With the Democratic National Convention under way, the FBI has announced that it’s looking into the email hack (20,000 messages were posted to WikiLeaks over the weekend) that is now threatening to derail the proceedings in Philadelphia. “The FBI is investigating a cyber intrusion involving the DNC and are working to determine the nature and scope of the matter,” said the agency in a statement. “A compromise of this nature is something we take very seriously, and the FBI will continue to investigate and hold accountable those who pose a threat in cyberspace.” That’s probably cold comfort for Debbie Wasserman Schultz, who was forced to resign from her job as DNC chair over the leaked emails, which confirmed Bernie Sanders’s long-standing belief that she and many of her colleagues had been pulling for Hillary Clinton throughout the Democratic primary.
Meanwhile, the Clinton camp continued to push the claim that the emails were stolen and publicized by Russia — or just some Russians — interested in helping Donald Trump. “I don’t think it’s coincidental that these emails were released on the eve of our convention here, and I think that’s disturbing,” campaign manager Robby Mook told CNN on Monday. (“What a joke,” the Trump campaign responded.) Mook offered up some more detailed evidence of Russian involvement while speaking to the press on Sunday. From the New York Times:
The experts cited by Mr. Mook include CrowdStrike, a cybersecurity firm that was brought into the Democratic National Committee when officials there suspected they had been hacked.
In mid-June the company announced that the intruders appeared to include a group it had previously identified by the name “Cozy Bear” or “APT 29” and been inside the committee’s servers for a year. A second group, “Fancy Bear,” also called “APT 28,” came into the system in April. It appears to be operated by the G.R.U., the Russian military intelligence service, according to federal investigators and private cybersecurity firms. The first group is particularly well known to the F.B.I.’s counterintelligence unit, the C.I.A. and other intelligence agencies. It was identified by federal investigators as the likely culprit behind years of intrusions into the State Department and White House unclassified computer system.
Also on Monday, Yahoo News published a report detailing the experiences of Alexandra Chalupa, a DNC employee who, after beginning opposition research on Trump campaign chair Paul Manafort (who has worked on behalf of Putin), repeatedly received a troubling notification from Yahoo’s email security team: “We strongly suspect that your account has been the target of state-sponsored actors.”
“Chalupa’s message, which had not been previously reported, stands out: It is the first indication that the reach of the hackers who penetrated the DNC has extended beyond the official email accounts of committee officials to include their private email and potentially the content on their smartphones,” Yahoo News noted. “Two sources familiar with the breach said that the hackers’ reach was far more widespread than initially thought and includes personal data about big party contributors and internal ‘vetting’ evaluations that include embarrassing comments about their business dealings (as well as gossipy internal emails about the private affairs of DNC staffers).” Stay tuned: WikiLeaks says it still has more material to release.