The cybersecurity expert who solved the DNC hacks believes his revelation forced the Russians to speed up their timeline for interfering in last year’s election.
Rob Johnston led the investigation by CrowdStrike into the breach, which had been discovered seven months before but largely ignored until May 2016, and he told his story for the first time to Buzzfeed News.
The 30-year-old Marine Corps veteran quickly determined that hackers associated with Russian intelligence services had stolen every single email typed by DNC staffers in two attacks, one that had left malware a year earlier and a second just months earlier.
Johnston told the shocked and horrified DNC officials, including then-chair Debbie Wasserman Schultz, that he didn’t believe the hackers would do anything with the stolen data — although he came to regret that assessment.
The DNC and CrowdStrike started working with the FBI at that point to remove all the malware and contain the problem, and party officials decided to go public with the hack before the story spun out of their control.
The Washington Post published a story, “Russian government hackers penetrated DNC, stole opposition research on Trump,” on June 14, 2016, based on Johnston’s findings.
The next day, a Twitter account called Guccifer 2.0 claimed responsibility for the hack and posted a trove of data allegedly stolen from the DNC servers.
Looking back, more than a year later, Johnston believes going public with his findings about the hack had forced Russia to quickly change their plans for using the stolen emails.
“We accelerated their timeline,” Johnston told Buzzfeed News. “I believe now that they were intending to release the information in late October or a week before the election.”
He believes Russian intelligence expected the DNC to stay quiet about the hacks, which he described as more of a brazen ransacking than a burglary.
“We discovered who they were,” Johnston said. “I don’t think the Russian intelligence services were expecting it, expecting a statement and an article that pointed the finger at them.”
Wikileaks began releasing thousands of hacked DNC emails a month later, in July 2016 — shortly before then-GOP nominee Donald Trump called on Russia to find and release thousands of missing emails associated with Hillary Clinton.
Intelligence officials have determined that the leaks were carefully timed as part of an effort by the Russian government to help Trump defeat Clinton, and the Justice Department and Congress are investigating whether the GOP campaign colluded with the Kremlin.
Johnston ended his work for the DNC in July 2016, and he has since left CrowdStrike and started his own cybersecurity firm, Adlumin.
Even though his work helped lead to the special counsel investigation, he’s never been questioned by Robert Mueller’s team or lawmakers conducting multiple probes of last year’s election.
He’d never even spoken to a reporter about his findings because, he told Buzzfeed News, no one had ever asked him.