Skip to Content
Computing

America’s indictment of Russian hackers underlines the cyber risks facing US politics

July 13, 2018

Special Counsel Robert Mueller’s charges against 12 members of Russia’s GRU military intelligence agency accused of hacking related to the 2016 US presidential election are a stark reminder of the ways in which technology can be used to disrupt democratic processes.
 
Speaking at a press conference announcing the charges today, Rod Rosenstein, the deputy US attorney general (pictured at center above), said the indictment (PDF) didn’t contain allegations that the hacking had actually influenced the outcome of the 2016 election.
 
But it provides plenty of details about just how extensive and well-planned the attack was on targets that included the Democratic Congressional Campaign Committee, Democratic National Committee, and the Clinton campaign. Here are a few of the things that immediately stand out.
 
Humans let the hackers in: The Russians didn’t need to probe systems for software weaknesses; they allegedly got in via the front door by sending “spearphishing” e-mails to trick campaign officials to click on bogus links like “Hillary-clinton-favorable-rating.xlsx” that revealed their passwords.
 
Once in, they knew how to get data out: Using malware dubbed X-Agent, the indictment says, the hackers were able to infect computers at the DCCC and gain access to the DNC’s network. They got far more than just e-mails, too—the malware allowed the attackers to snoop on what staffers were typing and take screenshots of their work. Security software can often spot suspicious attempts to extract large amounts of data from a system, but X-Agent compressed and encrypted data files before sneaking them out. 

They tried their best to cover their tracks … The Russians allegedly used an extensive network of servers to hide their tracks and funded the purchase of computer infrastructure using Bitcoin. Among other things, this enabled the hackers to pay a firm based in Romania to register a domain they used to distribute stolen content. They also tried to pass their attacks off as the handiwork of Guccifer 2.0, a lone Romanian hacker. (The indictment says one, unnamed US congressional candidate subsequently reached out to Guccifer to get access to stolen information.)
 
... and to hide from cyber sleuths: When Democratic officials realized their systems had been penetrated, they called in a security firm. To dodge the investigators, the Russians tried to erase evidence of their penetration using a widely used program that cleans unwanted files off computers.
 
They had state electoral systems in their sights: The indictment says the hackers got into the system of a state board of elections and stole information including names, addresses, dates of birth, and partial Social Security numbers related to half a million voters. They also hacked into the computer of an unnamed company that makes voter registration software.
 
With the US midterm elections looming in November, the news is an urgent reminder of the need to beef up the cyber defenses of the US political and electoral infrastructure. Earlier this year, Congress voted an additional $380 million of funding for states to improve security ahead of the midterms, and they’re soon due to explain how they intend to spend it. Given the sophistication of the attacks revealed in the indictment, election officials will need all the help they can get.

Deep Dive

Computing

child outside a destroyed residential building in Kiev
child outside a destroyed residential building in Kiev

Russia hacked an American satellite company one hour before the Ukraine invasion

The attack on Viasat showcases cyber’s emerging role in modern warfare.

hacked telecom concept
hacked telecom concept

Chinese hackers exploited years-old software flaws to break into telecom giants

A multi-year hacking campaign shows how dangerous old flaws can linger for years.

stock image of robots in a car plant
stock image of robots in a car plant

Transforming the automotive supply chain for the 21st century

Cloud-based tech solutions are helping manufacturers manage a new ecosystem of suppliers with greater agility and resilience.

inflection point post-NSO concept
inflection point post-NSO concept

The hacking industry faces the end of an era

But even if NSO Group is no more, there are plenty of rivals who will rush in to take its place. And the same old problems haven’t gone away.

Stay connected

Illustration by Rose WongIllustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.