Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

DHS/FBI issue joint report on Russian hacking of US election and subsequent govt sanctions

  • ABC News – Obama Issues Sanctions for Alleged Russian Hacking – “President Obama has expelled 35 Russian nationals and sanctioned five Russian entities and four individuals for an alleged cyber assault on Democratic political organizations during the 2016 presidential campaign, the White House announced today. “I have ordered a number of actions in response to the Russian government’s aggressive harassment of U.S. officials and cyber operations aimed at the U.S. election,” Obama wrote in a statement. “These actions follow repeated private and public warnings that we have issued to the Russian government, and are a necessary and appropriate response to efforts to harm U.S. interests in violation of established international norms of behavior.”
  • New York Times – Obama Strikes Back at Russia for Election Hacking: “The Obama administration struck back at Russia on Thursday for its efforts to influence the 2016 election, ejecting 35 Russian intelligence operatives from the United States and imposing sanctions on Russia’s two leading intelligence services, including four top officers of the military intelligence unit the White House believes ordered the attacks on the Democratic National Committee and other political organizations. In a sweeping set of announcements, the United States was also expected to release evidence linking the cyberattacks to computer systems used by Russian intelligence. Taken together, the actions would amount to the strongest American response ever taken to a state-sponsored cyberattack aimed at the United States…”
  • US-CERT (US Computer Emergency Readiness Team) – GRIZZLY STEPPE – Russian Malicious Cyber Activity Summary – December 29, 2016: “This Joint Analysis Report (JAR) is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). This document provides technical details regarding the tools and infrastructure used by the Russian civilian and military intelligence Services (RIS) to compromise and exploit networks and endpoints associated with the U.S. election, as well as a range of U.S. Government, political, and private sector entities. The U.S. Government is referring to this malicious cyber activity by RIS as GRIZZLY STEPPE. Previous JARs have not attributed malicious cyber activity to specific countries or threat actors. However, public attribution of these activities to RIS is supported by technical indicators from the U.S. Intelligence Community, DHS, FBI, the private sector, and other entities. This determination expands upon the Joint Statement released October 7, 2016, from the Department of Homeland Security and the Director of National Intelligence on Election Security. This activity by RIS is part of an ongoing campaign of cyber-enabled operations directed at the U.S. government and its citizens. These cyber operations have included spearphishing campaigns targeting government organizations, critical infrastructure entities, think tanks, universities, political organizations, and corporations leading to the theft of information. In foreign countries, RIS actors conducted damaging and/or disruptive cyber-attacks, including attacks on critical infrastructure networks. In some cases, RIS actors masqueraded as third parties, hiding behind false online personas designed to cause the victim to misattribute the source of the attack. This JAR provides technical indicators related to many of these operations, recommended mitigations, suggested actions to take in response to the indicators provided, and information on how to report such incidents to the U.S. Government…”
  • Statement by the President on Actions in Response to Russian Malicious Cyber Activity and Harassment, December 29, 2016 – “I have issued an executive order that provides additional authority for responding to certain cyber activity that seeks to interfere with or undermine our election processes and institutions, or those of our allies or partners. Using this new authority, I have sanctioned nine entities and individuals: the GRU and the FSB, two Russian intelligence services; four individual officers of the GRU; and three companies that provided material support to the GRU’s cyber operations. In addition, the Secretary of the Treasury is designating two Russian individuals for using cyber-enabled means to cause misappropriation of funds and personal identifying information. The State Department is also shutting down two Russian compounds, in Maryland and New York, used by Russian personnel for intelligence-related purposes, and is declaring “persona non grata” 35 Russian intelligence operatives. Finally, the Department of Homeland Security and the Federal Bureau of Investigation are releasing declassified technical information on Russian civilian and military intelligence service cyber activity, to help network defenders in the United States and abroad identify, detect, and disrupt Russia’s global campaign of malicious cyber activities.”  See also White House Fact Sheet, December 29, 2016.
  • Executive Order on December 29, 2016 – Annex to Executive Order — Taking Additional Steps to Address the National Emergency with Respect to Significant Malicious Cyber-Enabled Activities
  • Executive Order on December 29, 2016 – Executive Order — Taking Additional Steps to Address the National Emergency with Respect to Significant Malicious Cyber-Enabled Activities
  • Treasury Sanctions Two Individuals for Malicious Cyber-Enabled Activities, December 29, 2016
  • U.S. Senators John McCain (R-AZ) and Lindsey Graham (R-SC) released the following statement today on the Obama Administration’s announcement of new sanctions against Russia for its cyberattacks on the 2016 election: “The retaliatory measures announced by the Obama Administration today are long overdue. But ultimately, they are a small price for Russia to pay for its brazen attack on American democracy. We intend to lead the effort in the new Congress to impose stronger sanctions on Russia.”
  • New York Times – How Russia Recruited Elite Hackers for Its Cyberwar – “While much about Russia’s cyberwarfare program is shrouded in secrecy, details of the government’s effort to recruit programmers in recent years…college students, or even criminals — are shedding some light on the Kremlin’s plan to create elite teams of computer hackers…For more than three years, rather than rely on military officers working out of isolated bunkers, Russian government recruiters have scouted a wide range of programmers, placing prominent ads on social media sites, offering jobs to college students and professional coders, and even speaking openly about looking in Russia’s criminal underworld for potential talent. Those recruits were intended to cycle through military contracting companies and newly formed units called science squadrons established on military bases around the country…”

Sorry, comments are closed for this post.