Secret CIA assessment says Russia was trying to help Trump win White House

The CIA has concluded in a secret assessment that Russia intervened in the 2016 election to help Donald Trump win the presidency, rather than just to undermine confidence in the U.S. electoral system, according to officials briefed on the matter.

Intelligence agencies have identified individuals with connections to the Russian government who provided WikiLeaks with thousands of hacked emails from the Democratic National Committee and others, including Hillary Clinton’s campaign chairman, according to U.S. officials. Those officials described the individuals as actors known to the intelligence community and part of a wider Russian operation to boost Trump and hurt Clinton’s chances.

“It is the assessment of the intelligence community that Russia’s goal here was to favor one candidate over the other, to help Trump get elected,” said a senior U.S. official briefed on an intelligence presentation made to U.S. senators. “That’s the consensus view.”

The Obama administration has been debating for months how to respond to the alleged Russian intrusions, with White House officials concerned about escalating tensions with Moscow and being accused of trying to boost Clinton’s campaign.

In September, during a secret briefing for congressional leaders, Senate Majority Leader Mitch McConnell (R-Ky.) voiced doubts about the veracity of the intelligence, according to officials present.

The Trump transition team dismissed the findings in a short statement issued Friday evening. “These are the same people that said Saddam Hussein had weapons of mass destruction. The election ended a long time ago in one of the biggest Electoral College victories in history. It’s now time to move on and ‘Make America Great Again,’ ” the statement read.

Trump has consistently dismissed the intelligence community’s findings about Russian hacking.

“I don’t believe they interfered” in the election, he told Time magazine this week. The hacking, he said, “could be Russia. And it could be China. And it could be some guy in his home in New Jersey.”

The CIA shared its latest assessment with key senators in a closed-door briefing on Capitol Hill last week, in which agency officials cited a growing body of intelligence from multiple sources. Agency briefers told the senators it was now “quite clear” that electing Trump was Russia’s goal, according to the officials, who spoke on the condition of anonymity to discuss intelligence matters.

The CIA presentation to senators about Russia’s intentions fell short of a formal U.S. assessment produced by all 17 intelligence agencies. A senior U.S. official said there were minor disagreements among intelligence officials about the agency’s assessment, in part because some questions remain unanswered.

For example, intelligence agencies do not have specific intelligence showing officials in the Kremlin “directing” the identified individuals to pass the Democratic emails to WikiLeaks, a second senior U.S. official said. Those actors, according to the official, were “one step” removed from the Russian government, rather than government employees. Moscow has in the past used middlemen to participate in sensitive intelligence operations so it has plausible deniability.

Julian Assange, the founder of WikiLeaks, has said in a television interview that the “Russian government is not the source.”

The White House and CIA officials declined to comment.

On Friday, the White House said President Obama had ordered a “full review” of Russian hacking during the election campaign, as pressure from Congress has grown for greater public understanding of exactly what Moscow did to influence the electoral process.

“We may have crossed into a new threshold, and it is incumbent upon us to take stock of that, to review, to conduct some after-action, to understand what has happened and to impart some lessons learned,” Obama’s counterterrorism and homeland security adviser, Lisa Monaco, told reporters at a breakfast hosted by the Christian Science Monitor.

Obama wants the report before he leaves office Jan. 20, Monaco said. The review will be led by James Clapper, the outgoing director of national intelligence, officials said.

During her remarks, Monaco didn’t address the latest CIA assessment, which hasn’t been previously disclosed.

Seven Democratic senators last week asked Obama to declassify details about the intrusions and why officials believe that the Kremlin was behind the operation. Officials said Friday that the senators specifically were asking the White House to release portions of the CIA’s presentation.

This week, top Democratic lawmakers in the House also sent a letter to Obama, asking for briefings on Russian interference in the election.

U.S. intelligence agencies have been cautious for months in characterizing Russia’s motivations, reflecting the United States’ long-standing struggle to collect reliable intelligence on President Vladi­mir Putin and those closest to him.

In previous assessments, the CIA and other intelligence agencies told the White House and congressional leaders that they believed Moscow’s aim was to undermine confidence in the U.S. electoral system. The assessments stopped short of saying the goal was to help elect Trump.

On Oct. 7, the intelligence community officially accused Moscow of seeking to interfere in the election through the hacking of “political organizations.” Though the statement never specified which party, it was clear that officials were referring to cyber-intrusions into the computers of the DNC and other Democratic groups and individuals.

Some key Republican lawmakers have continued to question the quality of evidence supporting Russian involvement.

“I’ll be the first one to come out and point at Russia if there’s clear evidence, but there is no clear evidence — even now,” said Rep. Devin Nunes (R-Calif.), the chairman of the House Intelligence Committee and a member of the Trump transition team. “There’s a lot of innuendo, lots of circumstantial evidence, that’s it.”

[U.S. investigating potential covert Russian plan to disrupt elections]

Though Russia has long conducted cyberspying on U.S. agencies, companies and organizations, this presidential campaign marks the first time Moscow has attempted through cyber-means to interfere in, if not actively influence, the outcome of an election, the officials said.

The reluctance of the Obama White House to respond to the alleged Russian intrusions before Election Day upset Democrats on the Hill as well as members of the Clinton campaign.

Within the administration, top officials from different agencies sparred over whether and how to respond. White House officials were concerned that covert retaliatory measures might risk an escalation in which Russia, with sophisticated cyber-capabilities, might have less to lose than the United States, with its vast and vulnerable digital infrastructure.

The White House’s reluctance to take that risk left Washington weighing more-limited measures, including the “naming and shaming” approach of publicly blaming Moscow.

By mid-September, White House officials had decided it was time to take that step, but they worried that doing so unilaterally and without bipartisan congressional backing just weeks before the election would make Obama vulnerable to charges that he was using intelligence for political purposes.

Instead, officials devised a plan to seek bipartisan support from top lawmakers and set up a secret meeting with the Gang of 12 — a group that includes House and Senate leaders, as well as the chairmen and ranking members of both chambers’ committees on intelligence and homeland security.

Obama dispatched Monaco, FBI Director James B. Comey and Homeland Security Secretary Jeh Johnson to make the pitch for a “show of solidarity and bipartisan unity” against Russian interference in the election, according to a senior administration official.

Specifically, the White House wanted congressional leaders to sign off on a bipartisan statement urging state and local officials to take federal help in protecting their voting-registration and balloting machines from Russian cyber-intrusions.

Though U.S. intelligence agencies were skeptical that hackers would be able to manipulate the election results in a systematic way, the White House feared that Russia would attempt to do so, sowing doubt about the fundamental mechanisms of democracy and potentially forcing a more dangerous confrontation between Washington and Moscow.

[Putin denies that Russia hacked the DNC but says it was for the public good]

In a secure room in the Capitol used for briefings involving classified information, administration officials broadly laid out the evidence U.S. spy agencies had collected, showing Russia’s role in cyber-intrusions in at least two states and in hacking the emails of the Democratic organizations and individuals.

And they made a case for a united, bipartisan front in response to what one official described as “the threat posed by unprecedented meddling by a foreign power in our election process.”

The Democratic leaders in the room unanimously agreed on the need to take the threat seriously. Republicans, however, were divided, with at least two GOP lawmakers reluctant to accede to the White House requests.

According to several officials, McConnell raised doubts about the underlying intelligence and made clear to the administration that he would consider any effort by the White House to challenge the Russians publicly an act of partisan politics.

Some of the Republicans in the briefing also seemed opposed to the idea of going public with such explosive allegations in the final stages of an election, a move that they argued would only rattle public confidence and play into Moscow’s hands.

McConnell’s office did not respond to a request for comment. After the election, Trump chose McConnell’s wife, Elaine Chao, as his nominee for transportation secretary.

Some Clinton supporters saw the White House’s reluctance to act without bipartisan support as further evidence of an excessive caution in facing adversaries.

“The lack of an administration response on the Russian hacking cannot be attributed to Congress,” said Rep. Adam B. Schiff (Calif.), the ranking Democrat on the House Intelligence Committee, who was at the September meeting. “The administration has all the tools it needs to respond. They have the ability to impose sanctions. They have the ability to take clandestine means. The administration has decided not to utilize them in a way that would deter the Russians, and I think that’s a problem.”

Read More >>

Read More

7.3-magnitude earthquake strikes off Japan

A tsunami warning is in effect for Japan's Fukushima Prefecture after a 7.3-magnitude earthquake struck off Honshu at 5:59 a.m. Tuesday (3:59 p.m. Monday ET), according to the Japan Meteorological Agency.

A tsunami wave of 1-3 meters (3-10 feet) is possible, according to the agency. The US Geological Survey put the magnitude at 6.9, striking 37 kilometers (23 miles) east-southeast of Namie off the country's east coast at a depth of 11.4 kilometers (7 miles).

Two aftershocks were reported by USGS, one 5.4 and one 4.8.

Several tsunami waves have been spotted off the coast of Fukushima Prefecture, CNN affiliate NHK reported. One was spotted 22 kilometers off the coast of Iwaki City; a 90-centimeter wave was reported at Port of Soma; a 60-centimeter wave was reported at Port of Onahama.

Video on social media from Onahama featured sounds of sirens in response to the warning in effect. Images of the port showed waves that the broadcaster described as "backwash" that happens before a tsunami hits shore.

NHK urged the public to evacuate, cautioning that even if waves appear low in the ocean they can rise as they reach shore. The broadcaster reminded people to dress warmly in the cold rain and urged them to help others leave.

"Please do not think that you are safe. Please evacuate to high grounds," the network said. "Please think about the worst-case scenario and evacuate right away."

Earthquakes are common in Japan. The most recent was a 6.2 magnitude in late October near Kurayoshi, a city to the west of Osaka, which caused a handful of injuries.

The epicenter of this latest earthquake was not far south of the 2011 quake that caused a devastating tsunami, damaged nuclear reactors at the Fukushima Daiichi plant and killed more than 15,000 people. The devastating earthquake and tsunami in Japan will rank among the costliest natural disasters on record.

The 2011 quake moved Japan's coast 8 feet and shifted the Earth's axis, ranking among the costliest natural disasters on record.

Tokyo Electric Power Company Inc. said there had been no abnormalities or change in radiation levels at Fukushima Daiichi. Authorities are working to confirm reports that the reactor's cooling system stopped, NHK reported.

There is no tsunami threat to Hawaii as a result of the quake, the Honolulu Department of Emergency Management said.

Developing story - more to come

CNN's Radina Gigova and Taylor Ward contributed to this report.

Read More >>

Read More

How smart home devices are being hijacked to attack Internet

The huge cyberattack that crippled the Internet and disabled dozens of websites Friday appeared to be the biggest attack of its kind that the world has ever seen.

But it may not hold that title for for long.

What made last week’s Internet takedown so effective — and, some would say, sinister — was how the attackers weaponized everyday devices like security cameras, digital video recorders and baby monitors.
By exploiting the devices’ Web connections, hackers could infect them with malicious software and use them to paralyze huge portions of the Internet with a barrage of junk data in what is known as a distributed denial of service, or DDoS, attack.
For many, the breach was a stark demonstration of just how insecure the Internet remains. To some, it also felt like a call to action.
At a time when everything from televisions to refrigerators to kids’ toys are being equipped with an Internet connection, experts and legislators said, something ought to be done to ensure the security of these devices.

Yet there is little consensus around who should bear that responsibility.

“There aren’t just one or two types (of Internet of Things devices), there are tens of millions,” said Jeremiah Grossman, SentinelOne’s chief of security strategy. “So what we can expect going forward is a lot more of the same. ... Look out election day. Look out Cyber Monday.”

The Internet of Things encompasses a wide array of electronics: smart washing machines that will text you when your clothes are done, refrigerators that can order more groceries, wearable tech that can monitor your biorhythms, and talking toys that respond to words uttered by children.

Every year, more and more appliances are being made that connect to the Internet. Securing them is often an afterthought, experts said.

Many consumers, for instance, don’t see the danger in leaving a default password on a smart microwave, said Brian White, the chief operating officer for security firm RedOwl Analytics.

This is the attitude hackers bank on. If they can crack into a device using an easy-to-guess password, they can turn an everyday DVR into a zombie device enslaved to malicious software that can be used in attacks such as Friday’s assault.

“We are putting an enormous amount of compute capability in the average home, and it is very difficult for the average consumer to ensure their home is securely networked and their devices are updated,” White said.

Companies have long been held accountable for securing their own websites — banks, for instance, have security systems in place. But Internet of Things manufacturers are not required to guarantee a base level of security in the devices they create.

And when the priority is making the most inexpensive device possible, Grossman said, makers often skimp on things like security features.

Information security people “have been screaming bloody murder about this for years,” Grossman said. “Everything from cameras to toasters, refrigerators, microwaves. And because there’s no regulation, the manufacturers don’t need to make sure these devices ship with any security whatsoever.”

No single government agency oversees the devices or practices of the Internet of Things, though several have limited authority over parts of it.

Since Friday’s Internet blitz, some legislators have begun calling for greater government intervention.

“Not only does this kind of attack limit access to important information, delay financial transactions, and disrupt our nation’s commerce flows, but it also points to significant vulnerabilities in our national security,” Rep. Jerry McNerney, D-Stockton, said in a statement Saturday.

Friday’s attack targeted Dyn, an Internet infrastructure firm that, among other things, provides domain name services and online traffic management to hundreds of companies, including Amazon, CNN, GitHub, Twitter, Netflix, PayPal, Reddit, Zendesk and the New York Times, among many others.

In a DDoS attack, hackers typically deploy a botnet, or a network of compromised computers, to send phony traffic to a specific site or server with the intent of overwhelming it so it cannot respond to queries from real people.

What made the attack different was that it used a botnet seen only once before — last month in a record-size attack against cybersecurity journalist Brian Krebs’ website. The botnet, known as Mirai, used infected cameras spread across the world to send waves of traffic at Dyn’s DNS system at unprecedented rates.

Mirai continually scans the Internet for devices and then attempts to gain access to them by using a known default password or exploiting a weakness in outdated software.

Kyle York, Dyn’s chief strategy officer, said in a statement Saturday that the company was able to mitigate the first two waves in a matter of hours and fended off a third without customers seeing an impact.

But Dyn’s attackers may not have been using the full brunt of Mirai’s force.

Level 3 Communications, an Internet service provider based in Colorado, began monitoring the Mirai assault in the midst of its attack on Dyn. Level 3 reported that only about 10 percent of devices compromised by Mirai were deployed in Friday’s attack.

“There needs to be a much greater awareness among the public, among manufacturers,” White said. “This may have been a wake-up moment, but as with most things in the cyber realm, it may take a few more times for it to sink in.”

It has not yet been determined who was behind Friday’s attack, which came at Dyn in several waves beginning about 4 a.m. Pacific Daylight Time. But because the code behind Mirai was leaked after the attack on Krebs, it could have been anyone.

“Mirai is a DDoS-for-rent environment,” Dale Drew, Level 3 Communications’ chief Internet security officer, said in a video posted on Periscope. Hackers charge others for access to compromised machines, making it hard to determine the actual force behind a given attack.

The Department of Homeland Security and the FBI continue to investigate Friday’s cyberattack, though they have not yet identified a party responsible.

Activist hacker groups Anonymous and New World Hackers said they were responsible for the cyberassault on Dyn late Friday, telling several news organizations that it was an act of solidarity and retaliation over the Ecuadoran government’s decision to cut off WikiLeaks founder Julian Assange’s Internet connection.

“Twitter was kind of the main target. It showed people who doubted us what we were capable of doing, plus we got the chance to see our capability,” a New World Hacker member who identified himself as “Prophet” told the Associated Press on Saturday via a Twitter message.

The hacker said the group’s next target would be the Russian government in response to the cyberattacks Russia has allegedly launched against the U.S. this year.

But security experts and U.S. officials said they had their doubts about the group’s boasts.

No evidence over the weekend could link either group to the Dyn attacks, and both have taken credit for high-profile attacks in the past when they, in fact, were not involved.

“If they were just trying to prove a point, they would have done it briefly, rather than kept a series of sustained attacks going a number of times throughout the day,” Grossman said. “I mean, it’s possible. But it’s not plausible.”

Read More >>

Read More

Hackers Used New Weapons to Disrupt Major Websites Across U.S.

SAN FRANCISCO — Major websites were inaccessible to people across wide swaths of the United States on Friday after a company that manages crucial parts of the internet’s infrastructure said it was under attack.

Users reported sporadic problems reaching several websites, including Twitter, Netflix, Spotify, Airbnb, Reddit, Etsy, SoundCloud and The New York Times.

The company, Dyn, whose servers monitor and reroute internet traffic, said it began experiencing what security experts called a distributed denial-of-service attack just after 7 a.m. Reports that many sites were inaccessible started on the East Coast, but spread westward in three waves as the day wore on and into the evening.

And in a troubling development, the attack appears to have relied on hundreds of thousands of internet-connected devices like cameras, baby monitors and home routers that have been infected — without their owners’ knowledge — with software that allows hackers to command them to flood a target with overwhelming traffic.


A spokeswoman said the Federal Bureau of Investigation and the Department of Homeland Security were looking into the incident and all potential causes, including criminal activity and a nation-state attack.

Kyle York, Dyn’s chief strategist, said his company and others that host the core parts of the internet’s infrastructure were targets for a growing number of more powerful attacks.

“The number and types of attacks, the duration of attacks and the complexity of these attacks are all on the rise,” Mr. York said.

Security researchers have long warned that the increasing number of devices being hooked up to the internet, the so-called Internet of Things, would present an enormous security issue. And the assault on Friday, security researchers say, is only a glimpse of how those devices can be used for online attacks.

Dyn, based in Manchester, N.H., said it had fended off the assault by 9:30 a.m. But by 11:52 a.m., Dyn said it was again under attack. After fending off the second wave of attacks, Dyn said at 5 p.m. that it was again facing a flood of traffic.

A distributed denial-of-service attack, or DDoS, occurs when hackers flood the servers that run a target’s site with internet traffic until it stumbles or collapses under the load. Such attacks are common, but there is evidence that they are becoming more powerful, more sophisticated and increasingly aimed at core internet infrastructure providers.

Going after companies like Dyn can cause far more damage than aiming at a single website.

Dyn is one of many outfits that host the Domain Name System, or DNS, which functions as a switchboard for the internet. The DNS translates user-friendly web addresses like fbi.gov into numerical addresses that allow computers to speak to one another. Without the DNS servers operated by internet service providers, the internet could not operate.

In this case, the attack was aimed at the Dyn infrastructure that supports internet connections. While the attack did not affect the websites themselves, it blocked or slowed users trying to gain access to those sites.

Mr. York, the Dyn strategist, said in an interview during a lull in the attacks that the assaults on its servers were complex.

“This was not your everyday DDoS attack,” Mr. York said. “The nature and source of the attack is still under investigation.”

Later in the day, Dave Allen, the general counsel at Dyn, said tens of millions of internet addresses, or so-called I.P. addresses, were being used to send a fire hose of internet traffic at the company’s servers. He confirmed that a large portion of that traffic was coming from internet-connected devices that had been co-opted by type of malware, called Mirai.

Dale Drew, chief security officer at Level 3, an internet service provider, found evidence that roughly 10 percent of all devices co-opted by Mirai were being used to attack Dyn’s servers. Just one week ago, Level 3 found that 493,000 devices had been infected with Mirai malware, nearly double the number infected last month.

Mr. Allen added that Dyn was collaborating with law enforcement and other internet service providers to deal with the attacks.

In a recent report, Verisign, a registrar for many internet sites that has a unique perspective into this type of attack activity, reported a 75 percent increase in such attacks from April through June of this year, compared with the same period last year.

The attacks were not only more frequent, they were bigger and more sophisticated. The typical attack more than doubled in size. What is more, the attackers were simultaneously using different methods to attack the company’s servers, making them harder to stop.

The most frequent targets were businesses that provide internet infrastructure services like Dyn.

“DNS has often been neglected in terms of its security and availability,” Richard Meeus, vice president for technology at Nsfocus, a network security firm, wrote in an email. “It is treated as if it will always be there in the same way that water comes out of the tap.”

Last month, Bruce Schneier, a security expert and blogger, wrote on the Lawfare blog that someone had been probing the defenses of companies that run crucial pieces of the internet.

“These probes take the form of precisely calibrated attacks designed to determine exactly how well the companies can defend themselves, and what would be required to take them down,” Mr. Schneier wrote. “We don’t know who is doing this, but it feels like a large nation-state. China and Russia would be my first guesses.”

It is too early to determine who was behind Friday’s attacks, but it is this type of attack that has election officials concerned. They are worried that an attack could keep citizens from submitting votes.

Thirty-one states and the District of Columbia allow internet voting for overseas military and civilians. Alaska allows any Alaskan citizen to do so. Barbara Simons, the co-author of the book “Broken Ballots: Will Your Vote Count?” and a member of the board of advisers to the Election Assistance Commission, the federal body that oversees voting technology standards, said she had been losing sleep over just this prospect.

“A DDoS attack could certainly impact these votes and make a big difference in swing states,” Dr. Simons said on Friday. “This is a strong argument for why we should not allow voters to send their voted ballots over the internet.”

This month the director of national intelligence, James Clapper, and the Department of Homeland Security accused Russia of hacking the Democratic National Committee, apparently in an effort to affect the presidential election. There has been speculation about whether President Obama has ordered the National Security Agency to conduct a retaliatory attack and the potential backlash this might cause from Russia.

Gillian M. Christensen, deputy press secretary for the Department of Homeland Security, said the agency was investigating “all potential causes” of the attack.

Vice President Joseph R. Biden Jr. said on the NBC News program “Meet the Press” this month that the United States was prepared to respond to Russia’s election attacks in kind. “We’re sending a message,” Mr. Biden said. “We have the capacity to do it.”

But technology providers in the United States could suffer blowback. As Dyn fell under recurring attacks on Friday, Mr. York, the chief strategist, said such assaults were the reason so many companies are pushing at least parts of their infrastructure to cloud computing networks, to decentralize their systems and make them harder to attack.

“It’s a total wild, wild west out there,” Mr. York said.

Erin McCann contributed reporting from New York.

Read More >>

Read More

Russia no longer denies hacking DNC

WASHINGTON — The Federal Bureau of Investigation suspects Russian intelligence agencies are behind the recent hacking of the emails of Hillary Clinton’s campaign chairman and of a contractor handling Florida voter data, according to people briefed on the investigations.

Top Russian officials on Wednesday, meanwhile, shifted away from denying a role in a separate hack of the Democratic National Committee. President Vladimir Putin said it is irrelevant who stole the computer records, and the foreign minister said that the U.S. hasn’t proven anything so far.

The comments, made in separate public appearances, reflect an ambivalence among top Russian officials about accusations made Friday by U.S. intelligence agencies that Moscow directed a hack-and-leak campaign aimed at interfering in the U.S. election.

“Everyone is saying, ‘Who did it?’” Putin said Wednesday at an investor forum in Moscow. “But does it matter that much? It’s what’s inside the information that matters.”

Russian Foreign Minister Sergei Lavrov on Wednesday, in an interview on CNN, didn’t deny involvement in the recent hacking operation. “We did not deny this,” he said, but added, “They did not prove it.”

Read More >>

Read More

U.S. government officially accuses Russia of hacking campaign to interfere with elections

The Obama administration on Friday officially accused Russia of attempting to interfere in the 2016 elections, including by hacking the computers of the Democratic National Committee and other political organizations.

The denunciation, made by the Office of the Director of National Intelligence and the Department of Homeland Security, came as pressure was growing from within the administration and some lawmakers to publicly name Moscow and hold it accountable for actions apparently aimed at sowing discord around the election.

“The U.S. Intelligence Community is confident that the Russian Government directed the recent compromises of e-mails from U.S. persons and institutions, including from U.S. political organizations,” said a joint statement from the two agencies. “. . . These thefts and disclosures are intended to interfere with the U.S. election process.”

The public finger-pointing was welcomed by senior Democratic and Republican lawmakers, who also said they now expect the administration to move to punish the Kremlin as part of an effort to deter further acts by its hackers.

“Today was just the first step,” said Sen. Ben Sasse (R-Neb.), a member of the Homeland Security Committee. “Russia must face serious consequences. Moscow orchestrated these hacks because [Russian President Vladimir] Putin believes Soviet-style aggression is worth it. The United States must upend Putin’s calculus with a strong diplomatic, political, ­cyber and economic response.”

The White House has been mulling potential responses, such as economic sanctions, but no formal recommendation to the president has been made.

The DNC publicly disclosed the intrusions in June, saying its investigation determined that Russian government hackers were behind the breach. That was followed shortly after by a major leak of DNC emails, some so embarrassing that they forced the resignation of the DNC chairwoman, Rep. Debbie Wasserman Schultz (Fla.), on the eve of the Democratic National Convention.

The administration also blamed Moscow for the hack of the Democratic Congressional Campaign Committee and the subsequent leak of private email addresses and cellphone numbers of Democratic lawmakers.

Other leaks of hacked material followed.

The digitally purloined material has appeared on websites such as DC Leaks and WikiLeaks. It has included the private emails of former secretary of state Colin Powell and aides to former secretary of state and Democratic presidential nominee Hillary Clinton.

An online persona calling himself Guccifer 2.0 has claimed responsibility for posting the material. Those sites and that persona are “consistent with the methods and motivations of Russian-directed efforts,” the joint statement said. “. . . We believe, based on the scope and sensitivity of these efforts, that only Russia’s senior-most officials could have authorized these activities.”

The Kremlin on Friday dismissed the administration’s accusation.

“This is some sort of nonsense,” said Dmitry Peskov, press secretary for Putin. “Every day, Putin’s site gets attacked by tens of thousands of hackers. Many of these attacks can be traced to U.S. territory. It’s not as though we accuse the White House or Langley of doing it each time it happens.”

Hours after the administration called out Russia, WikiLeaks released some 2,000 emails apparently hacked from the personal Gmail inbox of Clinton’s campaign chairman, John Podesta. They included excerpts of speeches Clinton made to Wall Street banks that she had resisted making public. In one of them, she said that Wall Street knew best how it should be regulated. The campaign has not acknowledged the excerpts’ authenticity. There was no immediate word from the FBI as to whether the Russians were behind this release.

The Obama administration noted that attempts to interfere in other countries’ political processes are not new to Moscow. Russian hackers have used hacking and other techniques to influence public opinion in Europe and Eurasia, it noted. On the eve of a critical post-revolution presidential vote in Ukraine in 2014, for instance, a digital assault nearly crippled the website of the country’s central election commission.

The intelligence community has for weeks been confident that hackers tied to Russian spy agencies were behind the DNC hack. Senior officials at the Justice Department and DHS pressed the White House to go public with an accusation.

But a number of administration officials were worried that such a statement would appear to politicize the issue in the weeks before the election. They were also concerned about the Kremlin’s reaction and about inadvertently disclosing sensitive intelligence sources and methods.

“Is it in our interest to act?” Lisa O. Monaco, Obama’s adviser on counterterrorism and homeland security, said at a Washington Post cybersecurity summit Thursday. “The primary guiding and overarching focus in these discussions is: What is in the national security interest of the United States? That’s the North Star for those discussions.”

Senior administration officials in recent weeks had begun to hint that a public attribution might be coming.

“We know Russia is a bad actor in cyberspace, just as China has been, just as Iran has been,” ­Monaco said at a cybersecurity conference at the Center for Strategic and International Studies last month. “Nobody should think that there is a free pass when you’re conducting malicious cyber-activity.”

Assistant Attorney General John Carlin said at the same event that the message to countries, such as Russia, that attempt to meddle in the U.S. election is, “You can and will be held accountable.”

With the public naming of Moscow, the administration has now officially called out all its major nation-state foes in cyberspace: China, Iran, North Korea and Russia. But among the four, Russia is the only government that has not been subject to a deterrent measure.

The administration has a range of options, including economic sanctions for malicious cyber-activity, a new tool created by the president that has yet to be used. The Justice Department could bring indictments for hacking. The National Security Agency could take a covert action in cyberspace to send a signal to the Kremlin. Or the State Department can decide to eject Russian diplomats.

Jason Healey, a senior research scholar on cyber-issues at Columbia University, said the Pentagon’s Cyber Command should disrupt Russian hacking operations. “Go after their command and control,” he said. “ ‘Counteroffensive’ is the key word here.”

Rep. Adam B. Schiff of California, the ranking Democrat on the House Intelligence Committee, urged the administration to work with European allies to develop a “concerted” response, whether it involves economic sanctions or other measures.

“The best way to push back,” Schiff said, “is in a truly international effort to let the Russians know there will be costs to this latest form of cyber-aggression against others.”

David Filipov contributed to this report.

Read More >>

Read More

FBI Suspects Russia Hacked DNC; U.S. Officials Say It Was to Elect Donald Trump

Did the Russian government hack the DNC to bring down Hillary Clinton? That’s the view that’s quickly emerging inside American intelligence and law enforcement agencies.

The FBI suspects that Russian government hackers breached the networks of the Democratic National Committee and stole emails that were posted to the anti-secrecy site WikiLeaks on Friday. It’s an operation that several U.S. officials now suspect was a deliberate attempt to influence the presidential election in favor of Donald Trump, according to five individuals familiar with the investigation of the breach.

The theory that Moscow orchestrated the leaks to help Trump, who has repeatedly praised Russian President Vladimir Putin and practically called for the end of NATO, is fast gaining currency within the Obama administration because of the timing of the leaks and Trump’s own connections to the Russian government, the sources said on condition of anonymity because the investigation is ongoing and developing quickly.

About 20,000 internal DNC emails were disclosed just days before the beginning of the Democratic National Convention in Philadelphia and several showed an effort by staffers to undermine Bernie Sanders’s campaign against Hillary Clinton. One email even discussed challenging Sanders’s religious faith. In response to the embarrassing revelations, DNC Chairwoman Debbie Wasserman Schultz announced she would step down after the convention.

Current and former U.S. officials drew analogies to so-called “active measures campaigns,” or state-sponsored operations designed for political effects.

“The release of emails just as the Democratic National Convention is getting underway this week has the hallmarks of a Russian active measures campaign,” David Shedd, a former director of the Defense Intelligence Agency, told The Daily Beast. Shedd said that additional leaks were likely, echoing an opinion expressed by U.S. officials and experts who said that the release of emails on Friday may just be an opening salvo.

Officials also noted Trump’s own connections to the Russian government. Putin has publicly praised the nominee, who said he was “honored” by the compliment. Trump’s campaign manager, Paul Manafort, was a consultant for Viktor Yanukovych, the former president of Ukraine who was ousted for his pro-Moscow orientation (and now lives in Russia). One of Trump’s top national security advisers, retired Army Gen. Michael Flynn, sat with Putin at a dinner celebrating the 10th anniversary of Kremlin-backed media network RT and was paid to give a speech at the event; Flynn later retweeted an anti-Semitic message that called into question any Kremlin-Trump link. Another Trump adviser, Carter Page, recently denounced America’s “often-hypocritical focus on democratization” while in Moscow. And last week, Trump said that he might not come to the aid of U.S. NATO allies in the face of Russian aggression unless they paid what he thinks they owe for Europe’s common defense.

Officials also thought it was telling that the emails were given to WikiLeaks, which is perceived as being hostile to the U.S. government. “This wasn’t surprising to us,” said one U.S. official familiar with the investigation.

An FBI spokesperson said in a statement Monday that the bureau was investigating the breach but declined to comment on whether political motivation was part of the inquiry. “A compromise of this nature is something we take very seriously, and the FBI will continue to investigate and hold accountable those who pose a threat in cyberspace,” the spokesperson said.

“I’m sure they will consider potential motives,” White House Spokesperson Josh Earnest told reporters on Monday.


Two U.S. officials told The Daily Beast that while hacking is a crime, and therefore falls under the FBI’s jurisdiction, trying to manipulate an election is not. That may limit what the FBI can investigate, the officials said said.

“Manipulation is not a crime. Some would argue that Voice of America or Fox News try to manipulate elections,” one retired FBI agent told The Daily Beast.

That doesn’t mean the FBI has to remain silent if it finds evidence of Russia’s meddling. Should the bureau release a statement after an investigation tying the Russians to the hack and subsequent release to Wikileaks, that would essentially be a public indictment, the officials said.

It also may be possible for the FBI to investigate the question of intent, including whether the email leak is an instance of an unregistered foreign agent illegally trying to influence the U.S. political system, another U.S. official said. But it’s easier for the FBI to investigate the breach and theft of information itself, which are clearly prohibited under U.S. law, the official added.

The FBI first notified the DNC in April that it had been breached, said two individuals who are familiar with the matter. U.S. law enforcement and intelligence officials had been aware of two Russian hacker groups that have been linked to the intrusion and are also believed to have compromised networks in U.S. government agencies, including the Defense Department, the State Department, and the White House, as well as U.S. companies and universities.

The DNC hired a computer security firm, CrowdStrike, to investigate the breach. It has publicly attributed the operation to two known hacker groups connected to the Russian government that it dubs Cozy Bear and Fancy Bear.

The two groups, which compete with one another, got into the DNC networks last summer and this April, respectively, CrowdStrike told The Washington Post, which first reported the breaches last month.

Another cybersecurity firm, ThreatConnect, independently assessed the breach and concluded that the DNC operation was consistent with the hackers’ previous efforts to gather information on U.S. officials and operations.

The theft of information, which at the time reportedly consisted of opposition research and the DNC’s files on Trump, seemed to be part of a longer campaign of spying by the Russians in order to glean insights into the next president. Director of National Intelligence James Clapper also said in May that there were indications both presidential campaigns had been targeted by foreign hackers.

But the provision of the DNC emails to WikiLeaks added a new dimension to the intrusion. (The group has pushed back against the idea that Russia supplied the emails.)

“If there is a concerted effort to undermine the campaign of the Democratic Party nominee, we can and should expect additional embarrassing emails to be released by Wikileaks, including from candidate Hillary Clinton’s personal server,” Shedd, the former Defense Intelligence Agency chief, said.

The top Democrat on the House Intelligence Committee said lawmakers had been briefed on the intrusion and “will continue to seek further information from the [intelligence community] as to the origin of any attack and a potential connection to Russia or another state sponsor.”

"If the hack is linked to Russian actors, it would not be the first time cyber intrusions linked to the Kremlin and its supporters have sought to influence the political process in other countries,” Rep. Adam Schiff said in a statement. “Given Donald Trump’s well known admiration for Putin and his belittling of NATO, the Russians have both the means and the motive to engage in a hack of the DNC and the dump of its emails prior to the Democratic Convention. That foreign actors may be trying to influence our election—let alone a powerful adversary like Russia—should concern all Americans of any party."

Within the email dump itself, there were further indications of foreign meddling in the campaign.


On May 4, DNC opposition researcher Alexandra Chalupa told a colleague that ever since she began collecting information on Trump campaign director Paul Manafort, she had been receiving daily security warnings from Yahoo that her personal account may have “been the target of state-sponsored actors.” Such notifications are routine when an internet or email provider suspects that a user may have been hacked or is likely to be hacked.

Chalupa told DNC communications director Luis Miranda in an email that she continued to get the warnings from Yahoo “despite changing my password often.”

A few days prior to that message, a DNC staffer notified colleagues that the committee’s rapid-response blog, Factivists, had been “compromised.”

“We have been compromised! But it's all ok,” Rachel Palermo said in a brief message to an unspecified number of recipients. Palermo said that to “prevent future issues,” the password to the blog would be changed “every few weeks. She also included a new password in the email, which the intruders may well have seen.

And in mid-May, two DNC staffers communicating about a donor said that her email account had been hacked and was no longer working. The donor was identified only as Agnes. Agnes Gund is a prominent philanthropist and Democratic donor. DNC officials told The Washington Post that their donor files weren’t accessed. It’s not clear if the donor’s email was hacked by the same Russian groups.

Attributing the source of a breach to a specific actor is difficult, but CrowdStrike, which has close ties to the FBI and U.S. intelligence community, provided some details on its findings in a recent blog post. The company based its attributions on characteristic tools and techniques that that it has attributed to the hacker group in previous intrusions.

Cozy Bear prefers “a broadly targeted spearphish campaign,” or using emails that appear to come from a trusted sender but that actually include web links that will insert malicious software code onto a victim’s machine, CrowdStrike reported. The code uses sophisticated tools to remotely access the computer, as well as encryption to cover their tracks, both of which indicate “a well-resourced adversary.”

Fancy Bear likewise has developed a suite of hacking tools and techniques and has been linked to intrusions on U.S. government systems, CrowdStrike said. The group tends to favor establishing websites “that spoof the look and feel of the victim’s web-based email services in order to steal their credentials.”

It’s not clear precisely how the groups penetrated the DNC’s networks. But CrowdStrike said its analysts “immediately” recognized the hackers’ signatures. Separately, another computer security firm, ThreatConnect, has corroborated the findings and also found that a hacker group going by the moniker Guccifer2, which claims to have provided the emails to WikiLeaks, is likely a Russian-goverment operation.

Any FBI investigation likely would not be released until after the election, and any could be read as sending a political message. Should Trump win, for example, and the FBI announces it found a Russian connection to the hack, some might argue that the FBI is trying to taint Trump’s victory. That would also come on the heels of the FBI’s decision to not charge Clinton with having classified email on her private email server, a decision that outraged many Republicans.

A public finding that the Russians interfered would also exacerbate already tense negotiations between the U.S. and Russia over an agreement to share intelligence and better coordinate strikes in Syria. The increased cooperation has divided much of the U.S. government, some of whom do not see the Russians as trustworthy.
Read More >>

Read More

Russia 'DELIBERATELY bombed secret military base in Syria used by elite American and British forces

Hours after the attack, the Daily Beast says that the US Central Command - which overseas American combat in the Middle East - spoke directly to the pilots.

Officials from Washington and Moscow also spoke over a hotline set up to avoid similar confrontations, reports suggest. 

There was also a similar attack on a CIA-linked site on July 12 that was previously unreported.

But the attack pushed both the US and UK into a compromise with Russia.

The U.S. and Russia agreed to a pact last week to target airstrikes against the Al Qaeda affiliate in the region – Nusra Front.

They reportedly went ahead with the plan despite objections from the Pentagon and CIA.

Daily Mail Online has contacted both the State Department and Ministry of Defence for comment.

US officials and rebel commanders told the Journal that the outpost was hit with cluster munitions.

US attempts to wave off the Russians failed to prevent a second air strike on the base, the report said.

About three weeks later, on July 12, Russian warplanes hit a rebel camp used by family members of CIA-backed fighters about 50 miles west of At-Tanf, the report said.


But the White House and the State Department, seeking to avoid a military escalation, decided to pursue a compromise, it said.

Last week, US Secretary of State John Kerry reached a provisional agreement with the Russians to join forces in strikes on Al-Nusra, the Al-Qaeda affiliate in Syria.

Under the agreement, the Russians would halt air strikes against US-backed rebels and restrain the Syrian air force in return for Washington easing Moscow's international isolation, the Journal said.

There are still disputes over the areas Russia can strike without approval from the US.

Because of skepticism in the Pentagon, there are reports of a clause in the Russia-US deal that means Kerry can stop cooperating if Putin bombs American allies.

Read More >>

Read More