Columns

Kerry Talks DNC Hack with Lavrov as FBI Probes 'Nature and Scope' of Breach

Secretary of State John Kerry chats with Russian Foreign Minister Sergey Lavrov on Feb. 11, 2016, at the Hilton Hotel in Munich, Germany, before a meeting of the International Syria Support Group. (State Department photo)

Secretary of State John Kerry told reporters today that he broached the subject of the hacked DNC emails with his Russia counterpart.

“With respect to Foreign Minister [Sergei] Lavrov, I did raise the issue of the DNC,” Kerry told reporters in Laos. “And as you know, the FBI is investigating the incident and it’s important for the FBI to do its work. And before we draw any conclusions in terms of what happened or who is behind it it’s very important that whatever public information is put out is based on fact.”

“So I raised the question and we will continue to work to see precisely what those facts are. And the FBI has responsibility for this investigation and we’ll let them speak as they proceed forward gathering those facts.”

The FBI said in a statement that it is investigating the weekend Wikileaks dump and has also reached out to the Republican National Committee about their cybersecurity measures. Officials told CNN that the DNC hack is suspected to be part of a “wave” of hacks targeted at U.S. political bodies and think tanks, but no hacks have been detected at the RNC.

“The FBI is investigating a cyber intrusion involving the DNC and are working to determine the nature and scope of the matter,” the FBI said. “A compromise of this nature is something we take very seriously, and the FBI will continue to investigate and hold accountable those who pose a threat in cyberspace.”

At Monday’s briefing, White House press secretary Josh Earnest likened the situation to the 2014 Sony hack.

“There was a careful and intensive law enforcement investigation into that hacker — obviously, it generated lots of headlines — and an assessment was reached by a variety of national security agencies, including the FBI, that the actor involved was clear. And the impact that it would have on the investigation to release the conclusions that they’ve reached about the attribution would be beneficial. So those are two separate determinations that have to be reached,” Earnest said. “Ultimately, those conclusions will be reached by these national security agencies who are focused on the national security the United States and the successful completion of an investigation.”

“So I know that there’s been a lot of public reporting about this particular matter. And I know that there some private sector entities that have conducted their own investigations, and even release their own reports on these investigations. I’m not in a position to speak to the veracity of what conclusions have been reached by private sector entities.”

Cybersecurity company CrowdStrike reportedly first noticed the hack by two Russian intelligence groups on June 14. CrowdStrike CTO Dmitri Alperovitch wrote in a blog post at the time that they were called upon by the DNC to investigate a suspected breach and “immediately identified two sophisticated adversaries on the network – COZY BEAR and FANCY BEAR.”

“We’ve had lots of experience with both of these actors attempting to target our customers in the past and know them well. In fact, our team considers them some of the best adversaries out of all the numerous nation-state, criminal and hacktivist/terrorist groups we encounter on a daily basis. Their tradecraft is superb, operational security second to none and the extensive usage of ‘living-off-the-land’ techniques enables them to easily bypass many security solutions they encounter,” Alperovitch said. “In particular, we identified advanced methods consistent with nation-state level capabilities including deliberate targeting and ‘access management’ tradecraft – both groups were constantly going back into the environment to change out their implants, modify persistent methods, move to new Command & Control channels and perform other tasks to try to stay ahead of being detected.”

“Both adversaries engage in and are believed to be closely linked to the Russian government’s powerful and highly capable intelligence services.”

Earnest said the White House has to “protect the ability of the FBI and other national security agencies to do their work to conduct these investigations and to follow the facts where they lead.”

“So if there is a decision that is made by our national security professionals to release additional information about what they’ve learned in the context this investigation, it seems likely, as was the case in 2014, that they will be the first to release that information,” he added.

“We know that there variety of actors both state and criminal who are looking for vulnerabilities in the cyber security of the United States and that includes Russia. But as it relates to this situation that we are to conduct a — the FBI’s going to lead a careful investigation, and if there is a decision that’s made to release information about conclusions that have been reached about the attribution of this attack, that’s likely that the FBI would be the first one to make that announcement as they were with regard to Sony hack in 2014.”

Donald Trump tweeted Monday, “The new joke in town is that Russia leaked the disastrous DNC e-mails, which should never have been written (stupid), because Putin likes me.”

At a Roanoke, Va., rally, Trump said that “whether you like [former DNC chairwoman Debbie Wasserman Schultz] or not, she worked very hard to rig the system so that Hillary got in.”

“It’s true, right? It’s true. No, it’s true. She worked very, very hard to rig the system. Little did she know that China, Russia, one of our many, many friends came in and hacked the hell out of us. Can you imagine? Can you imagine what they’re hacking?” he added. “I guarantee we’ll find the 33,000 e-mails.”