Thursday, December 15, 2016
Hacking the hacks
The Smoking Gun looked into the RNC claims that they weren't hacked. I pick up the story about halfway:
For his part, Trump dismissed as “ridiculous” reports that the Russian operation sought to aid his campaign, in part by only distributing material hacked from Democrats.
It sure is weird how this particular "email scandal" doesn't seem to have the Republicans and their allies very worked up.
In fact, the president-elect is unsure about who hacked the DNC, John Podesta, and other Clinton campaign workers. Trump has surmised that the culprit could be Russia, China, or “somebody sitting in a bed someplace.” In a tweet yesterday, Trump even declared, “Unless you catch ‘hackers’ in the act, it is very hard to determine who was doing the hacking.”
But despite the Priebus and Spicer denials--and Trump’s shaky hacking analysis--the RNC appears to be among those victimized by a Russian hacking group affiliated with either the F.S.B. (successor to the K.G.B.) or the G.R.U., a military intelligence agency.
In August, TSG detailed how hackers successfully breached the Gmail accounts of Clinton campaign staffers and then distributed purloined correspondence via DC Leaks, a web site that appeared online in early-June. Material stolen in the hacks of the DNC and the Democratic Congressional Campaign Committee was peddled by “Guccifer 2.0,” a purported “hacktivist” who uploaded documents to his WordPress blog, sent material directly to numerous journalists, and took credit for providing Wikileaks with more than 40,000 DNC e-mails (and 17,000+ attachments).
U.S. intelligence officials have identified DC Leaks and “Guccifer 2.0” as distribution methods set up by the Russian hackers. Both channels have been dormant for nearly two months.
DC Leaks has posted e-mails stolen from a handful of Clinton campaign staffers, several retired military officials, former Secretary of State Colin Powell, and financier George Soros’s Open Society Foundation. And, as TSG first reported on August 12, the site’s “Portfolio” also includes a collection titled “The United States Republican Party.”
While the nearly 300 Republican-related e-mails posted on DC Leaks are uniformly innocuous, the collection is noteworthy for the scope of victims it reveals. The material includes correspondence lifted from the campaign committees of various elected officials, including Senator John McCain, Senator Lindsey Graham, and Representative Robert Hurt. Several state GOP organizations, Republican PACs, and campaign consultants also had their e-mail accounts compromised.
The GOP hacking sampler on DC Leaks includes correspondence scattered across a four-month period ending in late-October 2015. One of those stolen e-mails indicates that the Russian hackers had access to the RNC’s e-mail server.
An October 13 e-mail sent to firstname.lastname@example.org is among the correspondence posted to DC Leaks. The e-mail, sent by a Republican voter, was addressed to Priebus and addressed “gun control rhetoric” from Democratic candidates and their operatives.
So how did an e-mail sent to the RNC’s public-facing address end up in the hands of hackers? For that answer, all roads lead to Tennessee.
As TSG previously reported, the Republican elected officials and organizations whose e-mails appear on DC Leaks have all used Smartech, a Chattanooga-based firm, to host their web sites and e-mail operations. The company and its parent, Airnet Group, have done work for a Who’s Who of Republican figures, including George W. Bush, Karl Rove, John Bolton, Mitt Romney, Newt Gingrich, and the Koch brothers.
While Smartech officials did not return TSG phone calls and e-mails seeking comment on whether their systems had been compromised, a Republican client of the company told TSG that the firm privately acknowledged such a breach.
Tom Del Beccaro, ex-chairman of the California Republican Party, told TSG that Smartech admitted being hacked. The firm’s disclosure came several months ago, not long after DC Leaks published its portfolio of stolen GOP e-mails. Del Beccaro, who unsuccessfully ran this year for the Senate seat being vacated by Barbara Boxer, contracted with the firm to host his campaign’s web site and e-mail server.
Since the 2008 federal election cycle, Smartech has been paid more than $11 million by the Republican National Committee for a wide variety of tech services, including web hosting and call centers. During the final four months of the 2016 campaign, the RNC paid Smartech nearly $400,000 for “data services,” Federal Election Commission records show. In a front-page testimonial on the Airnet web site, the GOP enthuses that the company has been “an all-encompassing intelligent technology provider and knowledge resource for the RNC.”
The Republican Party’s main web site, gop.com, was hosted for many years by Smartech, which was supplanted by Amazon in early-2014. Within the past two months, the GOP web site has contracted with Fastly, a content delivery network whose clients include BuzzFeed, Vimeo, and Kayak. Amazon, whose CEO Jeff Bezos owns The Washington Post and has a net worth dwarfing Trump’s, has been the frequent target of scorn from Trump. Bezos, Trump contends, is a tax-avoiding monopolist with a “huge antitrust problem.”
But while Smartech has not hosted the gop.com web site for more than two years, the company has continuously provided the RNC with its e-mail service, records show.
At Smartech, the RNC’s e-mail server is dubbed “barracuda1.” The same mail server, records show, was used by many of the Republican candidates (McCain, Graham, Hurt, Del Beccaro, former Rep. Michele Bachmann) and state parties (Illinois, Connecticut, Rhode Island, Wyoming) whose e-mail accounts were compromised and had some of their correspondence posted to DC Leaks.
After becoming aware of the hacking, “barracuda1” clients like McCain, Graham, and Hurt have relocated their campaign e-mail accounts from Smartech. Notably, while some prominent Republicans have shied from linking Russia to the DNC and Clinton campaign hacking, McCain and Graham have shown no such hesitance. McCain has said that, “it’s clear the Russians interfered” in the presidential election. In return for meddling in U.S. affairs, Graham announced, “I’m going after Russia in every way you can go after Russia...I want Putin personally to pay a price.”
When interviewed Sunday by ABC’s George Stephanopolous, Priebus said that the RNC contacted the FBI after the DNC hack was disclosed in mid-June. Federal agents, Priebus said, subsequently “reviewed all of our systems” and concluded that “the RNC was not hacked.” Assertions to the contrary, Priebus stated, are “absolutely not true.”
Perhaps the next time Priebus appears on the Sunday TV circuit someone will ask him about the breach of “barracuda1” in Chattanooga, 600 miles southwest of the RNC’s Capitol Hill headquarters. And the fact that only a single stray RNC e-mail has been uploaded by the Russian hackers responsible for the theft and subsequent distribution of 95,000 e-mails swiped from the DNC and Podesta.
digby 12/15/2016 09:00:00 AM