July 2016—August 18, 2016: Hackers target the election databases in two US states, but the motives and identities of the hackers are unclear.

In July 2016, the FBI uncovers evidence that two state election databases may have been recently hacked, in Arizona and Illinois. Officials shut down the voter registration systems in both states in late July 2016, with the Illinois system staying shut down for ten days.

160701JehJohnsonpublic

Jeh Johnson (Credit: public domain)

On August 15, 2016,  Homeland Security Secretary Jeh Johnson heads a conference call with state election officials and offers his department’s help to make state voting systems more secure. In the call, he emphasizes that he is not aware of “specific or credible cybersecurity threats” to the November 2016 presidential election.

Three days later, the FBI Cyber Division issues a warning, titled “Targeting Activity Against State Board of Election Systems.” It reveals that the FBI is investigating hacking attempts on the Arizona and Illinois state election websites. The warning suggests the hackers could be foreigners and asks other states to look for signs that they have been targeted too. Out of the eight known IP addresses used in the attacks, one IP address was used in both attacks, strongly suggesting the attacks were linked.

An unnamed “person who works with state election officials calls the FBI’s warning “completely unprecedented. … There’s never been an alert like that before that we know of.” In the Arizona case, malicious software was introduced into its voter registration system, but apparently there was no successful stealing of data. However, in the Illinois case, the hackers downloaded personal data on up to 200,000 state voters.

160701TomKellermannBBCNews

Tom Kellermann (Credit: BBC News)

It is not known who was behind the attacks. One theory is that the Russian government is responsible. A former lead agent in the FBI’s Cyber Division said the way the hack was done and the level of the FBI’s alert “more than likely means nation-state attackers.” Tom Kellermann, head of the cybersecurity company Strategic Cyber Ventures, believes Russian President Vladimir Putin is ultimately behind the attacks, and thinks it is connected to the hacking of the Democratic National Committee (DNC) and other recently targeted US political targets. Kellermann says of Putin, “I think he’s just unleashed the hounds.”

But another leading theory is that common criminals are trying to steal personal data on state voters for financial gain. Milan Patel, former chief technology officer of the FBI’s Cyber Division, says, “It’s got the hallmark signs of any criminal actors, whether it be Russia or Eastern Europe.” But he adds, “the question of getting into these databases and what it means is certainly not outside the purview of state-sponsored activity.” Some cybersecurity experts note that hackers often target government databases for personal information they can sell.

160701RickBarger

Rich Barger (Credit: Threat Connect)

So far, the motive and identity of the hackers remains uncertain. Rich Barger, chief intelligence officer for ThreatConnect, says that one of the IP addresses listed in the FBI alert previously surfaced in Russian criminal underground hacker forums. However, sometimes these groups work alone, and other times they work for or cooperate with the Russian government. Barger also claims the method of attack on one of the state election systems appears to resemble methods used in other suspected Russian state-sponsored cyberattacks. But cybersecurity consultant Matt Tait says that “no robust evidence as of yet” connects the hacks to the Russian government or any other government.

US officials are considering the possibility that some entity may be attempting to hack into voting systems to influence the tabulation of results in the November 2016 election. A particular worry is that all of six states and parts of four others use only electronic voting with no paper verification. Hackers could conceivably use intrusions into voter registration databases to delete names from voter registration lists. However, this is still considered only a remote possibility. But the FBI is warning states to improve their cybersecurity to reduce the chances this could happen.

News of these attacks and FBI alerts will be made public by Yahoo News on August 29, 2016. (Yahoo News, 8/29/2016) (Politico, 8/29/2016)

July 1, 2016: The FBI reveals that all its agents in the Clinton email investigation have signed non-disclosure agreements and are subject to lie-detector tests.

FBI official Stephen Kelly sends a letter to Senator Charles Grassley (R), chair of the Senate Judiciary Committee, in reponse to his questions. The letter reveals that FBI agents taking part in the FBI’s Clinton email investigation were sworn to secrecy. The agents signed a non-disclosure agreement (NDA) called a “Case Briefing Acknowledgement” which says the disclosure of any information about the investigation is “strictly prohibited” without prior approval.

The NDA reads in part: “I (FBI agent) also understand that, due to the nature and sensitivity of this investigation, compliance with these restrictions may be subject to verification by polygraph examination.”

The FBI claims that “no one refused to sign” the NDA or “raised any questions or concerns” about it.

A sample of the non-disclosure (NDA) Agreement the FBI agents were required to sign. (Credit: public domain)

An unnamed recently retired FBI agent says that this kind of NDA is reserved for “the most sensitive of sensitive cases,” and can have a “chilling effect” on agents, who understand “it comes from the very top and that there has to be a tight lid on the case.” This person adds that such NDAs can also contribute to “group think” because investigators cannot bounce ideas off other agents, only those within a small circle. (Fox News, 7/14/2016)

An upper-ranking retired FBI official says, “This is very, very unusual. I’ve never signed one, never circulated one to others.” And a current FBI agent says, “I have never heard of such a form. Sounds strange.” (The New York Post, 7/12/2016)

Senator Chuck Grassley (Credit: The Associated Press)

Senator Chuck Grassley (Credit: The Associated Press)

Grassley first wrote to the FBI with questions about NDAs on February 4, 2016,  after a media report that FBI agents were asked to sign additional non-disclosure agreements in some cases.

Grassley comments that he finds it “troubling that the FBI tried to gag its agents with a non-disclosure agreement on this matter, in violation of whistleblower protection statutes.” Agents are only allowed to speak without permisssion in a limited number of circumstances, such as communications with Congress regarding waste, fraud, and abuse. (Fox News, 7/14/2016)

Information about this NDA will be first reported by The New York Post on July 12, 2016, shortly after the FBI announced Clinton would not be indicted. Fox New will wait for a follow-up letter to Grassley which won’t come until just after that announcement. (Fox News, 7/14/2016) (The New York Post, 7/12/2016)

July 1, 2016: Attorney General Loretta Lynch will accept whatever recommendations the FBI and career prosecutors give in the Clinton investigation.

Jonathan Capehart interviews U.S. Attorney General Loretta Lynch at the Aspen Ideas Festival on July 1, 2016. (Credit: MSNBC)

Jonathan Capehart interviews Attorney General Loretta Lynch in Aspen, Colorado, on July 1, 2016. (Credit: MSNBC)

Attorney General Loretta Lynch says of the FBI’s Clinton investigation, “The recommendations will be reviewed by career supervisors in the Department of Justice and in the FBI, and by the FBI director, and then as is the common process, they present it to me and I fully expect to accept their recommendations.”

She doesn’t completely recuse herself from the process, saying that if she did that she wouldn’t even be able to see the FBI’s report. She says, “While I don’t have a role in those findings, in coming up with those findings or making those recommendations as to how to go forward, I will be briefed on it and I will be accepting their recommendations.” (Politico, 7/1/2016)

The New York Times comments, “Her decision removes the possibility that a political appointee will overrule investigators in the case.” The Justice Department supposedly had been moving towards the arrangement since at least April 2016, but a private meeting on June 27, 2016 between Lynch and Hillary’s husband, former President Bill Clinton, “set off a political furor and made the decision all but inevitable.” (The New York Times, 7/1/2016)

Lynch claims that she had been planning to essentially recuse herself for months, although there is no evidence of this. But it seems clear her controversial meeting with Clinton played a role. She says of the meeting, “I certainly wouldn’t do it again. Because I think it has cast a shadow.” (Politico, 7/1/2016)

The Times says that the US attorney general often follows the recommendations of career prosecutors, so she “is keeping the regular process largely intact.” However, when the FBI, led by Comey, wanted to bring felony charges against former CIA Director David Petraeus in 2013, Lynch’s predecessor Eric Holder arranged a plea deal, reducing the charge to a misdemeanor and no jail time. The created a “deep and public rift” between the FBI and the Justice Department. (The New York Times, 7/1/2016)

White House Press Secretary Josh Earnest says President Obama didn’t play a role in Lynch’s decision, nor did he offer input on her decision to make that announcement. (Politico, 7/1/2016)

July 1, 2016: Attorney General Lynch says she regrets meeting with Bill Clinton.

Attorney General Loretta Lynch arrives in Arizona on June 29, 2016 for a planned visit to promote community policing.. (Credit: ABC News)

Attorney General Loretta Lynch arrives in Arizona for a planned visit to promote community policing. (Credit: ABC News)

At the same time that Attorney General Loretta Lynch announces she will mostly recuse herself from deciding if Clinton should be indicted or not, she also says that she regrets having a private meeting with Clinton’s husband, former President Bill Clinton. The meeting took place four days earlier, on June 27, 2016.

She says, “I certainly wouldn’t do it again. Because I think it has cast a shadow. The most important thing for me as attorney general is the integrity of this Department of Justice. And the fact that the meeting I had is now casting a shadow over how people will view that work is something that I take seriously and deeply and painfully.”

Politico points out, “Republicans have long complained that the Justice Department’s investigation into Hillary Clinton’s email server constitutes a conflict of interest by default. They have argued that Lynch, a Democratic political appointee, might seek to protect the Democratic presidential nominee.” Additionally, Bill Clinton appointed Lynch to be US Attorney for the Eastern District of New York in 1999. (Politico, 7/1/2016)