April 8, 2015—June 9, 2015: A hacking attack on a French TV network is blamed on a Russian group that will later be accused of hacking political entities in the US.

150408TV5MondePierreVerdyAFP

The headquarters of French television network TV5 Monde in Paris, France. (Credit: Pierre Verdy / Agence France Presse)

The French television network TV5 Monde is attacked by hackers on April 8, 2015. A group claiming to be linked to ISIS (also known as the Islamic State) and calling itself “Cyber Caliphate” shuts down the network’s TV channels for several hours. The group also posts pro-ISIS propaganda on the station’s website.

However, on June 9, 2015, it is reported by the BBC and elsewhere that French police have decided that attack was actually done by hackers based in Russia. The “Cyber Caliphate” claim was a false front to deflect blame. Police are said to be focusing their investigation on the Russian hacking group known as Fancy Bear or APT 28. French media reports that the group has also targeted the computer systems of Russian dissidents, Ukrainian activists, and others. (BBC, 6/9/2015) (France24, 6/10/2015)

In July 2016, the Washington Post will report that French authorities believe the Glavnoje Razvedyvatel’noje Upravlenije (GRU) was behind the cyberattack. This is one of two Russian military intelligence agencies that will be accused of hacking the Democratic National Committee (DNC) in 2015 and 2016. The GRU has been linked to the Fancy Bear or APT 28 hacking group. The Post will also claim that some analysts believe the attack was Russian retaliation against France for backing out of an agreement to sell helicopter carriers to Russia because of Russian aggression in Ukraine. (The Washington Post, 7/24/2016)

 

July 24, 2016: It is suggested that the Russian government has attempted to influence elections in other countries, sometimes by using front groups.

160724MichaelVickersBAESystems

Michael Vickers (Credit: BAE Systems, Inc.)

Michael Vickers, who was undersecretary of defense for intelligence from 2011 to 2015, says that if the Russian government is behind the recent leak of Democratic National Committee (DNC) emails by WikiLeaks, it would be unprecedented for the US. “What is really new here is the attempt to influence the politics of the United States. That is the problem.”

However, he also points out that there is evidence the Russians have attempted to influence elections in European countries close to their border. For instance, in 2004, a Russian hacker group calling itself Cyber Berkut claimed it hacked and disabled the electronic vote-counting system of the Ukraine central election commission three days before the presidential election. However, analysts believe the hack was actually done by the Glavnoje Razvedyvatel’noje Upravlenije (GRU), one of two Russian military intelligence agencies accused of recently hacking the DNC. These analysts claim the GRU created Cyber Berkut as a false front to deflect responsibility. (The Washington Post, 7/24/2016)

July 25, 2016: The FBI formally acknowledges it is investigating the Democratic National Committee (DNC) hack.

The FBI has been investigating the hack of the DNC and related political entities for months. For instance, the FBI warned the Clinton campaign they were the target of hacking attacks in March 2016. However, this is the first public admission of an investigation. An FBI spokesperson says the bureau will “investigate and hold accountable those who pose a threat in cyberspace.” This announcement comes three days after WikiLeaks publicly posted almost 20,000 emails from the DNC.

160725RussianMilitaryIntelligenceEmblempublic

Emblem of the Glavnoje Razvedyvatel’noje Upravlenije (GRU) (Credit: public domain)

The Washington Post reports that according to unnamed ” individuals familiar with the investigation,” the FBI is focusing on the Russian military intelligence agency, known as the Glavnoje Razvedyvatel’noje Upravlenije or GRU, and looking into if it was responsible for giving the emails to WikiLeaks. However, it is believed that the Russian Federal Security Service, known as the Federal’naya Sluzhba Bezopasnosti or FSB, broke into the DNC’s computers as well.

The FBI wants to determine with certainty whether the Russian government passed the emails to WikiLeaks. This is likely to involve other US intelligence agencies, such as the NSA and the CIA, which potentially could intercept communications or gather intelligence overseas.

If it is definitively proven that the Russians are responsible, then the US would have to consider what to do next. The Post comments, ” Responses could range from a diplomatic wrist slap or warning to countermeasures.” In 2014, Sony Pictures was hacked, and there were reports that the government of North Korea was responsible. The US government imposed economic sanctions on North Korea in response. President Obama also signed an executive order enabling US officials to impose economic sanctions in response to significant hacking attacks. (The Washington Post, 7/25/2016)

July 26, 2016: US intelligence agencies have “high confidence” that the Russian government is behind the hack of DNC emails.

160726RussianFederalSecurityService

Emblem of the Russian Federal Security Service (Credit: public domain)

The New York Times claims this is according to unnamed “federal officials who have been briefed on the evidence.” But these officials are uncertain if the hack is part of “fairly routine cyberespionage” or part of an effort to manipulate the 2016 US presidential election. The DNC (Democratic National Committee) emails were  published by WikiLeaks on July 22, 2016, causing political turmoil for Democrats and resulting in the resignation of Debbie Wasserman Schultz, from her position as DNC chair.

The federal investigation, involving the FBI and other intelligence agencies began in April 2016, when the hack was first detected. It has concluded that the Russian Federal Security Service (Federal’naya Sluzhba Bezopasnosti or FSB) entered the DNC’s computer network in the summer of 2015. (This corresponds with previous reports of a hacking by a Russian group known as Cozy Bear or APT 29.) The Rusian Main Intelligence Directorate (Glavnoje Razvedyvatel’noje Upravlenije or GRU) independently penetrated the same network later. (This corresponds with previous reports of a hacking by a Russian group known as Fancy Bear or APT 28.) Investigators believe the GRU has been playing a larger role in publicly releasing the emails.

The Times says the intelligence community’s conclusion puts pressure on President Obama to publicly accuse Russia of orchestrating the hacking, which could negatively impact the diplomatic relationship between the US and Russia in general. (The New York Times, 7/26/2016)