Hackers for the Russian government gained access to Democratic National Committee’s computer network to monitor emails and search for information about Donald Trump.
Though the hackers were expelled from the system last weekend, they had had access to the DNC network for over a year. They were able to read all of the committee’s internal communications, including emails and chat logs, and to copy files related to presidential candidate Donald Trump.
“The purpose of such intelligence gathering is to understand the target’s proclivities,” former NSA general counsel Robert Dietz told the The Washington Post. He explained that as Trump was new to the political arena, the Russian government did not know what sort of foreign policy he held and how it should react. “This sort of intelligence could be used by Russia, for example, to indicate where it can get away with foreign adventurism,” Dietz continued.
Rep. Debbie Wasserman Schultz has stated that the DNC acted quickly once the security breach was discovered. “When we discovered the intrusion, we treated this like the serious incident it is and reached out to CrowdStrike immediately,” she said. CrowdStrike is a cyber security firm that the DNC hired in April, when it first noticed the breach. “Our team moved as quickly as possible to kick out the intruders and secure our network.”
CrowdStrike found that two separate Russian groups were responsible for the hacks. The first group, which the firm nicknamed “Cozy Bear,” penetrated the network last summer and kept tabs on the DNC’s internal communications. It was also responsible for the 2014 cyber security breach of the White House, State Department, and Joint Chiefs of Staff.
The second group, known as “Fancy Bear,” hacked into the network in late April and stole files related to Trump. It was this breach that DNC officials noticed and which led them to seek out CrowdStrike. CrowdStrike has since installed software on every DNC computer that would detect if hackers attempted to break in again.
A spokesperson for the Russian Embassy has denied any knowledge of the cyber invasion.