DNC email leak (2016)

From International cyber law: interactive toolkit
Jump to navigation Jump to search
Date Between March and April 2016. The hack was discovered on 14 June 2016.[1]
Suspected actor According to a joint CIA, FBI and NSA investigation, Russian GRU intelligence officers were behind the fake identity of “Guccifer 2.0”, pseudonym who claimed to be a lone Romanian hacker behind the hacking.[2] Officially, Russia denied any involvement in the malicious activity.[3]
Target The US Democratic National Committee (DNC) and Clinton campaign staffers[4]
Target systems Windows and MacOS-based systems
Method The hacker spear-phished political targets including members of the US Democratic National Committee. The infected emails aimed at stealing credentials in order to gain access to the DNC network and deliver the hacking tools. In particular, a cross-platform implant called X-Agent has been found within many system platforms. The tool managed to record keystrokes, take screenshots and exfiltrate files from the infected devices.[5]
Purpose The malicious actor conducted large-scale cyber operations in order to interfere with the 2016 U.S. presidential election, possibly directing the outcome in favor of the Republican party.
Result According to a Symantec report, nearly 20,000 DNC internal emails has been leaked and been made available to the public.[6] By sharing and releasing the document through the DCLeaks website and Wikileaks, the malicious actors possibly sabotaged the presidential campaign of Senator Bernie Sanders,[7] caused the resignation of the Chairwoman of the DNC Debbie Wasserman Schultz[8] and at a later stage prevented Hillary Clinton from winning the presidency.[9]
Aftermath On 13 July 2018, Robert Mueller, the Special Counsel for the investigation of the alleged collusion between Russia and the Republican campaign, indicted 12 Russian intelligence officers for conducting cyber operations with the intent of interfering on the 2016 presidential elections.[10] However, the indictment did not include any accusation that the Russians eventually managed to influence the outcome of the presidential election.[11] Even though the investigation did not blame Russia to have directed the outcome of the elections, states fear that the attempt to could encourage other foreign adversaries to do the same to other countries.[12]
Analysed in Scenario 01: Election interference

Collected by: Samuele De Tomas Colatin

  1. D Yadron, “Russian government hackers steal DNC files on Donald Trump”, (14 June 2016), The Guardian.
  2. Z Beauchamp, “The key findings from the US intelligence report on the Russia hack, decoded”, (6 January 2017), Vox.
  3. E McKirdy, “Putin: 'Patriotic' Russian hackers may have targeted US election”, (2 June 2017), CNN.
  4. A Chang, “How Russian hackers stole information from Democrats, in 3 simple diagrams”, (16 July 2018), Vox.
  5. S Gallagher, “How they did it (and will likely try again): GRU hackers vs. US elections”, (27 July 2018), Ars Technica.
  6. Symantec Security Response Team, “Subverting Democracy: How Cyber Attackers Try to Hack the Vote”, (18 September 2018), Symantec Corporation.
  7. Associated Press, “Leaked DNC emails reveal details of anti-Sanders sentiment”, (24 July 2016), The Guardian.
  8. J Martin, A Rappeport, “Debbie Wasserman Schultz to Resign D.N.C. Post”, (24 July 2016), The New York Times.
  9. D Smith, “The Hillary Clinton email controversy explained: what we know so far”, (1 November 2016), The Guardian.
  10. J Arciga, B Woodruff, “Mueller Indicts 12 Russian Officers for Hacking Dems in 2016”, (13 July 2018), The Daily Beast.
  11. M Mazzetti, K Benner, “12 Russian Agents Indicted in Mueller Investigation”, (13 July 2018), The New York Times.
  12. O Beavers, J Thomsen, “Russia election meddling fears expand to other countries”, (25 August 2018), The Hill.