The Russian state-backed cyberespionage group “Fancy Bear” has largely been blamed for the DNC email hack that helped Donald Trump win the election by further damaging Hillary Clinton’s reputation.
Now comes the news that the FBI failed to notify several US officials that Fancy Bear was trying to break into their personal email accounts – despite knowing about the scheme for over a year.
“It’s utterly confounding,” said Philip Reiner, a former senior director with the NSA and one of Fancy Bear’s targets. “You’ve got to tell your people. You’ve got to protect your people.”
A senior FBI official insists the agency is overwhelmed by the number of attempted hacks. “It’s a matter of triaging to the best of our ability the volume of the targets who are out there.”
The Associated Press responded to this statement by conducting its own triage, dedicating a small team of reporters to look through a list of Fancy Bear targets provided by the cybersecurity firm Secureworks.
The AP identified over 500 US-based people and groups, including current and former military personnel, diplomats, Democratic operatives, and ex-intelligence workers. After reaching out to nearly 200 of them, the AP uncovered just 2 instances in which targets received a heads-up from the FBI.
“It’s absolutely not okay for them to use an excuse that there’s too much data,” says Charles Sowell, a Fancy Bear target who previously worked in the DNI’s office. “Would that hold water if there were a serial killer investigation, and people were calling in tips left and right, and they were holding up their hands and saying, ‘It’s too much?’”
AP journalists did some more digging, traveling abroad to visit the company where someone registered DCLeaks.com (the first of three websites to publish emails stolen from the DNC) and the company that hosted DCLeaks’ stolen files during the electoral campaign. In both cases, the owners said they had never been approached by law enforcement.
We still don’t know exactly what information was stolen during the attack.
According to an AP analysis, 131 of 312 targets clicked the malicious link sent to them – meaning up to 40% came dangerously close to handing over their passwords.
While many of the targets are retired officials, their email accounts contain information dating back to a time when they occupied sensitive government positions.
“The fact that a reporter told me about DCLeaks kind of makes me sad,” said retired Maj. James Phillips, who was one of the first people to have his emails published on DCLeaks last summer. “I wish it had been a government source.”
Michael McFaul, a former US ambassador to Russia, has been repeatedly targeted by Fancy Bear. He has yet to receive a warning from the FBI.
“Our government needs to be taking greater responsibility to defend its citizens in both the physical and cyber worlds, now, before a cyberattack produces an even more catastrophic outcome than we have already experienced.”
Questions over the FBI’s handling of the DNC hacking incident date back to March 2016, when agents showed up unannounced at Hillary Clinton’s Brooklyn HQ to warn her about a flood of password-stealing emails. The agents refused to say who was behind the attempted hack and offered little more than generic security tips.
The DNC computer server was supposedly penetrated (allegedly by Fancy Bear) in April. The FBI never took custody of that computer, instead using a copy that was later described by former FBI Director James Comey as an “appropriate substitute.”
Editor’s note: A lot of hacking is going on from all sides, not just the Russians. But if the FBI has knowledge that a crime has been committed, their obligation is to protect Americans.