As the former chair of the Clinton campaign and a direct target of Russian hacking, I understand just how serious this is. So I was surprised to read in the New York Times that when the FBI discovered the Russian attack in September 2015, it failed to send even a single agent to warn senior Democratic National Committee officials. Instead, messages were left with the DNC IT “help desk.” As a former head of the FBI cyber division told the Times, this is a baffling decision: “We are not talking about an office that is in the middle of the woods of Montana.”
Here's the passage in the Times piece, which I need to quote at some length to capture the flavor of the passage (with a few sentences highlighted) ...
When Special Agent Adrian Hawkins of the Federal Bureau of Investigation called the Democratic National Committee in September 2015 to pass along some troubling news about its computer network, he was transferred, naturally, to the help desk.
His message was brief, if alarming. At least one computer system belonging to the D.N.C. had been compromised by hackers federal investigators had named “the Dukes,” a cyberespionage team linked to the Russian government.
The F.B.I. knew it well: The bureau had spent the last few years trying to kick the Dukes out of the unclassified email systems of the White House, the State Department and even the Joint Chiefs of Staff, one of the government’s best-protected networks.
Yared Tamene, the tech-support contractor at the D.N.C. who fielded the call, was no expert in cyberattacks. His first moves were to check Google for “the Dukes” and conduct a cursory search of the D.N.C. computer system logs to look for hints of such a cyberintrusion. By his own account, he did not look too hard even after Special Agent Hawkins called back repeatedly over the next several weeks — in part because he wasn’t certain the caller was a real F.B.I. agent and not an impostor.
“I had no way of differentiating the call I just received from a prank call,” Mr. Tamene wrote in an internal memo, obtained by The New York Times, that detailed his contact with the F.B.I.
It was the cryptic first sign of a cyberespionage and information-warfare campaign devised to disrupt the 2016 presidential election, the first such attempt by a foreign power in American history. What started as an information-gathering operation, intelligence officials believe, ultimately morphed into an effort to harm one candidate, Hillary Clinton, and tip the election to her opponent, Donald J. Trump.
Like another famous American election scandal, it started with a break-in at the D.N.C. The first time, 44 years ago at the committee’s old offices in the Watergate complex, the burglars planted listening devices and jimmied a filing cabinet. This time, the burglary was conducted from afar, directed by the Kremlin, with spear-phishing emails and zeros and ones.
An examination by The Times of the Russian operation — based on interviews with dozens of players targeted in the attack, intelligence officials who investigated it and Obama administration officials who deliberated over the best response — reveals a series of missed signals, slow responses and a continuing underestimation of the seriousness of the cyberattack.
The D.N.C.’s fumbling encounter with the F.B.I. meant the best chance to halt the Russian intrusion was lost. The failure to grasp the scope of the attacks undercut efforts to minimize their impact. And the White House’s reluctance to respond forcefully meant the Russians have not paid a heavy price for their actions, a decision that could prove critical in deterring future cyberattacks.
The low-key approach of the F.B.I. meant that Russian hackers could roam freely through the committee’s network for nearly seven months before top D.N.C. officials were alerted to the attack and hired cyberexperts to protect their systems. In the meantime, the hackers moved on to targets outside the D.N.C., including Mrs. Clinton’s campaign chairman, John D. Podesta, whose private email account was hacked months later.
I don't normally like to blockquote so much of another article. But I do so here for a specific reason: I want to capture not just the narrative of events but the editorial gloss. The impression is one of a Clinton campaign or DNC that couldn't keep its eye on the ball, missed the clues. "The D.N.C.’s fumbling encounter with the F.B.I. meant the best chance to halt the Russian intrusion was lost. "
Clearly, one wishes that Tamene would have escalated the calls to the right person in the organization. But even running the very small (under 25 people) organization I do, it's not surprising to me that it turned out the way that it did. Even at our small level, the volume of over-the-transom information is immense. Most times that information is handled by people who don't have all the information to judge whether a particular communication is critical or insubstantial or whether it's a hoax or not. Our team does a great job of it, as you can judge by how many leads and scoops we've found over the years in the torrent of email traffic we receive every day. Still, stuff gets missed. And we're a really small operation. The idea that an FBI investigation into foreign government espionage against one of the country's two major political party's would have been handled with a call to the computer help line is almost beyond belief.
It goes without saying that FBI Headquarters in Washington, DC has a very clear understanding of who runs the Democratic National Committee, starting - at the time - with the sitting Member of Congress who ran the organization. Then there's the executive director. The finance chair. Myriad executive, national committeepersons. If this was a serious business, which obviously it was, and the FBI thought it was important to get the attention of a decision-maker in the organization, it would have been very easy to do. But the way it was handled was something like the equivalent of seeing a problem at a major corporation and leaving messages with the receptionist.
As Podesta puts it ...
What takes this from baffling to downright infuriating is that at nearly the exact same time that no one at the FBI could be bothered to drive 10 minutes to raise the alarm at DNC headquarters, two agents accompanied by attorneys from the Justice Department were in Denver visiting a tech firm that had helped maintain Clinton’s email server.
Defeat is bitter, especially if you have reason to believe that you were cheated in some sense. It makes it vastly harder to let go. But I get why Podesta went apoplectic about this. I don't believe the right 'private server investigation' hand knew what the left 'counter-espionage' hand was doing. So much of history is written in the dead weight of bureaucratic inertia and confusion. In any case these are different beasts. They each needed to be handled on their own terms. But again, it is astonishing that the FBI knew this intrusion was afoot for the better part of a year before making any real attempt to contact the principals of the organization.
With the dirty play of the special agents in the New York field office, Comey's July tongue-lashing, his outrageous late October letter to Congress and then this, it's hard to have much of any trust that the FBI is a fair-minded custodian of the immense power it wields.