interest in the plans and intentions of the United States Government. However, those who aren’t exposed to counterintelligence or operational security briefings, may lack an understanding of how the international geopolitical milieu is played out, and think “Gentleman do not read other gentleman’s mail.” (1929, Secretary of State Henry L. Stimson).
The reality is they do, they have, they will continue to do so. Whether or not such briefings will affect elections is unclear. Does it mean foreign intelligence agencies would love to influence the electorate and the elected? Absolutely.