Russia Hacked Clinton's Computers Five Hours After Trump's Call

Mueller report finds that in July 2016, after then-candidate Donald Trump publicly called for Russia to "find the 30,000 emails," Russian agents targeted Hillary Clinton's personal office with cyberattacks.

5 Min Read

While the Mueller report did not find evidence that Donald Trump or his campaign knowingly coordinated with Russia to target the computers and data of Hillary Clinton's campaign during the 2016 US presidential election, the investigation did show that both sides were willing to reap the benefits of each other's actions. 

One new detail included in the report, released April 18 by the US Department of Justice, highlighted the significance of the symbiotic relationship. On July 27, 2016, within five hours of then-candidate Trump's call for Russia to "find the 30,000 e-mails that are missing," officers of the Russian Main Intelligence Directorate of the General Staff (GRU) targeted Clinton's personal office for the first time, attempting to compromise 15 nonpublic accounts.

Previous details on Russia's activities during the run-up to the 2016 election, released as part of a 2018 indictment and charging documents against 12 GRU members, did not include the close link between the actions of the Trump campaign and Russia cyber activities.

In the report, special counsel Robert S. Mueller III specifically acknowledged the relationship but concluded it did not amount to knowing coordination. 

"Although the investigation established that the Russian government perceived it would benefit from a Trump presidency and worked to secure that outcome, and that the Campaign expected it would benefit electorally from information stolen and released through Russian efforts, the investigation did not establish that members of the Trump Campaign conspired or coordinated with the Russian government in its election interference activities," the report stated.

The redacted 448-page Mueller report — or, more officially, the "Report On The Investigation Into Russian Interference In The 2016 Presidential Election" — concludes that two Russian operations directly benefited the Trump campaign and detracted from the Clinton campaign during the 2016 election cycle.

In the first operation, the Internet Research Agency (IRA), based in St. Petersburg, Russia, and funded by a Russian oligarch, created a "social media campaign designed to provoke and amplify political discord in the United States," eventually evolving from "a generalized program designed in 2014 and 2015 to undermine the U.S. electoral system, to a targeted operation that by early 2016 favored candidate Trump and disparaged Clinton." In some cases, IRA employees contacted members of the Trump campaign directly to coordinate political activities, but they did so "without revealing their Russian association," the report found. 

Much of the report's details and conclusions regarding IRA interactions with the Trump campaign are redacted, citing potential harm to ongoing matters, one of the four categories that Attorney General William Barr stated he would use as a reason for redaction.

The second operation, conducted by Russia's intelligence service, focused on hacking the computers and e-mail accounts of various officials in the Clinton campaign. The operatives targeted "hundreds of e-mail accounts" and stole "hundreds of thousands of documents" from Clinton campaign officials, releasing them through online personas, such as "DCLeaks" and "Guccifer 2.0," and later WikiLeaks, according to the report. The operation began in March 2016; by April it had access to a variety of e-mail accounts and networks, including those of the Democratic Congressional Campaign Committee and Democratic National Committee. 

The GRU later targeted the officials and administrators of US elections, as well as the technology firms responsible for making and managing election hardware and software, according to the report.  

As the GRU released collections of e-mails from Democratic organizations and the Clinton campaign, the Trump campaign used the information to criticize Clinton. In particular, Clinton's use of a personal e-mail server for government work, as well as her legal team's deletion of e-mail messages they deemed to be nonwork-related, became significant rallying points for Republicans. Trump frequently called on Clinton to release the e-mail messages and for other parties to "find" the messages.

As Secretary of State from 2009 to 2013, Clinton used a personal e-mail server to a much greater extent than her predecessors. In 2013, a hacker known as "Guccifer" — whose handle would later be used as an alias for Russian intelligence operations — compromised the e-mail account of Sidney Blumenthal, an adviser to both Secretaries of State Colin Powell and Clinton, and publicly revealed Clinton's personal e-mail server.

In 2014, as part of the aftermath of the investigation into US diplomats' deaths in Benghazi, the US Department of State requested that Clinton and other former Secretaries of State submit any work-related e-mails. Clinton's legal team identified 33,000 e-mails that fell within that category and deleted personal e-mail messages, according to testimony by James Comey, director of the FBI at the time

The e-mail investigation came to a political head during a press conference on July 27, 2016, with Trump taking the unprecedented step of calling for a foreign country to take action.

"If Russia or China or any other country has those e-mails, I mean to be honest with you, I'd love to see 'em," he said, later adding, "Russia, if you are listening, I hope you're able to find the 30,000 e-mails that are missing. I think you will probably be rewarded mightily by our press."

Within five hours of that statement, GRU operatives were attempting to hack into Clinton's e-mail servers and nonpublic accounts, according to the Mueller report.

Related Content:




Join Dark Reading LIVE for two cybersecurity summits at Interop 2019. Learn from the industry's most knowledgeable IT security experts. Check out the Interop agenda here.

About the Author(s)

Robert Lemos, Contributing Writer

Veteran technology journalist of more than 20 years. Former research engineer. Written for more than two dozen publications, including CNET, Dark Reading, MIT's Technology Review, Popular Science, and Wired News. Five awards for journalism, including Best Deadline Journalism (Online) in 2003 for coverage of the Blaster worm. Crunches numbers on various trends using Python and R. Recent reports include analyses of the shortage in cybersecurity workers and annual vulnerability trends.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights