Lost in Obstruction: Russia's Hacking of the 2016 Election

     This post looks at Russia’s hacking of the 2016 election.


     Its purpose is to highlight important information that the obstruction campaign of President Donald Trump and the Republican Party is trying to obscure for political benefit.


     All information is taken from the report of Special Counsel Robert Mueller.



     The Russian Federation’s Main Intelligence Directorate of the General Staff (GRU) conducted an extensive hacking operation that led to charges being filed against 12 Russians.


     The GRU stole hundreds of thousands of emails and documents by hacking into email accounts of persons affiliated with the Clinton campaign, including the email account of campaign chairman John Podesta, and the computer networks of the Democratic Congressional Campaign Committee (DCCC) and the Democratic National Committee (DNC)


     Information stolen from the DCCC and DNC included significant amounts of data pertaining to the 2016 election, including internal strategy documents, fundraising data, opposition research and emails of DNC employees.


     Separately hacked were computers belonging to state boards of elections, secretaries of state and U.S. companies that supplied software and other technology related to the administration of U.S. elections.


     The stolen information was released through three sources: the web site DCLinks.com, a Wordpress blog under the name Guccifer 2.0, and WikiLeaks. The releases of the documents were designed and timed to interfere with the 2016 U.S. presidential election and undermine the campaign of Hillary Clinton.


     DCLeaks.com pointed to different tranches of stolen documents, arranged by victim or subject matter. Other pages contained indexes of stolen emails that were being released. This information appeared to have originated from personal email accounts.


     A Facebook page under the name DCLeaks was also created and used primarily to promote release of materials. There was also a DCLeaks Twitter account and email address to communicate privately with reporters and others.


     Certain reporters were given early access to archives of leaked files by sending them links and passwords to pages that had not yet become public.


     The DCLeaks website remained operational and public until March 2017. The Guccifer 2.0 blog was launched in June 2016, the day after the DNC announced its network had been breached. Over the course of several months thousands of DNC and DCCC documents were released through a series of blog posts which ended less than a month before the 2016 election.


     Releases were organized around thematic issues, such as specific states that were perceived as competitive in the election. Some documents were released directly to reporters and other interested individuals.


     In order to expand its election interference, the GRU eventually transferred many of the documents it had stolen from the DNC and Podesta to WikiLeaks so they could be released by that site. WikiLeaks founder Julian Assange, who had expressed opposition to Clinton in the past, had access to the internet from the Ecuadorian Embassy in London.


     In July 2016, three days before the start of the Democratic National Convention, WikiLeaks released over 20,000 emails and other documents stolen from the DNC computer networks.


     In October 2016, WikiLeaks released the first batch of Podesta’s emails. From then until Nov. 7, 2016, it released 33 tranches of stolen emails. In total, over 50,000 documents stolen from Podesta’s account were released.


     In July 2016, Trump made a public statement that included “Russia, if you’re listening, I hope you’re able to find the 30,000 emails that are missing. I think you will probably be rewarded mightily by our press.” He was referring to the investigation into Hillary Clinton’s use of a private server while she was secretary of state.


     Within about five hours of that statement GRU officers targeted for the first time Clinton’s personal office. They created and sent malicious links targeting 15 email accounts at the domain, including one belonging to a Clinton aide.


     The Trump campaign showed interest in Wikileaks releases of hacked materials throughout the summer and fall of 2016.


     By the late summer of 2016 the Trump campaign was planning a press strategy, a communications campaign and messaging based on the possible release of Clinton emails by Wikileaks.


     Several individuals associated with the campaign were contacted in 2016 about various efforts to obtain the missing Clinton emails and other stolen material in support of the Trump campaign. Some of these contacts were met with skepticism, and nothing came from them; others were pursued to some degree.


     The Mueller investigation did not find evidence that the Trump campaign recovered any such Clinton emails, or that these contacts were part of a coordinated effort between Russia and the Trump campaign.


     As reports attributing the DNC and DCCC hacks to the Russian government emerged WikiLeaks and Assange made several public statements apparently designed to obscure the source of the materials that Wikileaks was receiving.


     The effort included falsely implying that Seth Rich, a former DNC staff member who was killed in July 2016, had been the source of the stolen DNC emails. However, file-transfer evidence and other information uncovered during the investigation discredit WikiLeaks’ claims about the source of material that it posted.


     The GRU also targeted individuals and entities involved in the administration of elections. Victims included U.S, state and local entities, such as state boards of elections, secretaries of state and county governments, as well as individuals who worked for these entities.


     The GRU also went after private technology firms responsible for manufacturing and administering election-related software and hardware, such as voter registration software and electronic polling stations.


     Mueller didn’t investigate this issue further, rather it was handled by the FBI, the U.S. Department of Homeland Security and the states involved.


     His report did say that the GRU compromised the computer network of the Illinois State Board of Elections by exploiting a vulnerability in its website. The GRU then gained access to a database containing information on millions of registered Illinois voters and extracted data related to thousands of U.S voters before the malicious activity was identified. This was investigated separately by the FBI.

This is What Obstruction Looks Like: Trump and McGahn

This is What Obstruction Looks Like: Trump and Sessions

This is What Obstruction Looks Like: Trump and Comey

This is What Obstruction Looks Like: All the President's Criminals

Lost in Obstruction: Russia's Active Measures on Social Media