FBI took months to warn Democrats of suspected Russian role in hack: sources
The FBI did not tell the Democratic National Committee that U.S officials suspected it was the target of a Russian government-backed cyber attack when agents first contacted the party last fall, three people with knowledge of the discussions told Reuters.
And in months of follow-up conversations about the DNC’s network security, the FBI did not warn party officials that the attack was being investigated as Russian espionage, the sources said.
The lack of full disclosure by the FBI prevented DNC staffers from taking steps that could have reduced the number of confidential emails and documents stolen, one of the sources said. Instead, Russian hackers whom security experts believe are affiliated with the Russian government continued to have access to Democratic Party computers for months during a crucial phase in the U.S. presidential campaign, the source said.
As late as June, hackers had access to DNC systems and the network used by the Democratic Congressional Campaign Committee, a group that raises money for Democratic candidates and shares an office with the DNC in Washington, people with knowledge of the cases have said.
A spokeswoman for the FBI said she could not comment on a current investigation. The DNC did not respond to requests for comment.
In its initial contact with the DNC last fall, the FBI instructed DNC personnel to look for signs of unusual activity on the group’s computer network, one person familiar with the matter said. DNC staff examined their logs and files without finding anything suspicious, that person said.
When DNC staffers requested further information from the FBI to help them track the incursion, they said the agency declined to provide it. In the months that followed, FBI officials spoke with DNC staffers on several other occasions but did not mention the suspicion of Russian involvement in an attack, sources said.
The DNC’s information technology team did not realize the seriousness of the incursion until late March, the sources said. It was unclear what prompted the IT team’s realization.
Emails captured in the DNC hack were leaked on the eve of the July 25-28 Democratic Party convention to name Hillary Clinton as the party’s presidential candidate in the Nov. 8 election against Republican Party nominee Donald Trump.
Those emails exposed bias in favor of Clinton on the part of DNC officials at a time when she was engaged in a close campaign against U.S. Senator Bernie Sanders for the party’s nomination.
The DNC said on Tuesday that three senior officials had resigned after the email embarrassment.
Last week, Debbie Wasserman Schultz stepped down as DNC chairwoman as criticism mounted of her management of the party committee, which is supposed to be neutral.
U.S. officials and private cyber security experts said last week they believed Russian hackers were behind the cyber attack on the DNC. The Obama administration has not yet publicly declared who it believes is responsible.
Director of National Intelligence James Clapper said last week the U.S. intelligence community was not ready to “make the call on attribution.”
It was not immediately clear how the FBI had learned of the hack against the DNC. One U.S. official with knowledge of the investigation said the agency had withheld information about details of the hacking to protect classified intelligence operations.
“There is a fine line between warning people or companies or even other government agencies that they’re being hacked – especially if the intrusions are ongoing – and protecting intelligence operations that concern national security,” said the official, who spoke on condition of anonymity.
The first internal DNC emails alerting party officials to the seriousness of the suspected hacking were sent in late March, one person said. In May, the DNC contacted California-based cyber security firm CrowdStrike to analyze unusual activity on the group’s network.
The Brooklyn-based Clinton campaign operation was also the target of hacking, people with knowledge of the situation have said. The Clinton campaign has confirmed that a DNC-linked system the campaign used to analyze voter data was compromised.
Yahoo News reported last week that the FBI had warned the Clinton campaign that it was the target of a hack in March, just before the DNC discovered it had been hacked.
Glen Caplin, a Clinton campaign spokesman, said it had taken steps to safeguard its internal information systems.
“Multiple Democratic party organizations, including our campaign and staff, have been the subject of attempted cyber attacks that experts say are Russian intelligence agencies, which enlist some of the most sophisticated hackers in the world,” Caplin said.
(Reporting By Mark Hosenball amd John Walcott in Washington and Joseph Menn in San Francisco; Editing by David Rohde and Grant McCool)