FBI and Homeland Security publish technical details of Russian hack meant to help Trump

As Donald Trump continues to downplay Russian cyberwarfare against the United States designed to help him win the presidential election, technical details are emerging.

The press gave a lot of attention to the sanctions against Russia announced yesterday. Republicans, including Senator Lindsay Graham and Speaker of the House Paul Ryan, reacted by saying these could and should have been harsher.

Some strong Trump backers say there’s no evidence of Russian involvement and Trump himself has suggested several times that the stolen electronic documents could have been procured by a sole individual, perhaps “somebody sitting on their bed that weighs 400 pounds.” Such statements deny the evidence-based conclusions of all U.S. intelligence agencies.

Evidence goes beyond the fact that the target and timing of the hacking helped Trump.

On the same day sanctions were announced, the FBI and Department of Homeland Security published a Joint Analysis Report about the activities of the Russian intelligence services (RIS).

According to this report,

Screenshot 2016-12-30 09.15.39

From: Joint Analysis Report Reference Number JAR-16-20296. “Grizzly Steppe – Russian Malicious Cyber Activity.” Department of Homeland Security and FBI. December 29, 2016. [https://www.us-cert.gov/sites/default/files/publications/JAR_16-20296A_GRIZZLY%20STEPPE-2016-1229.pdf]

Specifics include the following:

Technical Details Indicators of Compromise (IOCs) IOCs associated with RIS cyber actors are provided within the accompanying .csv and .stix files of JAR-16-20296. Yara Signature rule PAS_TOOL_PHP_WEB_KIT { meta: description = “PAS TOOL PHP WEB KIT FOUND” strings: $php = “ 20KB and filesize < 22KB) and #cookie == 2 and #isset == 3 and all of them }

Per the report, these efforts were done “to compromise and exploit networks and endpoints associated with the U.S. election.”

Another report will be completed before Trump takes office.

Trump’s refusal to take Russian cyberwarfare seriously will continue to rankle foreign policy hands and members of the intelligence community. Over 60% of Americans want this to be investigated; only 33% do not.

The U.S. will not simply “move on,” as Trump said he prefers. There will be an investigation by Congress or an independent commission.


Amy Fried

About Amy Fried

Amy Fried loves Maine's sense of community and the wonderful mix of culture and outdoor recreation. She loves politics in three ways: as an analytical political scientist, a devoted political junkie and a citizen who believes politics matters for people's lives. Fried is Professor of Political Science at the University of Maine. Her views do not reflect those of her employer or any group to which she belongs.