Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

Russia Hacked Clinton's Computers Five Hours After Trump's Call

Mueller report finds that in July 2016, after then-candidate Donald Trump publicly called for Russia to "find the 30,000 emails," Russian agents targeted Hillary Clinton's personal office with cyberattacks.

While the Mueller report did not find evidence that Donald Trump or his campaign knowingly coordinated with Russia to target the computers and data of Hillary Clinton's campaign during the 2016 US presidential election, the investigation did show that both sides were willing to reap the benefits of each other's actions. 

One new detail included in the report, released April 18 by the US Department of Justice, highlighted the significance of the symbiotic relationship. On July 27, 2016, within five hours of then-candidate Trump's call for Russia to "find the 30,000 e-mails that are missing," officers of the Russian Main Intelligence Directorate of the General Staff (GRU) targeted Clinton's personal office for the first time, attempting to compromise 15 nonpublic accounts.

Previous details on Russia's activities during the run-up to the 2016 election, released as part of a 2018 indictment and charging documents against 12 GRU members, did not include the close link between the actions of the Trump campaign and Russia cyber activities.

In the report, special counsel Robert S. Mueller III specifically acknowledged the relationship but concluded it did not amount to knowing coordination. 

"Although the investigation established that the Russian government perceived it would benefit from a Trump presidency and worked to secure that outcome, and that the Campaign expected it would benefit electorally from information stolen and released through Russian efforts, the investigation did not establish that members of the Trump Campaign conspired or coordinated with the Russian government in its election interference activities," the report stated.

The redacted 448-page Mueller report — or, more officially, the "Report On The Investigation Into Russian Interference In The 2016 Presidential Election" — concludes that two Russian operations directly benefited the Trump campaign and detracted from the Clinton campaign during the 2016 election cycle.

In the first operation, the Internet Research Agency (IRA), based in St. Petersburg, Russia, and funded by a Russian oligarch, created a "social media campaign designed to provoke and amplify political discord in the United States," eventually evolving from "a generalized program designed in 2014 and 2015 to undermine the U.S. electoral system, to a targeted operation that by early 2016 favored candidate Trump and disparaged Clinton." In some cases, IRA employees contacted members of the Trump campaign directly to coordinate political activities, but they did so "without revealing their Russian association," the report found. 

Much of the report's details and conclusions regarding IRA interactions with the Trump campaign are redacted, citing potential harm to ongoing matters, one of the four categories that Attorney General William Barr stated he would use as a reason for redaction.

The second operation, conducted by Russia's intelligence service, focused on hacking the computers and e-mail accounts of various officials in the Clinton campaign. The operatives targeted "hundreds of e-mail accounts" and stole "hundreds of thousands of documents" from Clinton campaign officials, releasing them through online personas, such as "DCLeaks" and "Guccifer 2.0," and later WikiLeaks, according to the report. The operation began in March 2016; by April it had access to a variety of e-mail accounts and networks, including those of the Democratic Congressional Campaign Committee and Democratic National Committee. 

The GRU later targeted the officials and administrators of US elections, as well as the technology firms responsible for making and managing election hardware and software, according to the report.  

As the GRU released collections of e-mails from Democratic organizations and the Clinton campaign, the Trump campaign used the information to criticize Clinton. In particular, Clinton's use of a personal e-mail server for government work, as well as her legal team's deletion of e-mail messages they deemed to be nonwork-related, became significant rallying points for Republicans. Trump frequently called on Clinton to release the e-mail messages and for other parties to "find" the messages.

As Secretary of State from 2009 to 2013, Clinton used a personal e-mail server to a much greater extent than her predecessors. In 2013, a hacker known as "Guccifer" — whose handle would later be used as an alias for Russian intelligence operations — compromised the e-mail account of Sidney Blumenthal, an adviser to both Secretaries of State Colin Powell and Clinton, and publicly revealed Clinton's personal e-mail server.

In 2014, as part of the aftermath of the investigation into US diplomats' deaths in Benghazi, the US Department of State requested that Clinton and other former Secretaries of State submit any work-related e-mails. Clinton's legal team identified 33,000 e-mails that fell within that category and deleted personal e-mail messages, according to testimony by James Comey, director of the FBI at the time

The e-mail investigation came to a political head during a press conference on July 27, 2016, with Trump taking the unprecedented step of calling for a foreign country to take action.

"If Russia or China or any other country has those e-mails, I mean to be honest with you, I'd love to see 'em," he said, later adding, "Russia, if you are listening, I hope you're able to find the 30,000 e-mails that are missing. I think you will probably be rewarded mightily by our press."

Within five hours of that statement, GRU operatives were attempting to hack into Clinton's e-mail servers and nonpublic accounts, according to the Mueller report.

Related Content:

 

 

 

Join Dark Reading LIVE for two cybersecurity summits at Interop 2019. Learn from the industry's most knowledgeable IT security experts. Check out the Interop agenda here.

Veteran technology journalist of more than 20 years. Former research engineer. Written for more than two dozen publications, including CNET News.com, Dark Reading, MIT's Technology Review, Popular Science, and Wired News. Five awards for journalism, including Best Deadline ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Page 1 / 2   >   >>
REISEN1955
50%
50%
REISEN1955,
User Rank: Ninja
4/25/2019 | 8:50:11 AM
Re: Correlation or Causality
Here we go - discussion has gone off the rails for technical issue and become more general.  Regret this, Linkedin is going political and so is this thread.  But there is a huge difference between 5 hours and 5 days. 
PaulV972
50%
50%
PaulV972,
User Rank: Strategist
4/24/2019 | 6:04:06 PM
Correlation or Causality
If one believes that Trump's challenge triggered the Russian's actions, it should be terrifying that they could gain full access within 5 hours. 

Once agin, we've gone beyond absurd.  I for one welcome the day when our Gov't and our Politicians take a matter like information security seriously.  Sadly, the dumb show about Facebook is a useful distraction from the failngs of the government to NOT collect obscene amounts of data on their citizens, abuse access to that data, or purely secure that data from outside influences.

I suspect that element that upset the policians most was that their campaign didn't have access. 

 

 
bwilkes8@gmail.com
100%
0%
[email protected],
User Rank: Strategist
4/24/2019 | 9:11:15 AM
Re: Russia Hacked Clinton's Computers Five Hours After Trump's Call
Point - individuals within the Clinton Campaign should have been more aware of phishing attempts, especially the campaign manager.

Point - individuals within the Clinton Campaign should have been reminded or even briefed basic security practices.

The report does not go into detail about what those individuals did other than to say they all opened phishing emails.  Vigilance was not part of their protocol.
bwilkes8@gmail.com
100%
0%
[email protected],
User Rank: Strategist
4/24/2019 | 9:06:39 AM
Re: Poor Editorial Choice
The actual time period is five days not five hours, which is stated in the Mueller Report.
RonR726
100%
0%
RonR726,
User Rank: Strategist
4/24/2019 | 8:56:10 AM
Re: Russia Hacked Clinton's Computers Five Hours After Trump's Call
If you are seeking a forensic analysis, look no furhter than Bill Binney's assessment who concluded:

Former NSA experts say it wasn't a hack at all, but a leak—


Hard science now demonstrates it was a leak—a download executed locally with a memory key or a similarly portable data-storage device. In short, it was an inside job by someone with access to the DNC's system.
REISEN1955
100%
0%
REISEN1955,
User Rank: Ninja
4/24/2019 | 8:29:23 AM
Re: Russia Hacked Clinton's Computers Five Hours After Trump's Call
Interesting but I would consult more directed source books on cybersecurity - doubt Mueller gets into testing requirements for CIISP cert. 
bwilkes8@gmail.com
0%
100%
[email protected],
User Rank: Strategist
4/23/2019 | 10:26:37 AM
Re: Russia Hacked Clinton's Computers Five Hours After Trump's Call
I've finished Volume I of the "Mueller Report" and there are many teaching points that cybersecurity professionals can use for points of education to end-users.

As someone who is wanting to learn more about cybersecurity this volume of the report is textbook material justifying IT secuirty training within the workplace. 
AndrewfOP
100%
0%
AndrewfOP,
User Rank: Strategist
4/23/2019 | 9:45:25 AM
Poor Editorial Choice
All news organization engaged in attention-grabbing headlines.  This article is not only the norm, but also pushes the boundary.  The relevant content for the headline did not appear until the last paragraph and even then, it barely has more information than the headline.  The headline description at most should be part of the lead sentence, and regardless of the headline problem, there should be more elaboration of the five hour hack.  Terrible execution overall.

 
PanamaVet
100%
0%
PanamaVet,
User Rank: Strategist
4/23/2019 | 8:45:01 AM
Re: Russia Hacked Clinton's Computers Five Hours After Trump's Call
 Well said.  The content of the article does not validate the headline.

I believe they underestimate their audience.

I fully support their rights to free speech in the USA.

I am free to choose where I go for trustworth information security content.

I dropped an email to a friend of mine in sales at Cylance asking if they know about this editorial shift at DarkReading.  I know they take their marketing strategy seriously.  I included a link to this article. 

 

I have seen other technology publishers make the switch to politics.  I don't want my friends to suffer because of it.

The problem in this case is not just politics.  It is the inability to draw a reliable conclusion that includes the editorial hierarchy.  It is sensational misinformation on the front page.

 

 

 

 

 

 

 

 
bwilkes8@gmail.com
100%
0%
[email protected],
User Rank: Strategist
4/22/2019 | 9:56:32 AM
Russia Hacked Clinton's Computers Five Hours After Trump's Call
This article should address

- Use of spearphishing

- Lack of IT security training

- Patterns of hacking

However, its title is inaccurate based upon the report's content and its subject matter tarnishes this sites creditbility. 
Page 1 / 2   >   >>
97% of Americans Can't Ace a Basic Security Test
Steve Zurier, Contributing Writer,  5/20/2019
How Security Vendors Can Address the Cybersecurity Talent Shortage
Rob Rashotte, VP of Global Training and Technical Field Enablement at Fortinet,  5/24/2019
TeamViewer Admits Breach from 2016
Dark Reading Staff 5/20/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Building and Managing an IT Security Operations Program
As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-7068
PUBLISHED: 2019-05-24
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .
CVE-2019-7069
PUBLISHED: 2019-05-24
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution .
CVE-2019-7070
PUBLISHED: 2019-05-24
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .
CVE-2019-7071
PUBLISHED: 2019-05-24
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
CVE-2019-7072
PUBLISHED: 2019-05-24
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .