FBI probes another hack tied to Russia
By ELLEN NAKASHIMA | The Washington Post | Published: July 29, 2016
Russian government hackers have breached the computers of the Democratic Congressional Campaign Committee, according to individuals familiar with the matter.
The intrusion appeared to be carried out by the same Russian intelligence service that hacked the Democratic National Committee earlier this year, the individuals said.
The FBI is treating the DNC and DCCC breaches as one investigation now, said one person briefed on the matter. At the same time, the bureau is doing a broader probe of Russian hackers targeting political organizations, including the Clinton campaign, the campaign of GOP nominee Donald Trump and Republican political action committees.
The revelation of the DCCC breach, first reported by Reuters, came on the same evening that Democratic nominee Hillary Clinton made her acceptance speech at the party's national convention in Philadelphia.
"It's definitely part of a much, much broader campaign that is yet to fully be publicly revealed," said one of the sources, a cybersecurity expert familiar with the matter.
Hackers working for Russia's military intelligence service, the GRU, were traced to the DCCC intrusion, the sources said. Also known as APT 28 or Fancy Bear, they are the group the FBI believes took a cache of DNC emails.
On Friday, the DCCC confirmed in a statement that it had been the target of "a cybersecurity incident." Spokeswoman Meredith Kelly said private investigators told the DCCC the hack appeared similar to other incidents, including the DNC breach, but she did not name Russia.
"The DCCC takes this matter very seriously," said Kelly in the statement. "With the assistance of leading experts we have taken and are continuing to take steps to enhance the security of our network in the face of these recent events. We are cooperating with the federal law enforcement with respect to their ongoing investigation."
The DCCC intrusion apparently is part of a much broader campaign of political espionage by the Russians.
The FBI is still investigating the DNC hack. The bureau is trying to determine whether the emails obtained by the Russians are the same ones that appeared on the website of the anti-secrecy group WikiLeaks last week, setting off a firestorm that roiled the party in the lead-up to the convention.
The FBI is also examining whether APT 28 or an affiliated group passed those emails to WikiLeaks, law enforcement sources said.
The concern is that Moscow may be attempting to meddle in the U.S. election, which would be an unprecedented and highly troubling turn of events.
One element of the DCCC hack involved the creation of a spoof website registered with a domain name similar to that of the committee's main donation site, said an individual familiar with the matter. Internet traffic linked to contributions apparently was redirected to the fake site, the individual said.
But, he added, it is possible that the effort was aimed at gathering data on donors rather than siphoning money.
In May, Director of National Intelligence James R. Clapper Jr. warned that the intelligence community had seen "indications" of hacks and attempted intrusions of presidential campaigns.
The full scope of the intrusions has yet to be revealed. News of the latest hack is sure to add to the already significant level of concern in the White House about potential Russian interference in the U.S. electoral process.