The Russians are not the only game in town when it comes to cyberwarfare, Acting Defense Secretary Patrick Shanahan said on Thursday amid revelations in the Mueller report about how Russian intelligence officers interfered with the 2016 presidential election.
Released on Thursday, a redacted copy of the report details how the GRU – Russian military intelligence – broke into government, company, and personal computers to steal a treasure trove of information that was used to smear Hillary Clinton.
But the U.S. government is not helpless against Russian hackers, said Shanahan, who has not read the Mueller report.
“The Russians present a risk,” Shanahan told reporters on Thursday. “My job is to manage the risk. We have tremendous capability at Cyber Command and the NSA.”
The Mueller report shows how GRU units waged a campaign aimed at tilting the 2016 election in then candidate Donald Trump’s favor. The Russians ultimately released hundreds of thousands of documents to Wikileaks and other organizations to interfere with the presidential election.
GRU Military Units 26165 and 74455 were involved with the hacking of the Clinton campaign, the Democratic National Committee, and the Democratic Congressional Campaign Committee, the report says.
“Military Unit 26165 is a GRU cyber unit dedicated to targeting military, political, governmental, and non-governmental organizations outside of Russia, including in the United States,” the report says. “The unit was sub-divided into departments with different specialties. One department, for example, developed, specialized malicious software (‘malware’), while another department conducted large-scale spear phishing campaigns.”
“Military Unit 74455 is a related GRU unit with multiple departments that engaged in cyber operations. Unit 74455 assisted in the release of documents stolen by Unit 26165, the promotion of those releases, and the publication of anti-Clinton content on social media accounts operated by the GRU. Officers from Unit 74455 separately hacked computers belonging to state boards of elections, secretaries of state, and U.S. companies that supplied software and other technology related to the administration of elections.”
As early as April 16, 2016, the GRU began planning to release the stolen documents by registering the domain name “DCleaks.com,” the report says. That June, the GRU used the fictitious persona “Guccifer 2.0” to release more documents.
More troubling, the GRU sent stolen information to a candidate for Congress, a blogger who covers Florida politics, and a reporter, the report says. None of those people were named in the report.
The report also notes that the GRU used the Guccifer 2.0 persona to contact a former Trump campaign member, whose name is redacted, but it does not appear that the campaign staffer was interested in the stolen information.
In July, a grand jury indicted 10 GRU officers for their role in the hacking, but Russia does not have an extradition treaty with the United States.