Russian Actors Have Been Hacking U.S. Government, Private Entities for Years

DNC cyber attack would be latest in string of hacks traced to Russia

Russian President Vladimir Putin's working trip to Tver Region
July 28, 2016

Russian actors have been hacking into U.S. government and private cyber systems for years, disregarding attempts by the Obama administration to temper relations with Moscow and prevent cyber attacks.

Russia’s hostile actions in cyber space have come under increased scrutiny amid reports of the country’s likely culpability in an attack on the Democratic National Committee computer network, a matter currently under FBI investigation. According to the New York Times, U.S. intelligence agencies have expressed "high confidence" that the Russian government orchestrated the cyber attack, which resulted in thousands of emails written by DNC officials being released online by WikiLeaks.

If tied to Russia, the hack would be the latest in a string of cyber attacks on U.S. systems that have been traced to actors in Russia.

Russian hackers are said to be responsible for numerous cyber attacks in recent years that have infiltrated networks used by the White House, State Department, Joint Chiefs of Staff, and the Pentagon. Cyber security researchers have also uncovered a state-sponsored Russian hacking group that has targeted the United States, the North Atlantic Treaty Organization (NATO), and private American entities for at least seven years.

Hacking attempts by Russian actors have persisted after the United States and Russia signed a bilateral agreement in 2013 to cooperate more in the cyber realm to reduce threats to information security. Data collected by cyber security firm CrowdStrike last year indicated that Russia ramped up cyber attacks after the U.S. imposed sanctions on Russian entities and individuals in response to the country’s military intervention in Ukraine.

Shane Tews, a fellow at the American Enterprise Institute who focuses on cyber security and internet governance, said to the Washington Free Beacon that the U.S. government and private entities have not put enough resources toward cyber security. The government also does not have a plan of action in place to retaliate against foreign hackers, she said.

"Money and resources would definitely help, but once you realize something is going on, you need to have a plan of action," Tews said. "We don’t have an official act of cyber war or cyber deterrence strategy."

One year ago, hackers infiltrated the Joint Chiefs of Staff unclassified email system used by roughly 4,000 military and civilian personnel, forcing the government to shut down the system for nearly two weeks. Investigators traced the attack to Russia days after it was disclosed by the Pentagon.

"This attack was fairly sophisticated and has the indications … of having come from a state actor such as Russia," an unnamed U.S. official told the Washington Post in last August.

Defense Secretary Ash Carter revealed months earlier that Russian hackers successfully breached the Pentagon’s unclassified network for several hours.

"After learning valuable information about their tactics, we analyzed their network activity, associated it with Russia, and then quickly kicked them off the network, in a way that minimized their chances of returning," Carter said during an April speech rolling out the Pentagon’s new cyber strategy, labeling the breach "worrisome."

The same month, news broke that Russian hackers were believed to have hacked into the State Department and White House unclassified computer systems, gaining access to the former for months.

Russian hackers have also targeted private American entities and Western alliances. A report by cyber security researchers at F-Secure Labs last year shed light on the seven-year hacking operation of "the Dukes," a hacking group that is believed to have been working for the Russian Federation since 2008 to accumulate intelligence to inform Moscow’s foreign policy.

According to the research, the hacking group targeted the United States and NATO beginning in 2009. The group ran hacking campaigns against a U.S.-based foreign policy think tank, a NATO exercise in Europe, and a NATO information center in Georgia.

"This is not new," Tews observed. "The Russians have been hacking for a longtime."

The Center for Strategic and International Studies, a Washington-based research institution, has a timeline tracking major cyber incidents that have occurred globally since 2006, several of which have been attributed to Russia and many that have unknown sources. Chinese hackers have also perpetrated multiple cyber attacks on U.S. systems, including the massive Office of Personnel Management breach in 2014 that compromised the personal information of 22 million Americans.

Tews noted that Russian and Chinese hackers work together on cyber operations and do not launch attacks on one another. Last year, the two nations inked a cyber security deal agreeing not to conduct cyber attacks against one another and boosting information and technology sharing between their governments.

Revelations pointing to Russia’s likely involvement in the DNC hack come at a time when U.S.-Russian relations are arguably at their lowest point since the Cold War, more than seven years after the Obama administration’s infamous failed Russian "reset." Intelligence officials told Reuters that the Russian hackers intentionally left behind digital fingerprints to assert Moscow as a "cyber power."

Russia has displayed increasingly hostile behavior towards the United States and Western interests, by buzzing close to U.S. ships with warplanes in the Baltic Sea and threatening a military buildup in response to NATO’s decision to boost its troop presence in Eastern Europe. Many top military officials have assessed Russia as the gravest existential threat to the United States and its allies.

"Russia has chosen to be an adversary and poses a long-term existential threat to the United States," retired Gen. Philip Breedlove, NATO’s former supreme commander, said in testimony before Congress in February.

Still, the Obama administration has sought cooperation with Russia in some areas. Any public accusations by the United States of Russia’s involvement in the DNC attack could threaten Secretary of State John Kerry’s efforts to finalize a deal with Russia on military cooperation and intelligence sharing in Syria.

The DNC leak, which came days before the Democratic National Convention, has riled both presidential campaigns.

Loyalists to Hillary Clinton have alleged that Russia perpetrated the hack to help Republican nominee Donald Trump, who has been scrutinized for his aides’ ties to Russia. Trump’s campaign has denied these allegations, though the candidate on Wednesday encouraged Russia to "find the 30,000 emails" that Clinton deleted from her personal email server before turning it over to the FBI.

The Kremlin has also dismissed theories that Russia orchestrated the hack to influence the U.S. election, without explicitly denying Russia’s culpability in the cyber attack.

This would not be the first instance in which foreign actors have been suspected of hacking U.S. political campaigns. Officials told NBC News in 2013 that Chinese actors hacked the presidential campaigns of Sen. John McCain (R, Ariz.) and Barack Obama.