A Blog by Jonathan Low

 

Jul 13, 2018

How Russian Intelligence Officers Used Bitcoin To Hack the 2016 US Election

Clever. If not exactly surprising. JL

Tom Schoenberg and colleagues report in Bloomberg, Kia Kokalitcheva reports in Axios:

Two separate Russian units of the GRU intelligence agency stole emails and information from Democrats and then disseminated it via online personas. The Russians masked their activities by using cryptocurrencies such as Bitcoin to buy servers, register Internet domains and make other payments in the hacking operation, according to the indictment. It said the Russians also funded the operation in part by “mining” Bitcoin.
Axios The Justice Department alleges that the Russian intelligence officers who were indicted today in the Mueller investigation used cryptocurrencies like Bitcoin to purchase and fund their hacking operations.
Why it matters: Since its birth in 2009, Bitcoin has been criticized for enabling criminal activities thanks to its anonymity. The online black market Silk Road infamously used Bitcoin to let its customers buy and sell without being identified.How they used Bitcoin:
  • The conspirators used the cryptocurrency to purchase infrastructure like web domain addresses and servers. Many of the payments were processed by U.S. companies providing services to vendors both in the U.S. and abroad.
  • They also used Bitcoin to fund their activities by mining it. When mining Bitcoin — by using computing power to calculate, verify, and record transactions on the network — the participant earns cryptocurrency, which can then be sold for fiat currency or used for transactions.
Be smart: Despite its reputation, Bitcoin isn't fully anonymous, as investigators can track transactions on its public ledger. This is how federal agents famously caught corrupt colleagues involved with Silk Road.
Bloomberg Special Counsel Robert Mueller indicted 12 Russian intelligence officers for hacking offenses related to the 2016 U.S. presidential campaign.

The 12, who are members of the GRU, Russia’s military intelligence agency, are accused of stealing usernames and passwords of volunteers in Democrat Hillary Clinton’s campaign, including its chairman John Podesta. They also allegedly hacked into the computer network of the Democratic National Committee and the Democratic Congressional Campaign Committee, in an operation starting around March 2016.
The charges include conspiracy to commit an offense against the U.S., aggravated identity theft and conspiracy to launder money. They are accused of releasing the stolen emails on the web.
The announcement came only three days before President Donald Trump is to meet Russian President Vladimir Putin in Helsinki. Senate Democratic leader Chuck Schumer quickly called for Trump to cancel the summit, saying, “Glad-handing with Vladimir Putin on the heels of these indictments would be an insult to our democracy.”
White House spokeswoman Lindsay Walters said in a statement that “today’s charges include no allegations of knowing involvement by anyone on the campaign and no allegations that the alleged hacking affected the election result.”

Trump Briefed

Deputy Attorney General Rod Rosenstein told reporters Friday that “I briefed President Trump about these allegations earlier this week. The president is fully aware of the department’s actions.”
The Russian ruble reversed gains after the indictments were announced and fell as much as 0.5 percent against the U.S. dollar.
Rosenstein said two separate Russian units of the GRU intelligence agency stole emails and information from Democrats and then disseminated it via online personas, DCLeaks and Guccifer 2.0. He also said there’s no allegation in the indictment that any American was involved in the operation.
“The object of the conspiracy was to hack into the computers of U.S. persons and entities involved in the 2016 U.S. presidential election, steal documents from those computers, and stage releases of the stolen documents to interfere with the 2016 U.S. presidential election," the indictment said.

Cryptocurrencies Used

The Russians masked their activities by using cryptocurrencies such as Bitcoin to buy servers, register Internet domains and make other payments in the hacking operation, according to the indictment. It said the Russians also funded the operation in part by “mining” Bitcoin.
The indictment said the Russians shifted their hacking tactics “on or about July 27, 2016” to target a domain hosted by a provider used by Clinton’s personal office and 76 email addresses at the Clinton campaign’s Internet domain. That was the same day that Trump urged the Russians “to find the 30,000 emails that are missing.”
According to the indictment, a congressional candidate who wasn’t identified asked Guccifer 2.0 in August 2016 to provide stolen documents about the candidate’s opponent and documents were provided.

Detailed Explanation

The indictments are the most detailed explanation so far of how units of Russia’s GRU attempted to influence the 2016 election by stealing Democratic emails, then releasing them in ways meant to dominate news headlines as voters made up their minds on who to support.
Prosecutors also detailed a second Russian operation targeting the infrastructure that Americans use to cast their ballots and the officials that oversee those elections locally.
During the summer and fall of 2016, President Barack Obama’s administration was concerned the second operation might be the more serious one, potentially undercutting confidence in the election outcome if voters were turned away from the polls because their registration information had been deleted or changed. White House officials sent several warnings to Russia to try to head that off, including the first use of the so-called cyber red phone -- a direct line of communication between the Kremlin and the White House.
In the end, the influence operation turned out to be the most successful of the two, as leaked DNC emails fed rancor within the Democratic Party and media outlets wrote countless stories based on the stolen emails.

Earlier Indictments

With the charges, Mueller’s prosecutors have marked out other Internet pathways they say Russia used to influence the U.S. election. On Feb. 16, his prosecutors charged 13 Russians and three Russian entities they said were part of a broader effort to sow discord among U.S. voters through social media -- which they used to impersonate Americans, coordinate with unwitting U.S. activists and even plan rallies.
Trump told reporters in London Friday that he will “absolutely firmly” ask Putin about the finding by U.S. intelligence agencies that he authorized the campaign of interference. But he added, “I don’t think you’ll have any ‘Gee, I did it, I did it, you got me” confession.

Trump has frequently dismissed the Russia probe as a “witch hunt” and expressed his anger that Attorney General Jeff Sessions recused himself from overseeing the investigation. That put Rosenstein in charge, and he promptly appointed former FBI Director Mueller as special counsel.
U.S. intelligence agencies have concluded that Putin personally ordered a campaign to undermine “public faith in the U.S. democratic process” with the goal of hurting Clinton’s candidacy and ultimately helping to elect Trump.
Because Mueller has maintained public silence on his investigation, Rosenstein has made the few public pronouncements on the probe outside of legal documents and courtroom proceedings.

0 comments:

Post a Comment