The well-timed leak of e-mails from the Democratic National Committee, following a long-running breach of the DNC’s network, is a masterful piece of information warfare. The leak may only be the beginning of an effort to shape the US presidential election, or it may be a backup plan triggered by the exposure of the long-running breach. But the hacking of the DNC and the direct targeting of Hillary Clinton are only parts of a much larger operation by Russia-based hackers who have breached a number of US government networks.
Evidence collected by the security firm CrowdStrike and forensic work by Fidelis point to the breach being caused by two “threat groups” associated with Russian intelligence organizations. A pair of reports published in June by SecureWorks suggests that the same threat groups conducted phishing campaigns against the e-mail addresses of the DNC. The same attackers targeted the addresses of Clinton campaign staffers, political consultants, journalists, and current and former members of the military, among others.
At a minimum, this suggests that the DNC breach was part of a larger intelligence collection operation. The leaked data from the DNC breach, however, may have been intended to create chaos and uncertainty around the election. But why would the Russian government open that can of worms? It’s possible that this fits into a larger Russian strategy aimed at splintering NATO and countering what Russia has seen over the past decade as encroachment by the West on Russia’s national interests.