Some friends these days don’t know what news is true, especially Republicans, who don’t trust respected but typically left-leaning outlets like the NYT and the Post, but are beginning to realize that Fox News is crap. To help them out, and to wrap my head around what is happening, I looked through the 29-page indictment released hours ago, retrieved straight from the Justice Department website. Here’s my summary.
Who is being accused of crimes today?
In short, the Russian military. Specifically, the indictment charges 11 high-ranking Russian military officials, including a Major, a Lieutenant Colonel, a Colonel, a Senior Lieutenant, and a Second Lieutenant. It looks like this indictment only includes the leaders and major players within the operation. My speculation: with people this senior, it seems unlikely that Putin could not have known about and approved of this attack. He may have even managed it directly.
What are they being accused of?
A vast three-pronged cyber attack on the United States for the purpose of damaging one political party to help throw an election to the another political party they liked more.
What did they do exactly?
A lot. The three prongs were (a) damage the party’s major organizations, (b) damage the party’s leaders, and (c) damage the American election apparatus (actual voting systems, state election boards, etc.). The overall strategy for the first two prongs seems to be to steal as many documents they could, hopefully some that are damaging, and then strategically release the docs in order to inflict maximal damage on the political candidate that the Russians didn’t like. Looks like they were less successful at harming the governments machinery around elections (the third prong).
Prong 1: Organizations
The main part of Prong 1 was a successful effort to hack directly into the two most important organizations in the targeted party: the Democratic National Committee (DNC), which focuses on presidential elections, and the Democratic Congressional Campaign Committee (DCCC), which focuses on electing Senators and House members. For example, they had an ongoing malicious presence on at least 13 different DNC and DCCC computers for around 6 months (May-Oct 2016; the election was just after on November 8th). Their ongoing presence on these computers allowed them spy on people as they entered passwords, composed documents, composed emails, financial records, and so forth. They could take screen shots as people worked.
Prong 2: Individuals
The main part of Prong 2 was targeting over 300 individual party leaders, activists, and staff, including 76 individuals with email addresses hosted through the presidential campaign. They gained illegal access to many personal email accounts, stealing tens of thousands of personal and professional emails and documents. For example, they stole 50,000 documents from the chair of the presidential campaign alone (the role of campaign chair is typically understood to be the most important person in a campaign besides the candidate). They tried to gain access to the presidential candidates’ documents too.
Prong 3: Election-Day Systems
The efforts targeting election-day systems was less successful, but in some ways more scary. Two of the defendants attempted to hack these systems directly (e.g., state boards of elections, secretaries of state, and the companies that provide the election software that we use to record people’s votes). At least one state board of elections was successfully hacked. Though we do not know the full damage of this successful hack, we do know that at a minimum information on 500,000 American voters in this state were stolen. One unnamed technology company was also successfully hacked, and we don’t know if the Russians were able to use what they found to change votes. We also know that specific counties in Georgia, Florida, and Iowa were probed for vulnerabilities. These two Russians also targeted 100 individuals in October, 2018, weeks before the election with similar malicious code that they used to break into the DNC and DCCC. My own wild speculation: perhaps the Russians did not realize how wildly successful they would be at damaging the public image of the target political party and thought they might also try a somewhat last-minute, under-resourced, hail-mary pass to try to cripple Americans’ ability to actually cast and count our votes correctly. I, along with the intelligence community, am very worried about future attacks and the extremely minimal efforts we taken to counter them and Russian aggression generally.
These Russian military officers then turned to the question of how to publicize all these stolen documents in a way to maximize damage on the American political party they disliked. They planned and discussed dissemination for at least a month before any documents were released. One thing they did is to invent the persona of a fictitious lone Romanian (Guccifer 2.0) as a go-between. The indictment says this “Guccifer” did at least four things:
- Some unnamed candidate for the United States congress actually reached out to this “Guccifer 2.0” and asked for stolen documents that he/she could use to embarrass his/her political opponent. Guccifer 2.0 then sent that US congressional candidate stolen documents. My speculation: This has gotten very little attention so far, but I imagine the name of this congressional candidate will come to light someday and that person’s career will end. You can’t traffic in stolen bicycles, let alone things stolen by an enemy of the United States for the purposes of hurting the United States.
- “Guccifer 2.0” offered a news reporter stolen emails from the presidential candidate’s staff and gave this reporter access to these documents.
- “Guccifer 2.0” sent 2.5 gigabytes (i.e., a lot of docs) to a lobbyist and reporter, including detailed information on 2,000 major donors to the Democratic party.
- “Guccifer 2.0” sent stolen documents about the Black Lives Matter movement to a reporter and coordinated with the reporter about how to time the release and publicity of the documents.
In addition to “Guccifer 2.0,” the Russian military distributed stolen documents through an unnamed news organization (some people think this was WikiLeaks, though the indictment does not say).
- First, the Russians coordinated with this unnamed news organization about timing to inflict maximum damage on the Democratic party. For example, they were highly aware of the divisions between Clinton supporters and Bernie supporters, and aware that in America party conventions are used to heal divisions that arise during party primaries. One quote from the unnamed organization on page 18 reads, “If you have anything Hillary related we want it in the next two days preferably because the Democratic National Convention is approaching and she (Hillary Clinton) will solidify Bernie supporters around her after.”
- This request was apparently granted. Six days later, on July 22nd, 2016, three days before the Democratic party’s national convention, 20,000 stolen documents were released through the unnamed news organization.
- From October 7th to November 7th (the presidential election was the next day on Nov. 8), the 50,000 emails from the chair of the Democratic presidential campaign was released by this unnamed organization in 33 “tranches,” which I think means they let it out in drips everyday to make sure it stayed in the news in the month leading up to the election to do maximal damage to the Democratic presidential campaign.
Many other laws were broken in the process of this three-pronged attack, such as identify theft, lying on official documents, and at least $95,000 worth in money laundering (they paid for many things they needed with cryptocurrencies).
So do we now know the extent of Russian meddling in the 2016 Presidential election?
No. These indictments concern the second of at least two major ways Russia attacked us in 2016. Six months ago, the Justice Department indicted 13 Russians who spear-headed the vast social-media effort to disseminate false and misleading information directly to voters (I didn’t summarize that effort, but maybe I should have). Now we have found that the Russian military, led by these 11 officers, led a second major attack, this time a direct and large scale cyber attack on one of our political parties, it’s leaders, and American election-day processes. Hopefully there is not a third big shoe to drop, but we do not know what else the Justice Department will conclude.
So what do we do now?
If you haven’t already done so, recognize that America was attacked. Treat the threat seriously. Put America before party. Vote against any candidate who does not do the same. (In my view, doing anything otherwise is just straight-up unpatriotic. I don’t mean that as a slur or anything. That’s what the word unpatriotic means.) Encourage others to do the same (that’s why I felt the need to spend the last few hours writing this blog post…also because I’m a huge nerd wanted to read the indictment itself instead of through a media filter).
Practically speaking, I think putting America first here means three things. First, voting for politicians seeking to do everything they can to help investigators finish their work–we can’t defend ourselves if we don’t know how we are being attacked. Second, voting against politicians who claim that efforts to examine how Russian attacked us is “a witch hunt,” “a made up story,” or “an excuse by Democrats for having lost an election they should have won”–we can’t protect ourselves from attacks if leaders deny we are being attacked. Third, we have to take major steps to defend ourselves from future attacks–its not remotely enough just to find out what Russia did and have leaders willing to recognize it. At some point, we’ll have to fight back.