One of this week’s top stories featured the Democratic National Committee (DNC) breach, where allegedly a group of Russian hackers stole opposition research on Donald Trump, the Republican president candidate. Security firm Crowdstrike was hired to mitigate the data breach – and informed that their findings point to Russian hackers. New information might contradict those findings, because a hacker who calls himself Guccifer 2.0 claimed credit for this breach, providing leaks as proof.
Disclaimer: No matter how compelling the new leaks might seem, it is still too early to confirm if this information is genuine or not. Authorities have not yet released a statement to confirm or deny the claim, and Crowdstrike still stands by the initial findings: CrowdStrike stands fully by its analysis and findings identifying two separate Russian intelligence-affiliated adversaries present in the DNC network in May 2016. On June 15, 2016 a blog post to a WordPress site authored by an individual using the moniker Guccifer 2.0 claiming credit for breaching the Democratic National Committee. This blog post presents documents alleged to have originated from the DNC. Whether or not this posting is part of a Russian Intelligence disinformation campaign, we are exploring the documents¹ authenticity and origin. Regardless, these claims do nothing to lessen our findings relating to the Russian government¹s involvement, portions of which we have documented for the public and the greater security community.
Guccifer 2.0
Most of us have heard of Guccifer – the Romanian hacker who broke into the Bush family’s private e-mail accounts, as well as Hillary Clinton’s and other important political figures, exposing personal information. The Guccifer 2.0 name is an obvious nod to one of the most famous hackers in history, but the blog post where he claimed responsibility wasn’t so much about the DNC documents, as it was about Crowdstrike’s work so far.
“Worldwide known cyber security company CrowdStrike announced that the Democratic National Committee (DNC) servers had been hacked by “sophisticated” hacker groups,” he wrote.
“I’m very pleased the company appreciated my skills so highly))) But in fact, it was easy, very easy.”
“Shame on CrowdStrike: Do you think I’ve been in the DNC’s networks for almost a year and saved only 2 documents? Do you really believe it?”
If Guccifer 2.0 is right, it’s hard to say which is worse – the fact that he managed to break in with ease, or that Crowdstrike might have been wrong and shifted the blame towards another target.
Leaks: Trump, Democratic donors list, and secret documents
To prove his point, the hacker provided some of the files from the breach, including the DNC’s “Donald Trump Report” – a research, well, basically dirt on the Republican nominee that’s over 200 pages long. Among the first chapters we can find titles like: “Trump Is Loyal Only To Himself”, “Trump Is A Liar”, “Trump Has Repeatedly Offended Minorities With Demeaning Comments”, or “Bad Businessman”. You can see where this is going.
An official statement reassured everyone that no financial documents were leaked. The files exposed in the blog post prove this statement is not true: “DNC chairwoman Debbie Wasserman Schultz said no financial documents were compromised. Nonsense! Just look through the Democratic Party lists of donors!”
The same goes for secret documents: “They say there were no secret docs! Lies again! Here is a secret document from Hillary’s PC she worked with as the Secretary of State.”
Real or fake?
So far, everything in this blog post seems to be true. Even some security experts think that these documents are as real as they are described. Probably the most important motive anyone would have to put all this time and effort into fake documents would be to throw the investigators on a wrong path, but even in that case these documents would still be next to impossible to pull off in less than 24 hours since the DNC’s announcement of the breach, or in any amount of time for that matter, because the files contain too much classified information. Besides, the blog post puts the spotlight on Crowdstrike so often that it almost seems an attack against the security company as well. The security company is verifying the authenticity of the documents but still stands by the initial findings – that Russian government hackers were involved. Codenamed “Cozy Bear” and “Fancy Bear,” these notorious hacker groups infiltrated government networks around the world, and the official version is that they are still the ones responsible for the DNC breach.
Guccifer 2.0 wrote in the blog post that all the files – papers, thousands of files, mails, have been sent to Wikileaks, therefore it’s just a matter of time until everyone will have access to the entire leak, which will probably prove who’s right about the claim.
