The Cable

The Cable goes inside the foreign policy machine, from Foggy Bottom to Turtle Bay, the White House to Embassy Row.

The Same Russian Hackers Hit the DNC and the DCCC, Security Firms Say

Russian military intelligence appears to be behind the hack of the Democratic National Committee and the Democrats’ congressional campaign organization, experts say.

NEW YORK, NY - NOVEMBER 10:  Network cables are plugged in a server room on November 10, 2014 in New York City. U.S. President Barack Obama called on the Federal Communications Commission to implement a strict policy of net neutrality and to oppose content providers in restricting bandwith to customers.  (Photo by Michael Bocchieri/Getty Images)
NEW YORK, NY - NOVEMBER 10: Network cables are plugged in a server room on November 10, 2014 in New York City. U.S. President Barack Obama called on the Federal Communications Commission to implement a strict policy of net neutrality and to oppose content providers in restricting bandwith to customers. (Photo by Michael Bocchieri/Getty Images)

Cybersecurity companies studying the breach of the Democratic National Committee and the Democratic Congressional Campaign Committee have found evidence indicating that the same group of Russian hackers breached both groups’ computer systems.

According to ThreatConnect and Fidelis Cybersecurity, two security firms that have been studying the activities of a hacker group dubbed Cozy Bear, hackers from that organization used some of the same internet infrastructure to attack the two Democratic groups. Cozy Bear hackers utilized an email address identified by German intelligence as one used by the group to register an internet domain that was then used in the attack on the DCCC.

According to Justin Harvey, the chief security officer at Fidelis, the finding provides 90 percent certainty that hackers working on behalf of Russian intelligence carried out both the DNC and the DCCC attack.

Cybersecurity companies studying the breach of the Democratic National Committee and the Democratic Congressional Campaign Committee have found evidence indicating that the same group of Russian hackers breached both groups’ computer systems.

According to ThreatConnect and Fidelis Cybersecurity, two security firms that have been studying the activities of a hacker group dubbed Cozy Bear, hackers from that organization used some of the same internet infrastructure to attack the two Democratic groups. Cozy Bear hackers utilized an email address identified by German intelligence as one used by the group to register an internet domain that was then used in the attack on the DCCC.

According to Justin Harvey, the chief security officer at Fidelis, the finding provides 90 percent certainty that hackers working on behalf of Russian intelligence carried out both the DNC and the DCCC attack.

In recent days, the alleged breach of DNC servers by Russian hackers — a charge vehemently denied by Moscow — and the publishing of Democratic Party emails by WikiLeaks has led Hillary Clinton’s lieutenants to accuse the Kremlin of intervening in the presidential election on behalf of her rival, Donald Trump. The real estate mogul has consistently taken a pro-Russia stance during the campaign — a jarring posture for the Republican nominee — most recently on Sunday, when he said Russia would not intervene in Ukraine, where it has had troops since 2014, when Moscow forcibly annexed the Crimean peninsula.

Private sector researchers have said they are confident that hackers working on behalf of Russian intelligence perpetrated the breach of DNC servers. The U.S. intelligence community has reportedly reached the same conclusion, but it remains unclear exactly how DNC emails ended up in the hands of WikiLeaks.

The White House, meanwhile, is reportedly considering just how to respond to the Russian hack of U.S. political organizations and the release of emails.

The hacker Guccifer 2.0 has claimed credit for the DNC hack — but not the DCCC breach — and said he would provide stolen files to WikiLeaks. But cybersecurity researchers believe he is a persona created by Moscow to deflect attention from its alleged responsibility in carrying out the hack.

Monday’s finding that the same Russian hackers may have also breached the DCCC points toward Moscow’s broader campaign against U.S. political targets, with the apparent effort to destabilize Clinton, whom Russian President Vladimir Putin blames personally for protests in Russia that nearly cost him his third term in 2011.

The release of DNC emails just ahead of the Democratic National Convention — which sparked the resignation of party chairwoman Debbie Wasserman Schultz — broke new ground in how purloined information may be used to affect an election. The communications posted by WikiLeaks showed Democratic Party staffers, who are supposed to remain neutral in the primary campaign, working to undermine the candidacy of Bernie Sanders, an independent senator from Vermont.

Photo credit: MICHAEL BOCCHIERI/Getty Images

 Twitter: @EliasGroll

More from Foreign Policy

The Taliban delegation leaves the hotel after meeting with representatives of Russia, China, the United States, Pakistan, Afghanistan, and Qatar in Moscow on March 19.

China and the Taliban Begin Their Romance

Beijing has its eyes set on using Afghanistan as a strategic corridor once U.S. troops are out of the way.

An Afghan security member pours gasoline over a pile of seized drugs and alcoholic drinks

The Taliban Are Breaking Bad

Meth is even more profitable than heroin—and is turbocharging the insurgency.

Sviatlana Tsikhanouskaya addresses the U.N. Security Council from her office in Vilnius, Lithuania, on Sept. 4, 2020.

Belarus’s Unlikely New Leader

Sviatlana Tsikhanouskaya didn’t set out to challenge a brutal dictatorship.

Taliban spokesperson Zabihullah Mujahid

What the Taliban Takeover Means for India

Kabul’s swift collapse leaves New Delhi with significant security concerns.