There’s mounting evidence that hackers in Russia hacked the Democratic National Committee, but the FBI isn’t pointing the finger yet.
The DNC was hacked during the Democratic primaries, and emails were leaked this month showing that staffers conspired against Bernie Sanders’ presidential campaign in favor of Hillary Clinton.
A mysterious person operating under the name “Guccifer 2.0” has claimed to be the hacker.
On Tuesday, cybersecurity researchers at the firm ThreatConnect pointed out that this mysterious persona is hiding behind computer servers that seem to be based in France. But the person is actually using the Russian computer service Elite VPN.
This doesn’t mean this person is Russian, or that the hack came from Russia. In fact, ThreatConnect researchers acknowledged there’s no connection here to the Russian government.
It’s the latest piece of latest evidence that points to Russia.
The cybersecurity firm hired by the Democratic Party to investigate the hack pointed to Russia as well. Last month, researchers at CrowdStrike announced they found computer code that matched the unique hacking tools used by two Russia-based operations — nicknamed “Cozy Bear” and “Fancy Bear.” According to CrowdStrike, one of them “may” have an affiliation with Russia’s massive intelligence agency, the GRU.
In the computer realm, this kind of evidence is circumstantial. Hackers frequently share tools and methods. And once an attack is publicized, others can adopt those hacks.
This lack of hard evidence is why the FBI is reluctant to say the Russian government is behind the leak of DNC emails.
James C. Trainor Jr., assistant director of the FBI’s cyber division, discussed this at the International Conference on Cyber Security on Tuesday in New York City.
Trainor told CNNMoney the facts of the case don’t prove Russian government involvement in the DNC hacking case.
Plus, whenever Russian spies are suspected of hacking American companies and government agencies, the hacks are particularly sophisticated, Trainor said.
That matches the prevailing view of cybersecurity researchers, who say Russian government hackers are some of the most talented computer spies on the planet. And that means they can hide their trail.
As Director of National Intelligence James Clapper noted in a speech at Fordham University in 2015, hacker spies in China and North Korea “are much noisier.”
The FBI has a second reason for holding back. The act of officially blaming a foreign government impacts the United States’ relationship with that country. Diplomacy requires several other U.S. agencies to weigh in first, Trainor said.
The FBI has made bold declarations in recent years, part of a highly public shaming campaign.
In 2014, the FBI investigated five officers in the secretive Unit 61398 within the Chinese People’s Liberation Army. All were indicted in a U.S. federal court. That same year, FBI Director James
Comey blamed North Korea’s government for hacking Sony Pictures.
Earlier this year, an FBI investigation led to official criminal charges against seven men in Iran for hacking American banks.
By comparison, any blame on Russian government hackers is only made in passing by government officials in speeches. And they don’t point to specific instances.
It happened again on Tuesday.
At the FBI’s cybersecurity conference in New York City, President Obama’s homeland security adviser, Lisa Monaco, said “nations like China and Russia” are growing bolder in their cyberattacks.
She didn’t mention when Russia has attacked the United States.