Paul Holston/AP

Questions for the Senate Hearing on Russian Hacking

Did Moscow influence the U.S. election? Who else has been hacked? Could the CIA be wrong?

Senior intelligence officials will testify Thursday before the Senate Armed Services Committee (SASC) about foreign cyberthreats to the U.S. Much of the testimony is likely to focus on what role Russia had in the U.S. election.

U.S. intelligence officials say Russia hacked the Democratic National Committee and others in an attempt, they say, to influence the U.S. presidential election. Although it's unclear if that alleged action was successful, President-elect Donald Trump is skeptical of claims about Russia’s role. He says it’s difficult to definitively say who was behind the hacking, and has supported the views of Julian Assange, the WikiLeaks founder, that a “14-year-old could have hacked” Democratic officials.

Among those testifying Thursday are James Clapper, the director of national intelligence; Marcel J. Lettre, the under secretary of defense for intelligence; and Admiral Mike Rogers, who heads U.S. Cyber Command.

Senator John McCain, the Republican senator from Arizona who chairs the SASC, has made his own views clear, telling Ukrainian TV that Russia's actions were “an act of war.”

Who is involved?

Intelligence officials leaked word to NBC and ABC that Russian President Vladimir Putin was “personally involved” in cyberattacks aimed at interfering with the United States presidential election. NBC’s report relied on “two senior officials with direct access to the information,” ABC’s on “U.S. and foreign intelligence officials.” In an interview with NPR on December 15, U.S. President Barack Obama vowed that the U.S. would take action in response, “at a time and place of our own choosing.” He went on: “Mr. Putin is well aware of my feelings about this, because I spoke to him directly about it.” On December 29, he did more than speak: He sanctioned the two Russian intelligence services believed to be involved in the hacks (Russian military intelligence, the GRU, and the KGB’s successor the FSB, which is responsible for counterintelligence and internal security). He also expelled 35 Russian officials in the U.S. believed to be intelligence agents. After Russian Foreign Minister Sergei Lavrov threatened to retaliate, Putin declined to do so.

Didn’t we already know about Russia hacking the Democratic National Committee and others? Why all the fuss?

The newest reports purport to add detail on both actors and intent. Putin personally has not been previously blamed for hacks resulting in leaks damaging to the Clinton campaign, though in October Director of National Intelligence James Clapper stopped just short of doing so, saying that “based on the scope and sensitivity of these efforts ... only Russia’s senior-most officials could have authorized these activities.” Secondly, separate intelligence leaks to The New York Times and The Washington Post on December 9 for the first time claimed that the intent of the hacking was to sway the election in favor of Trump, rather than simply sow generalized distrust. It has not yet been suggested that cyberattacks managed to change the actual vote tally in favor of either presidential candidate.

Information on what exactly happened has been dripping out slowly, and often anonymously and unofficially, for months. Way back in mid-June, the Democratic National Committee reported an intrusion into its computer network, and the cybersecurity firm CrowdStrike publicly blamed Russian hackers after analyzing the breach. In July, after emails stolen from the committee appeared on WikiLeaks, Democratic members of congress also blamed the Russians, with Clinton campaign manager Robby Mook alleging that “It was the Russians who perpetrated this leak for the purpose of helping Donald Trump and hurting Hillary Clinton.” 

It wasn’t until September that anonymous federal officials confirmed to The New York Times the intelligence community’s “high confidence” of Russian government involvement in the hack, if not the subsequent leak, and leaving doubt as to whether the hacks were “routine cyberespionage” or actually intended to influence the election. And it wasn’t until October that the Director of National Intelligence, James Clapper, went on the record to blame Russia—government actors, not, say, cybercriminals who happened to be Russian, “based on the scope and sensitivity of these efforts,” and further declaring that they were “intended to interfere with the U.S. election process.” Days later, emails stolen from Clinton campaign chairman John Podesta appeared on WikiLeaks.

So as of fall, the United States government had officially blamed Russia for the hacks, and stated that the hacks were intended to interfere with the American election. Until December 9, intelligence officials were not claiming that the Russians wanted specifically to help Trump win, as opposed to undermining faith in the overall process. Then The Washington Post disclosed a “secret CIA assessment”—again described by anonymous officials—declaring it “quite clear” that a Trump presidency was the ultimate goal of the hacks. A Times investigation published a few days later provided more background on how the hacks actually worked. Yet the Office of the Director of National Intelligence (ODNI) has not publicly embraced the CIA’s findings, and the FBI has given a more “ambiguous” picture of Russia’s goals in congressional briefings. Meanwhile, Congress is planning to investigate.

Who else has been hacked?

Thomas Rid, writing in Esquire in October, noted that Russia began hacking the U.S. as early as 1996, five years after the demise of the Soviet Union, and added that the DNC hack concealed an even bigger prize for the Russians: the National Security Agency, whose secret files were dumped this August on Github and other file-sharing sites.

Then there is Germany. In May, BfV, Germany’s domestic intelligence agency, said hackers linked to the Russian government had targeted Chancellor Angela Merkel’s Christian Democratic Union party, as well as German state computers. In September, Arne Schoenbohm, who heads Germany’s Federal Office for Information Security (BSI), briefed German lawmakers about Russian hacking. Schoenbohm told Sudduetsche Zeitung, after reports emerged in the U.S. of the hacking of the Democratic National Committee, that “[g]iven the background of the American situation, I have to protect our political parties from spying.” Those warnings became more urgent after the U.S. presidential election. Bruno Kahl, the head of the Germany’s foreign intelligence service, told the newspaper last month that Russia could seek to disrupt Germany’s elections next year to create “political uncertainty.” Merkel, who is seeking a fourth term in those elections, said in November after an attack targeted Deutsche Telekom customers that “[s]uch cyber attacks, or hybrid conflicts as they are known in Russian doctrine, are now part of daily life and we must learn to cope with them.”

Suspected Russian hacking has targeted other countries, as well. In April 2007, websites and servers belonging to the government, banks, and media in the former Soviet republic of Estonia came under a sustained monthlong attack. A U.S. diplomatic cable, published in WikiLeaks, called the Baltic state an “unprecedented victim of the world's first cyber attacks against a nation state.” Similar attacks targeted the former Soviet republic of Georgia a year later, and Ukraine more recently. All three countries have pro-Western leaders that are deeply critical of what they see as Russia’s turn toward authoritarianism under President Vladimir Putin.

And prior to perhaps their most high-value target thus far, the DNC, Russian hackers allegedly targeted the World Anti-Doping Agency ahead of the Rio Olympics this summer. WADA had reported a widespread Russian state-run doping program that involved the country’s track-and-field program. That revelation resulted in the Russian track-and-field team being banned from the games. WADA was hacked in apparent response, and the personal information of several athletes, including the Russian whistleblower who alerted WADA to the scandal, was leaked online. It’s worth pointing out that the Russian government has dismissed claims that it is involved.

What does “hacking” actually entail?

It depends: Hackers believed to be from Russia have accessed computers and servers belonging to government and political parties in rival countries. In some cases, such as in the DNC or WADA hack, those hacks resulted in the leak of information on websites such as WikiLeaks. In other cases, the attacks focused on national infrastructure: In Ukraine, for instance, according to Wired, hackers targeted the power grid; they then attacked the telephone service so customers couldn’t call to report the outages. When they hit the NSA, hackers posted the agency’s  “cyber-weapons” to file-sharing sites, according to Esquire. The hackers don’t just target states and institutions. Frequently, individuals are caught up, as well. On December 9, the Times reported that suspected Russian hackers targeted critics of the country’s government who live overseas by posting child porn on their computers.    

How solid is the CIA’s case that Russia tried to tilt the election for Trump?

An unnamed official told Reuters on Tuesday that “ODNI is not arguing that the agency (CIA) is wrong, only that they can’t prove intent.” The Post noted this problem in its Friday report, citing “the United States’ long-standing struggle to collect reliable intelligence on President Vladi­mir Putin and those closest to him.” Since the end of the Cold War and especially since 9/11, American intelligence agencies have deprioritized Russia. The Post reported in fall, citing U.S. officials, that the “CIA and other agencies now devote at most 10 percent of their budgets to Russia-related espionage, a percentage that has risen over the past two years,” but is still dwarfed by the Cold War peak of about 40 percent.

As for the actual evidence of intent, what’s publicly available is circumstantial, including Russian state TV’s pushing of Trump’s candidacy, and reports that the Republican National Committee, too, was hacked though suffered none of the same embarrassing leaks as the DNC. (The RNC has denied it was hacked; The Wall Street Journal reports, citing “officials who have been briefed on the attempted intrusion,” that the effort was thwarted by the RNC’s cybersecurity systems.) All of this was occurring in an international political context in which Trump was one of the most pro-Russian presidential candidates in recent memory, while Vladimir Putin personally blamed Hillary Clinton for inciting protests against his rule when she was secretary of state.

Meanwhile, the denials. Many of Trump’s surrogates have publicly suggested that Russia is the victim of a false-flag operation planned by U.S. intelligence—an assertion that doesn’t appear to be based on any fact in the public realm. Russian officials themselves have rejected the idea they are involved, as have Russian cyber-security experts, one of whom dismissed it as “a classic stereotype of the nineties and early 2000s.” They say that it’s virtually impossible to trace the origin of a hack.

But as Kaveh Waddell explained in The Atlantic, while it can be difficult to catch the culprit of a hack, it’s by no means impossible. Esquire, in its story, noted that sloppy errors committed by the hackers pointed U.S. intelligence to their whereabouts. Andrei Soldatov, who wrote Red Webtold The Telegraph the Russian government is using its computer industry to hack its targets. “We have maybe the biggest engineer community in the world, and lots of great specialists,” he told the newspaper. “They are not criminals, they are professionals—and they are not bothered or afraid to refuse requests from government agencies.”

But Trump says we shouldn’t trust the CIA because they were wrong about Iraq’s WMD. Shouldn’t we take that history into consideration?

“There's a big difference between Iraq WMD and Russian cyber hacking,” wrote Amy Zegart, an intelligence expert at Stanford, in an email. “For starters, we're talking about different people making the assessments, a different problem to unravel (hidden nuclear capabilities in a foreign country versus cyber attacks on US systems), and a different analysis process. Intelligence analysis was thoroughly revamped after Iraq, as it should have been. But saying that these are same people who brought us Iraq WMD is like saying this year's Golden State Warriors must be terrible, because the Warriors lost so many games in the 90s.”

Which isn’t to say that past intelligence failures writ large have no relevance to today. The relevance is: Intelligence sometimes fails. As Zegart notes: “The best experts didn't predict Trump's win, and that's Americans predicting what Americans will do in an open society with frequent polling. In intelligence, adversaries are working hard and spending billions to hide their activities and deceive us.”

Kenneth Pollack, a former CIA analyst and Clinton National Security Council staffer who argued for invading Iraq in 2003, said in an interview that Saddam Hussein did a “totally insane” version of this: “Saddam’s whole thinking was, ‘I’m going to get rid of my weapons of mass destruction, basically after 1995, but I can’t tell my people that. I want my people to continue to fear me, and believe that I have this.’ … The U.S., and the rest of the world, frankly … all picks up on the fact that that he is putting it out to all of his people that, ‘Yeah I still have WMD.’ And that strikes me as a really fundamental difference.”

He continued: “The intelligence community certainly can be wrong about these kinds of things, and you do want to take everything with a certain amount of skepticism. That said, it seems like in this case, they’ve found the tracks—that’s kind of the nice thing about cyber, as best as I understand it, is you can actually go back and see the keystrokes … which was not something that we had in Iraq.”

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.