December 2015: The FBI warns the DNC (Democratic National Committee) that it is a target of a hacker attack.

According to a July 2016 Yahoo News article, the FBI contacts the DNC in late 2015 and tells their IT (information technology) staffers that there has been a hacking attack on the DNC’s computer network. The FBI provides no details, such as who the hackers might be.

It will later be discovered that a hacker broke into the DNC network in the summer of 2015. Despite the FBI warning, the hacker won’t be ejected from the network until around June 2016. (Yahoo News, 7/29/2016)

March 2016: The FBI warns the Clinton campaign that it is a target of a hacker attack, but the campaign doesn’t assist the FBI.

160301ClintonFBIpublic

The Clinton campaign logo superimposed over the FBI logo. (Credit: public domain)

This is according to what two unnamed “sources who have been briefed on the matter” will tell Yahoo News in July 2016. FBI officials privately meet with senior Clinton campaign officials and express concern that hackers are using “spear phishing” techniques to access the campaign’s computers. They ask the campaign to turn over internal computer logs and the personal email addresses of top campaign staffers to help the FBI’s investigation. But the campaign declines to do so after deciding the request for personal data is too broad and intrusive. The FBI doesn’t give any mention as to who the hackers might be.

One month later, the campaign will learn on its own that its computers have been hacked and they will use a private cybersecurity company to combat the hackers.

Yahoo News will comment that the FBI’s “warning also could raise new questions about why the campaign and the DNC didn’t take the matter more seriously.”

At the time, the FBI has an active investigation into Clinton’s email usage while she was secretary of state, and Clinton’s campaign isn’t sure how extensive that inquiry is. There have been media reports that the investigation extended into unethical practices at the Clinton Foundation, which could theoretically include interest in more recent communications.

Yahoo News will report that, according to an unnamed internal source, “Campaign officials had reason to fear that any production of campaign computer logs and personal email accounts could be used to further such a probe.” But the FBI insists that its request for data to combat the hacking has no connection to any other investigation, and since there is no subpoena forcing the issue, the Clinton campaign turns down the request. (Yahoo News, 7/29/2016)

Late April 2016—Early May, 2016: Hacking attacks on a DNC consultant researching pro-Russian politicians in Ukraine lead DNC leaders to conclude the Russian government is behind such attacks.

160530AlexandraChalupaLinkedIn

Alexandra Chalupa (Credit: Linked In)

Alexandra Chalupa, a consultant for the Democratic National Committee (DNC), has been working for several weeks on an opposition research file about Paul Manafort, the campaign manager of Republican presidential nominee Donald Trump. Manafort has a long history of advising politicians around the world, including controversial dictators. Logging into her Yahoo email account, she gets a warning entitled “Important action required” from a Yahoo cybersecurity team. The warning adds, “We strongly suspect that your account has been the target of state-sponsored actors.”

Paul Manafort (Credit: Linked In)

Paul Manafort (Credit: Linked In)

Paul Manafort was a key adviser to Ukrainian President Viktor Yanukovych from 2004 until 2010. Yanukovych is a controversial figure frequently accused of widespread corruption and was overthrown after a massive series of protests in February 2014, and has since been living in Russia, protected by the Russian government. Chalupa had been drafting memos and writing emails about Manafort’s link to pro-Russian Ukrainian leaders such as Yanukovych when she got the warning. She had been in contact with investigative journalists in Ukraine who had been giving her information about Manafort’s ties there.

Chalupa immediately alerts top DNC officials. But more warnings from Yahoo’s security team follows. On May 3, 2016, she writes in an email to DNC communications director Luis Miranda, “Since I started digging into Manafort, these messages have been a daily occurrence on my Yahoo account despite changing my password often.”

160725ScreenshotCapturedYahooNews(1)

A photo capture of the Yahoo security warning appearing on DNC consultant Alexandra Chalupa’s computer screen. (Credit: Yahoo News)

In July 2016, she will tell Yahoo News, “I was freaked out,” and “This is really scary.” Her email message to Miranda will later be one of 20,000 emails released by WikiLeaks on July 22, 2016, showing that there was good reason to be concerned about hacking attempts.

Chalupa’s email to Miranda, results in concern amongst top level DNC officials. One unnamed insider will later say. “That’s when we knew it was the Russians,” since Russia would be very interested in Chalupa’s research and other countries like China would not. This source also says that as a precaution, “we told her to stop her research.”

Yahoo will later confirm that it did send numerous warnings to Chalupa, and one Yahoo security official will say, “Rest assured we only send these notifications of suspected attacks by state-sponsored actors when we have a high degree of confidence.” (Yahoo News, 7/25/2016)

July 22, 2016: Guccifer 2.0 takes credit for the DNC emails posted by WikiLeaks.

160722Guccifer2Tweet

Tweet posted by Guccifer 2.0 on July 22, 2016. (Credit: Guccifer 2.0 / Twitter)

Shortly after WikiLeaks publishes almost 20,000 emails from the Democratic National Committee (DNC), the hacker known as Guccifer 2.0 takes credit. His website is not updated, but he writes at his Twitter account: “@wikileaks published #DNCHack docs I’d given them!!!” (Twitter, 6/22/2016)

He has previously posted many DNC files on his own website, starting on June 15, 2016. And on that same day, he claimed that he had given “thousands of files and mails” to WikiLeaks.

 

July 24, 2016—July 26, 2016: Clinton’s campaign manager Robby Mook suggests the Russian government is behind the release of DNC emails by WikiLeaks.

160724RobbieMookDouglasGrahamCQRollCallGroup

Clinton campaign manager Robbie Mook (Credit: Douglas Graham / Congressional Quarterly Roll Call Group)

On July 24, 2016, Mook says, “What’s disturbing about this entire situation is that experts are telling us that Russian state actors broke into the DNC [Democratic National Committee], took all those emails, and are now leaking them out through these websites,” such as WikiLeaks. “It’s troubling that some experts are telling us this was done by the Russians for the purpose of helping [Republican presidential nominee] Donald Trump.”

Mook also apologizes for the content of some emails, which show the DNC had a bias in favor of Clinton and against Senator Bernie Sanders, despite DNC rules that it should be neutral in the Democratic primaries. (The Hill, 7/24/2016)

Trump’s campaign manager Paul Manafort calls Mook’s comments “pure obfuscation.” He adds, “What they don’t want to talk about is what’s in those emails.” (The Washington Post, 7/24/2016)

Two days later, Mook makes similar accusations about Russia. He also says, “I think the timing around our convention was not a coincidence.” WikiLeaks released 20,000 DNC emails on June 22, 2016, just three days before the start of the Democratic National Convention. (The Hill, 7/26/2016)

July 25, 2016: Democratic Party officials believe recent hacks are “far more widespread than initially thought.”

160724DNCBoardsCommissionsSpreadsheetWikileaks

Sample of DNC spreadsheet released by Wikileaks, titled “Boards and Commissions” listing generous DNC donors who are being considered for appointments to various Boards and Commissions. Donor email addresses and phone numbers were blacked out by thompsontimeline. (Credit: Wikileaks)

Yahoo News reports about the series of hacking attacks targeting the Democratic National Committee (DNC), Clinton campaign, and other US political targets starting in the summer of 2015 and continuing until at least June 2016. “Two sources familiar with the [DNC] breach said that the hackers’ reach was far more widespread than initially thought and includes personal data about big party contributors and internal ‘vetting’ evaluations that include embarrassing comments about their business dealings (as well as gossipy internal emails about the private affairs of DNC staffers). … Party officials are bracing for more damaging document dumps after Labor Day [September 7, 2016]. ‘They’re having to do serious damage control with the donors right now,’ said a party official familiar with the matter.”

Additionally, Yahoo News mentions, “There are also signs that the hackers have penetrated the personal email of some Clinton campaign staffers — at least those who were in communication with senior DNC staff members.” (Yahoo News, 7/25/2016)

July 26, 2016—July 28, 2016: Russia denies any role in hacking the DNC’s emails and claims to be neutral in the US presidential election.

160726SergeyLavrovpublic

Russian Foreign Minister Sergey Lavrov (Credit: public domain)

On July 26, 2016, Russian Foreign Minister Sergey Lavrov strongly dismisses suggestions that the Russian government could have been behind the hacks that led to the public release of 20,000 Democratic National Committee (DNC) emails.  He says, “I don’t want to use four-letter words.”  (The New York Times, 7/26/2016)

Two days later, Russian government spokesperson Dmitry Peskov says accusations of Russian involvement in the hacking of the emails border on “total stupidity” and are motivated by anti-Russian sentiment. “As regards these [email] batches, that is not our headache. We never poke our noses into others’ affairs and we really don’t like it when people try to poke their nose into ours. … The Americans need to get to the bottom of what these emails are themselves and find out what it’s all about.”

Peskov also says Russia won’t change what he claims has been a neutral stance on the US 2016 presidential election. “We know perfectly well that candidates in the heat of a preelection struggle say one thing, but that later, when under the weight of responsibility, their rhetoric becomes more balanced.”

Some US analysts claim that the Russian media, which is heavily influenced by the Russian government, has shown a clear tilt in favor of Trump. (Reuters, 7/28/2016)

July 26, 2016: US intelligence agencies have “high confidence” that the Russian government is behind the hack of DNC emails.

160726RussianFederalSecurityService

Emblem of the Russian Federal Security Service (Credit: public domain)

The New York Times claims this is according to unnamed “federal officials who have been briefed on the evidence.” But these officials are uncertain if the hack is part of “fairly routine cyberespionage” or part of an effort to manipulate the 2016 US presidential election. The DNC (Democratic National Committee) emails were  published by WikiLeaks on July 22, 2016, causing political turmoil for Democrats and resulting in the resignation of Debbie Wasserman Schultz, from her position as DNC chair.

The federal investigation, involving the FBI and other intelligence agencies began in April 2016, when the hack was first detected. It has concluded that the Russian Federal Security Service (Federal’naya Sluzhba Bezopasnosti or FSB) entered the DNC’s computer network in the summer of 2015. (This corresponds with previous reports of a hacking by a Russian group known as Cozy Bear or APT 29.) The Rusian Main Intelligence Directorate (Glavnoje Razvedyvatel’noje Upravlenije or GRU) independently penetrated the same network later. (This corresponds with previous reports of a hacking by a Russian group known as Fancy Bear or APT 28.) Investigators believe the GRU has been playing a larger role in publicly releasing the emails.

The Times says the intelligence community’s conclusion puts pressure on President Obama to publicly accuse Russia of orchestrating the hacking, which could negatively impact the diplomatic relationship between the US and Russia in general. (The New York Times, 7/26/2016)

July 28, 2016: Director of National Intelligence James Clapper shows reluctance to blame Russia for recent hacks on US political entities.

160728JamesClapperpublic

Director of National Intelligence James Clapper (Credit: public domain)

Clapper says the US government is not “quite ready yet” to “make a public call” about who is responsible for the hacking on the Democratic National Committee’s (DNC) computer network that resulted in almost 20,000 emails being released by WikiLeaks. However, he hints that one of “the usual suspects” is likely to blame. He also says, “We don’t know enough [yet] to … ascribe a motivation, regardless of who it may have been.”

Yahoo News reports that there is a vigorous debate inside the Obama administration about whether to publicly blame the Russian government for the hacking. One unnamed senior law enforcement official says the Russians are “most probably” involved, but investigation is ongoing.

Clapper is said to be amongst a faction who is resisting publicly blaming the Russians, since it is the kind of activity that intelligence agencies regularly engage in, including the US at times. Clapper also publicly comments, “[I’m] taken aback a bit by … the hyperventilation over this,” He adds in a sarcastic tone, “I’m shocked somebody did some hacking. That’s never happened before.” (Yahoo News, 7/29/2016)