The United States is publicly accusing Russia of launching a series of cyber attacks aimed at undermining the upcoming U.S. elections, though senior administration officials are stopping short of calling the intrusions an act of cyberwar.
In a statement released late Friday, the U.S. said it is “confident” Russia directed the hacks of the Democratic National Committee this past July, leaking thousands of emails that embarrassed the party in the days leading up to its national convention.
“These thefts and disclosures are intended to interfere with the US election process,” according to the statement from the Office of the Director of National Intelligence and the Department of Homeland Security.
“We believe, based on the scope and sensitivity of these efforts, that only Russia's senior-most officials could have authorized these activities,” the statement added.
Intelligence officials had suspected Russia of orchestrating the attack for several weeks, noting that Russia has used similar “tactics and techniques” to influence public opinion across Europe and Eurasia.
But U.S. intelligence community decided to go public with the attribution after newly uncovered information allowed them to reach a “higher degree of confidence,” a U.S. official told VOA.
The U.S. also said a series of recent cyber intrusions into state and local election-related systems originated from servers operated by a company in Russia, though it was not yet able to say whether those actions were also directed by Moscow.
“There’s an urgency here to release as much information as possible so the state and local authorities can fortify their [election] infrastructure,” a senior administration official told VOA on condition of anonymity. “We’re committed to making sure our election process is secure.”
A Kremlin spokesperson denied the allegations, telling Russian state media they are “rubbish” and “nonsense.”
At least 21 U.S. states have already sought cybersecurity assistance from the Department of Homeland Security, and officials are actively encouraging more state and local election officials to reach out.
Range of responses on table
Despite publicly naming Russia as the culprit behind the hacked emails released by Wikileaks and DCLeaks.com, U.S. officials do not expect the attacks to stop.
Instead, they expect Russia to continue with a steady stream of activity, enough to foment tensions but below the threshold that would trigger a severe escalation in hostilities.
Still, the U.S. warned it will not sit idly by.
“Some responses you may see and others you may not,” a U.S. intelligence official cautioned.
But so far, the U.S. is leery of labeling the Russian cyberattacks as acts of war.
A senior administration official said even though the attacks targeted systems critical to the country’s democracy, it is “more useful” to look at each individual situation, and that a response could include diplomatic, economic or cyber actions.
“That full range of tools will be considered,” the official said. “That’s going to happen at the time and place of our choosing.”
Long 'Cyber struggle'
National security expert Nicholas Rostow, a professor at the National Defense University, said he is not surprised that Russia is believed to be behind the hacks. While acknowledging that such a security breach is “a very bad thing,” he says “it’s hardly surprising in this day and age.” Russian President Vladimir Putin, he noted, is an intelligence specialist who spent years working for the KGB, Russia’s intelligence agency.
Rostow said he would not classify the U.S. statement as an act of war, but rather one more incident in a long session of “cyber struggle” with Russia. He said he “would be surprised if Russia is the only one trying to interfere,” noting that the United States also has a contentious relationship with China, and with Cuba. “There’s a constant effort to get at each other’s computers, to defend the computers, the communications, and all the rest of it,” he said.
Meanwhile the campaign of Democratic presidential candidate Hillary Clinton said Friday’s developments raises the question of “why Donald Trump continues to make apologies for the Russians.” Republican candidate Trump had expressed doubt about Russia’s involvement in the hacking of the Democratic National Committee emails. The Trump campaign has not yet released a statement on the U.S. allegations.
Also Friday, the Wikileaks web site released hundreds of emails reportedly hacked from the private email account of John Podesta, Clinton’s campaign manager.
Hacked emails, skewed polls
Most notable was the attack on the Democratic National Committee, which resulted in the leak of thousands of emails that embarrassed the party in the days leading up to its national convention in July and forced the resignation of its chair, Debbie Wasserman Schultz.
DHS says some U.S. states have seen scanning and probing of their election-related systems, which in most cases, it says, originated from servers operated by a Russian company, although the statements says the U.S. is "not now in a position to attribute this activity to the Russian Government."
Last week after the first presidential debate between Republican candidate Donald Trump and Democratic candidate Hillary Clinton, messages appeared on the message boards 4Chan and Reddit, encouraging Trump supporters to vote multiple times in online polls, skewing the results.
VOA's own Azerbaijan service experienced a mysterious spike in Trump votes in its post-debate online poll last week, with Clinton leading for several hours after the debate and most of the Trump votes coming in within a three-hour time frame. The structure of such online polls make it impossible to know who is voting or whether they vote more than once.
Meanwhile, U.S. officials are trying to reassure voters that they system is safe. They say the hacks are meant to undermine confidence in the voting system.
"What people need to know about this is that our voting infrastructure is really quite resilient," Homeland Security Adviser Lisa Monaco told a Cyber Warfare Summit hosted by the Washington Post on Thursday. "We ought to be very confident in our election system."
Hard to hack
In reality, hacking the U.S. election would be incredibly difficult, since it is not federalized into a single entity. Instead, the election is spread across about 8,000 localities, with each one using its own methods, systems and rules. In many jurisdictions, the process is offline altogether.
"Our system is decentralized," explains Thomas Hicks, commissioner of the Election Assistance Commission, who also spoke at the forum Thursday. "And with a decentralized system, you'd need an army of folks to try to get into the system."
But there are still vulnerabilities, as described by specialists at the cyber warfare event Thursday.
One risk is at the state and local level. Hackers have recently targeted voter registration systems in more than 20 states, the Department of Homeland Security said last week. In at least a "few cases," officials said the hackers succeeded in gaining access to state voting-related systems.
Responding to the threats, at least 21 states have asked for federal cyber security assistance, according to DHS.
So far there have been no reports of manipulation. But the threat is real and could be highest in the handful of so-called swing states that typically determine the winner of U.S. elections.
A cyber security company, Carbon Black, warned last week the battleground state of Pennsylvania could be the most at risk, in part because some parts of the state use electronic voting machines without adequate paper backup.
Campaigns, parties, vulnerable
It's not just the voting process that is susceptible to hackers. Other parts of the U.S. election apparatus, including political parties and individual campaigns, are also at risk.
Though the DNC has so far experienced the worst of the hacking attacks, Republican Party operatives have also been targeted, according to Brett DeWitt, the Senior Policy Advisor for Cybersecurity for the U.S. House of Representatives Committee on Homeland Security.
"Both political parties have been hacked," DeWitt says. "They're trying to undermine the integrity and confidence of the entire election system, Republican or Democrat."
The problem is complicated by the fact that many political campaigns and committees are traditionally reluctant to spend a major amount of money on cyber protections, instead preferring to throw their funds into political ends.
"All these political organizations want to put all their resources into winning races and promoting candidates and building their party," says Michael Sussman, a former Department of Justice cybercrimes prosecutor, who is on the DNC's newly formed cyber security board.
More to come?
Sussman says he expects more emails to eventually be released by the hackers who broke into the DNC networks. And he says he wouldn't be surprised if there were more politically motivated attacks to come.
"We know it's Russian state-sponsored, and we know that the groups doing it are very sophisticated, and in fact, it is their day job." he says. "They're not going to go away, and they're going to be very persistent."
The condemnation came amid escalating tensions between Washington and Moscow over a range of international disagreements, including U.S. charges that Russian airstrikes in support of embattled Syrian President Bashar al-Assad have been hitting hospitals and other civilian targets in rebel-held
eastern Aleppo.
