Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

Russia Hacked Clinton's Computers Five Hours After Trump's Call

Mueller report finds that in July 2016, after then-candidate Donald Trump publicly called for Russia to "find the 30,000 emails," Russian agents targeted Hillary Clinton's personal office with cyberattacks.

While the Mueller report did not find evidence that Donald Trump or his campaign knowingly coordinated with Russia to target the computers and data of Hillary Clinton's campaign during the 2016 US presidential election, the investigation did show that both sides were willing to reap the benefits of each other's actions. 

One new detail included in the report, released April 18 by the US Department of Justice, highlighted the significance of the symbiotic relationship. On July 27, 2016, within five hours of then-candidate Trump's call for Russia to "find the 30,000 e-mails that are missing," officers of the Russian Main Intelligence Directorate of the General Staff (GRU) targeted Clinton's personal office for the first time, attempting to compromise 15 nonpublic accounts.

Previous details on Russia's activities during the run-up to the 2016 election, released as part of a 2018 indictment and charging documents against 12 GRU members, did not include the close link between the actions of the Trump campaign and Russia cyber activities.

In the report, special counsel Robert S. Mueller III specifically acknowledged the relationship but concluded it did not amount to knowing coordination. 

"Although the investigation established that the Russian government perceived it would benefit from a Trump presidency and worked to secure that outcome, and that the Campaign expected it would benefit electorally from information stolen and released through Russian efforts, the investigation did not establish that members of the Trump Campaign conspired or coordinated with the Russian government in its election interference activities," the report stated.

The redacted 448-page Mueller report — or, more officially, the "Report On The Investigation Into Russian Interference In The 2016 Presidential Election" — concludes that two Russian operations directly benefited the Trump campaign and detracted from the Clinton campaign during the 2016 election cycle.

In the first operation, the Internet Research Agency (IRA), based in St. Petersburg, Russia, and funded by a Russian oligarch, created a "social media campaign designed to provoke and amplify political discord in the United States," eventually evolving from "a generalized program designed in 2014 and 2015 to undermine the U.S. electoral system, to a targeted operation that by early 2016 favored candidate Trump and disparaged Clinton." In some cases, IRA employees contacted members of the Trump campaign directly to coordinate political activities, but they did so "without revealing their Russian association," the report found. 

Much of the report's details and conclusions regarding IRA interactions with the Trump campaign are redacted, citing potential harm to ongoing matters, one of the four categories that Attorney General William Barr stated he would use as a reason for redaction.

The second operation, conducted by Russia's intelligence service, focused on hacking the computers and e-mail accounts of various officials in the Clinton campaign. The operatives targeted "hundreds of e-mail accounts" and stole "hundreds of thousands of documents" from Clinton campaign officials, releasing them through online personas, such as "DCLeaks" and "Guccifer 2.0," and later WikiLeaks, according to the report. The operation began in March 2016; by April it had access to a variety of e-mail accounts and networks, including those of the Democratic Congressional Campaign Committee and Democratic National Committee. 

The GRU later targeted the officials and administrators of US elections, as well as the technology firms responsible for making and managing election hardware and software, according to the report.  

As the GRU released collections of e-mails from Democratic organizations and the Clinton campaign, the Trump campaign used the information to criticize Clinton. In particular, Clinton's use of a personal e-mail server for government work, as well as her legal team's deletion of e-mail messages they deemed to be nonwork-related, became significant rallying points for Republicans. Trump frequently called on Clinton to release the e-mail messages and for other parties to "find" the messages.

As Secretary of State from 2009 to 2013, Clinton used a personal e-mail server to a much greater extent than her predecessors. In 2013, a hacker known as "Guccifer" — whose handle would later be used as an alias for Russian intelligence operations — compromised the e-mail account of Sidney Blumenthal, an adviser to both Secretaries of State Colin Powell and Clinton, and publicly revealed Clinton's personal e-mail server.

In 2014, as part of the aftermath of the investigation into US diplomats' deaths in Benghazi, the US Department of State requested that Clinton and other former Secretaries of State submit any work-related e-mails. Clinton's legal team identified 33,000 e-mails that fell within that category and deleted personal e-mail messages, according to testimony by James Comey, director of the FBI at the time

The e-mail investigation came to a political head during a press conference on July 27, 2016, with Trump taking the unprecedented step of calling for a foreign country to take action.

"If Russia or China or any other country has those e-mails, I mean to be honest with you, I'd love to see 'em," he said, later adding, "Russia, if you are listening, I hope you're able to find the 30,000 e-mails that are missing. I think you will probably be rewarded mightily by our press."

Within five hours of that statement, GRU operatives were attempting to hack into Clinton's e-mail servers and nonpublic accounts, according to the Mueller report.

Related Content:

 

 

 

Join Dark Reading LIVE for two cybersecurity summits at Interop 2019. Learn from the industry's most knowledgeable IT security experts. Check out the Interop agenda here.

Veteran technology journalist of more than 20 years. Former research engineer. Written for more than two dozen publications, including CNET News.com, Dark Reading, MIT's Technology Review, Popular Science, and Wired News. Five awards for journalism, including Best Deadline ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Page 1 / 2   >   >>
REISEN1955
50%
50%
REISEN1955,
User Rank: Ninja
4/25/2019 | 8:50:11 AM
Re: Correlation or Causality
Here we go - discussion has gone off the rails for technical issue and become more general.  Regret this, Linkedin is going political and so is this thread.  But there is a huge difference between 5 hours and 5 days. 
PaulV972
50%
50%
PaulV972,
User Rank: Strategist
4/24/2019 | 6:04:06 PM
Correlation or Causality
If one believes that Trump's challenge triggered the Russian's actions, it should be terrifying that they could gain full access within 5 hours. 

Once agin, we've gone beyond absurd.  I for one welcome the day when our Gov't and our Politicians take a matter like information security seriously.  Sadly, the dumb show about Facebook is a useful distraction from the failngs of the government to NOT collect obscene amounts of data on their citizens, abuse access to that data, or purely secure that data from outside influences.

I suspect that element that upset the policians most was that their campaign didn't have access. 

 

 
bwilkes8@gmail.com
100%
0%
[email protected],
User Rank: Moderator
4/24/2019 | 9:11:15 AM
Re: Russia Hacked Clinton's Computers Five Hours After Trump's Call
Point - individuals within the Clinton Campaign should have been more aware of phishing attempts, especially the campaign manager.

Point - individuals within the Clinton Campaign should have been reminded or even briefed basic security practices.

The report does not go into detail about what those individuals did other than to say they all opened phishing emails.  Vigilance was not part of their protocol.
bwilkes8@gmail.com
100%
0%
[email protected],
User Rank: Moderator
4/24/2019 | 9:06:39 AM
Re: Poor Editorial Choice
The actual time period is five days not five hours, which is stated in the Mueller Report.
RonR726
100%
0%
RonR726,
User Rank: Strategist
4/24/2019 | 8:56:10 AM
Re: Russia Hacked Clinton's Computers Five Hours After Trump's Call
If you are seeking a forensic analysis, look no furhter than Bill Binney's assessment who concluded:

Former NSA experts say it wasn't a hack at all, but a leak—


Hard science now demonstrates it was a leak—a download executed locally with a memory key or a similarly portable data-storage device. In short, it was an inside job by someone with access to the DNC's system.
REISEN1955
100%
0%
REISEN1955,
User Rank: Ninja
4/24/2019 | 8:29:23 AM
Re: Russia Hacked Clinton's Computers Five Hours After Trump's Call
Interesting but I would consult more directed source books on cybersecurity - doubt Mueller gets into testing requirements for CIISP cert. 
bwilkes8@gmail.com
0%
100%
[email protected],
User Rank: Moderator
4/23/2019 | 10:26:37 AM
Re: Russia Hacked Clinton's Computers Five Hours After Trump's Call
I've finished Volume I of the "Mueller Report" and there are many teaching points that cybersecurity professionals can use for points of education to end-users.

As someone who is wanting to learn more about cybersecurity this volume of the report is textbook material justifying IT secuirty training within the workplace. 
AndrewfOP
100%
0%
AndrewfOP,
User Rank: Strategist
4/23/2019 | 9:45:25 AM
Poor Editorial Choice
All news organization engaged in attention-grabbing headlines.  This article is not only the norm, but also pushes the boundary.  The relevant content for the headline did not appear until the last paragraph and even then, it barely has more information than the headline.  The headline description at most should be part of the lead sentence, and regardless of the headline problem, there should be more elaboration of the five hour hack.  Terrible execution overall.

 
PanamaVet
100%
0%
PanamaVet,
User Rank: Strategist
4/23/2019 | 8:45:01 AM
Re: Russia Hacked Clinton's Computers Five Hours After Trump's Call
 Well said.  The content of the article does not validate the headline.

I believe they underestimate their audience.

I fully support their rights to free speech in the USA.

I am free to choose where I go for trustworth information security content.

I dropped an email to a friend of mine in sales at Cylance asking if they know about this editorial shift at DarkReading.  I know they take their marketing strategy seriously.  I included a link to this article. 

 

I have seen other technology publishers make the switch to politics.  I don't want my friends to suffer because of it.

The problem in this case is not just politics.  It is the inability to draw a reliable conclusion that includes the editorial hierarchy.  It is sensational misinformation on the front page.

 

 

 

 

 

 

 

 
bwilkes8@gmail.com
100%
0%
[email protected],
User Rank: Moderator
4/22/2019 | 9:56:32 AM
Russia Hacked Clinton's Computers Five Hours After Trump's Call
This article should address

- Use of spearphishing

- Lack of IT security training

- Patterns of hacking

However, its title is inaccurate based upon the report's content and its subject matter tarnishes this sites creditbility. 
Page 1 / 2   >   >>
A Realistic Threat Model for the Masses
Lysa Myers, Security Researcher, ESET,  10/9/2019
USB Drive Security Still Lags
Dark Reading Staff 10/9/2019
How to Think Like a Hacker
Dr. Giovanni Vigna, Chief Technology Officer at Lastline,  10/10/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
2019 Online Malware and Threats
2019 Online Malware and Threats
As cyberattacks become more frequent and more sophisticated, enterprise security teams are under unprecedented pressure to respond. Is your organization ready?
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-4031
PUBLISHED: 2019-10-16
IBM Workload Scheduler Distributed 9.2, 9.3, 9.4, and 9.5 contains a vulnerability that could allow a local user to write files as root in the file system, which could allow the attacker to gain root privileges. IBM X-Force ID: 155997.
CVE-2019-17626
PUBLISHED: 2019-10-16
ReportLab through 3.5.26 allows remote code execution because of toColor(eval(arg)) in colors.py, as demonstrated by a crafted XML document with '<span color="' followed by arbitrary Python code.
CVE-2019-17627
PUBLISHED: 2019-10-16
The Yale Bluetooth Key application for mobile devices allows unauthorized unlock actions by sniffing Bluetooth Low Energy (BLE) traffic during one authorized unlock action, and then calculating the authentication key via simple computations on the hex digits of a valid authentication request. This a...
CVE-2019-17625
PUBLISHED: 2019-10-16
There is a stored XSS in Rambox 0.6.9 that can lead to code execution. The XSS is in the name field while adding/editing a service. The problem occurs due to incorrect sanitization of the name field when being processed and stored. This allows a user to craft a payload for Node.js and Electron, such...
CVE-2019-17624
PUBLISHED: 2019-10-16
In X.Org X Server 1.20.4, there is a stack-based buffer overflow in the function XQueryKeymap. For example, by sending ct.c_char 1000 times, an attacker can cause a denial of service (application crash) or possibly have unspecified other impact.