Russian Hacking: FBI Failed to Notify US Targets

<p class&equals;"MsoNormal">The Russian state-backed cyberespionage group &ldquo&semi;Fancy Bear&rdquo&semi; has largely been blamed for the DNC email hack that helped Donald Trump win the election by further damaging Hillary Clinton&rsquo&semi;s reputation&period;<&sol;p>&NewLine;<p class&equals;"MsoNormal">Now comes the news that the FBI failed to notify several US officials that Fancy Bear was trying to break into their personal email accounts &ndash&semi; despite knowing about the scheme for over a year&period;<&sol;p>&NewLine;<p class&equals;"MsoNormal">&ldquo&semi;It&rsquo&semi;s utterly confounding&comma;&rdquo&semi; said Philip Reiner&comma; a former senior director with the NSA and one of Fancy Bear&rsquo&semi;s targets&period; &ldquo&semi;You&rsquo&semi;ve got to tell your people&period; You&rsquo&semi;ve got to protect your people&period;&rdquo&semi;<&sol;p>&NewLine;<p class&equals;"MsoNormal">A senior FBI official insists the agency is overwhelmed by the number of attempted hacks&period; &ldquo&semi;It&rsquo&semi;s a matter of triaging to the best of our ability the volume of the targets who are out there&period;&rdquo&semi;<&sol;p>&NewLine;<p class&equals;"MsoNormal">The <em>Associated Press<&sol;em> responded to this statement by conducting its own triage&comma; dedicating a small team of reporters to look through a list of Fancy Bear targets provided by the cybersecurity firm Secureworks&period;<&sol;p>&NewLine;<p class&equals;"MsoNormal">The AP identified over 500 US-based people and groups&comma; including current and former military personnel&comma; diplomats&comma; Democratic operatives&comma; and ex-intelligence workers&period; After reaching out to nearly 200 of them&comma; the AP uncovered just 2 instances in which targets received a heads-up from the FBI&period;&nbsp&semi;<&sol;p>&NewLine;<p class&equals;"MsoNormal">&ldquo&semi;It&rsquo&semi;s absolutely not okay for them to use an excuse that there&rsquo&semi;s too much data&comma;&rdquo&semi; says Charles Sowell&comma; a Fancy Bear target who previously worked in the DNI&rsquo&semi;s office&period; &ldquo&semi;Would that hold water if there were a serial killer investigation&comma; and people were calling in tips left and right&comma; and they were holding up their hands and saying&comma; &lsquo&semi;It&rsquo&semi;s too much&quest;&rsquo&semi;&rdquo&semi;<&sol;p>&NewLine;<p class&equals;"MsoNormal">AP journalists did some more digging&comma; traveling abroad to visit the company where someone registered DCLeaks&period;com &lpar;the first of three websites to publish emails stolen from the DNC&rpar; and the company that hosted DCLeaks&rsquo&semi; stolen files during the electoral campaign&period; In both cases&comma; the owners said they had never been approached by law enforcement&period;&nbsp&semi;<&sol;p>&NewLine;<p class&equals;"MsoNormal"><strong>We still don&rsquo&semi;t know exactly what information was stolen during the attack&period;<&sol;strong><&sol;p>&NewLine;<p class&equals;"MsoNormal">According to an AP analysis&comma; 131 of 312 targets clicked the malicious link sent to them &ndash&semi; meaning up to 40&percnt; came dangerously close to handing over their passwords&period;<&sol;p>&NewLine;<p class&equals;"MsoNormal">While many of the targets are retired officials&comma; their email accounts contain information dating back to a time when they occupied sensitive government positions&period;<&sol;p>&NewLine;<p class&equals;"MsoNormal">&ldquo&semi;The fact that a reporter told me about DCLeaks kind of makes me sad&comma;&rdquo&semi; said retired Maj&period; James Phillips&comma; who was one of the first people to have his emails published on DCLeaks last summer&period; &ldquo&semi;I wish it had been a government source&period;&rdquo&semi;<&sol;p>&NewLine;<p class&equals;"MsoNormal">Michael McFaul&comma; a former US ambassador to Russia&comma; has been repeatedly targeted by Fancy Bear&period; He has yet to receive a warning from the FBI&period;<&sol;p>&NewLine;<p class&equals;"MsoNormal">&ldquo&semi;Our government needs to be taking greater responsibility to defend its citizens in both the physical and cyber worlds&comma; now&comma; before a cyberattack produces an even more catastrophic outcome than we have already experienced&period;&rdquo&semi;<&sol;p>&NewLine;<p class&equals;"MsoNormal">&&num;8212&semi;<&sol;p>&NewLine;<p class&equals;"MsoNormal">Questions over the FBI&rsquo&semi;s handling of the DNC hacking incident date back to March 2016&comma; when agents showed up unannounced at Hillary Clinton&rsquo&semi;s Brooklyn HQ to warn her about a flood of password-stealing emails&period;&nbsp&semi;The agents refused to say who was behind the attempted hack and offered little more than generic security tips&period;&nbsp&semi;<&sol;p>&NewLine;<p class&equals;"MsoNormal">The DNC computer server was supposedly penetrated &lpar;allegedly by Fancy Bear&rpar; in April&period;&nbsp&semi;The FBI never took custody of that computer&comma; instead using a copy that was later described by former FBI Director James Comey as an &ldquo&semi;appropriate substitute&period;&rdquo&semi;<&sol;p>&NewLine;<p class&equals;"MsoNormal"><strong>Editor&&num;8217&semi;s note&colon;<&sol;strong> A lot of hacking is going on from all sides&comma; not just the Russians&period; But if the FBI has knowledge that a crime has been committed&comma; their obligation is to protect Americans&period;&nbsp&semi;<&sol;p>&NewLine;