What we know about Russia's hacking of US election

Photo_hackers_business_US

Hackers try to break the security-oriented challenges during an ethical hacking contest at the 7th edition of 'Insomni'hack - Swiss security conference and ethical hacking contest', in Geneva, Switzerland.

MOSCOW - Russia has pledged retribution after the US turfed out dozens of diplomats and imposed sanctions over alleged cyberattacks aimed at skewing the presidential election.

Moscow has consistently denied it was behind the hacking and insists Washington has never provided any firm proof of its guilt.  

READ: Russia retaliates for Washington sanctions

Therein lies the problem: irrefutable evidence determining the identity of the hackers and the reason for their attacks is hard, if not impossible, to find.

Here is what is known so far about the "who, what and why" of the hacking strikes during the recent US election campaign.

Who hacked what?

  • In May, US National Intelligence Director James Clapper warns of cyberattacks against the campaigns, without specific reference to any source.
  • On 15 June, CrowdStrike, a cybersecurity firm hired by the Democratic National Committee to investigate break-ins in its computer systems, points to two separate Russian intruders. "Both adversaries engage in extensive political and economic espionage for the benefit of the government of the Russian Federation and are believed to be closely linked to the Russian government's powerful and highly capable intelligence services," it says.

READ: Trump brushes off Russia vote hacking claims

CrowdStrike says hacking entity Cozy Bear, linked to Russia's GRU military intelligence agency, intercepted Democratic Party communications from June 2015 on, while Fancy Bear, linked to Russia's security service (FSB), targeted and stole DNC dossiers related to then Republican frontrunner Donald Trump beginning in March.

A month later, the WikiLeaks website begins publishing the pirated material.

  • On 5 September, US President Barack Obama warns Russian President Vladimir Putin over the hacking during a private meeting in China, according to US officials.
  • On 7 October, the 17 US intelligence agencies conclude the Russian government is behind the cyberattacks and that they are "intended to interfere with the US election process".

Meanwhile, WikiLeaks publishes a near-daily dose of emails stolen from the Gmail account of John Podesta, chairman of Hillary Clinton's campaign, up until just before the election. SecureWorks, another cybersecurity consultant, says Podesta's emails were hacked by the same groups who hacked the DNC.

  • On 9-10 December, the Washington Post and New York Times report that the CIA concluded Moscow intended to help Trump's campaign by releasing the hacked material.

The billionaire president-elect dismisses the CIA conclusion as "ridiculous". Russia denies all claims.

  • On 12 December, leading Congressional lawmakers call for an investigation into Russia's role in the cyberattacks.
  • On 15 December, Republican Senator Lindsey Graham reveals his campaign accounts were also hacked by Russians ahead of the November vote.
  • On 29 December, Obama announces a barrage of punishment for Moscow over the alleged attacks, including the deportation of 35 suspected intelligence agents and sanctions against the GRU and FSB intelligence agencies.

The FBI and Department of Homeland Security also release a briefing to provide "technical details regarding the tools and infrastructure used by the Russian civilian and military intelligence Services to compromise and exploit networks and endpoints associated with the US election."

Could Russia pull this off?

The talents of Russian state-serving hackers are now the stuff of legend.

Descended from the tradition of Soviet economic espionage, they broadened the scope to also probe and punish political targets.

Russia was blamed for a cyberattack on Estonia in 2007, when the Baltic state's main internet sites crashed after being flooded with surplus requests, in a so-called distributed denial of service, or DDoS, attack. It knocked out the national emergency hotline for more than an hour.

Other Russian neighbours including Ukraine and Georgia, as well as states which have strained relations with Moscow, have endured similar attacks.

The US election hacking looks like a Russian state-sponsored strike, Andrey Soldatov, editor-in-chief of Agenta.ru and a specialist on Russian secret services and cybercrime, told AFP.

"Given Russia's history of cyberattacks, I would think this is a case of coordination between private and government actors, involving informal actors coordinated by those at the highest levels," Soldatov said.

The campaign hackers did not need innovative technical skills to strike; simple "phishing" emails, which invite email readers to click on a link, were enough to get the hackers in.

All for Trump?

Experts have not agreed on whether Russia set out to help Trump clinch a White House victory, as Clinton's team says.

Soldatov says it is likely that the Kremlin sought to weaken the position of the former secretary of state, whom it views as "a kind of sworn enemy" and has blamed for inciting unrest after Russia's own elections in 2011.

"But I'm not certain the principal goal was to get Trump elected. These guys at the Kremlin are believers in conspiracy theories," he said, noting that up until the November 8 vote Moscow had warned that potential voter fraud could steal the election from Trump.