Tierney_j1gbg4

Tierney Sneed

Tierney Sneed is a reporter for Talking Points Memo. She previously worked for U.S. News and World Report. She grew up in Florida and attended Georgetown University.

Articles by

A federal grand jury on Friday handed down an indictment in special counsel Robert Mueller’s Russia investigation that provided new details about Russia hackers’ attempted, and in at least one case, successful infiltration of state and local election systems.

According to the indictment, the personal information of approximately 500,000 voters was stolen in a July 2016 hack, led by a Russian military officer, of an unnamed state’s board of elections website. That is more than double what was previously reported about a hack that began in June 2016 of the Illinois’ voter registration database, where officials said that fewer than 200,000 voter files were infiltrated. The indictment did not say specifically if the hack involved Illinois, but a statement from the state’s board of elections Friday said that was “likely” the attack Mueller was referring to.

The board of elections had previously notified 76,000 voters whose registration data may have been viewed, the statement said, and there have been no cases of suspicious activity with that data reported.

“The figure 500,000 referred to in the indictment may have been arrived at using a different methodology prescribed under federal criminal code,” the statement said. “As part of our review of the indictment, we will be contacting federal law enforcement to obtain more information on the number referenced in the indictment.”

Anatoliy Kovalev, a Russian military officer who worked in a GRU building, allegedly led the cyberattacks on U.S. election administrators, with Aleksandr Osadchuk, a Russian military colonel who headed one of the units of hackers named in the indictment.

[ Who’s who: Decoding the unnamed entities in Mueller’s Russian hacking indictment (Prime access) » ]

“The object of the conspiracy was to hack into the computers of U.S. persons and entities involved in the 2016 U.S. presidential election, steal documents from those computers, and stage releases of the stolen documents to interfere with the 2016 U.S. presidential election,” Mueller said.

The operation allegedy included researching the websites of state boards of election, secretaries of states and other election-related websites for vulnerabilities.

The Department of Homeland Security last year informed 21 states that their elections systems had been among those targeted by the Russians, many in so-called “scans” — a fairly common tactic seeking to identify the vulnerabilities in a website. However, details about the particular intrusion attempts still remain murky.

Deputy Attorney General Rod Rosenstein at a press conference Friday unveiling the charges said that the indictment contained no allegations that vote totals were changed or that election results were affected.

Mueller in his indictment provided details on the attempted intrusions in just a handful of states. He said that county election websites in Georgia, Iowa and Florida were searched for vulnerabilities by the Russian hackers in or around October 28.

Georgia was not one of the 21 states DHS last year informed of being a target of the hackers.

Kovalev and his co-conspirators — some known, and some unknown to the grand jury, the indictment said — used some of the infrastructure they used to hack the state board of elections to hack the computers of a U.S. company, known as Vendor 1, that “supplied software used to verify voter registration information for the 2016 U.S. elections.”

They then used an email account “designed to look like a Vendor 1 email address to send over 100 spearphishing emails to organizations and personnel involved in administering elections in numerous Florida counties,” according to the indictment.

“The spearphishing emails contained malware that the Conspirators embedded into Word documents bearing Vendor 1’s logo,” Mueller said.

The details of the attack on the vendor align with a top secret National Security Agency report obtained by the Intercept last year about a spearphishing attack on a election vendor. The NSA report did not refer to the vendor by name, but The Intercept identified the company as the Florida-based VR Systems. (VR Systems has denied the breach).

The spokeswoman, Sarah Revell, in response to TPM’s inquiry about the details in Mueller’s indictment Friday, said in a statement:

“To be clear, the 2016 elections in Florida was not hacked in any way. As we have stated multiple times, the Department of State was notified by the Department of Homeland Security in September 2017 that Florida was unsuccessfully targeted by hackers in 2016. This attempt was not in any way successful and Florida’s online elections databases and voting systems remained secure.”

Revell added: “The Department is focused on the continued security and integrity of Florida’s elections in 2018 and beyond.”

Asked about the spearphishing emails, she said that it was “widely reported in 2017 that some Florida counties were targeted by a phishing email and we are aware of those reports.”

“Our understanding is that security protocols for phishing emails were followed by all counties. To our knowledge, no evidence exists that any unauthorized access occurred nor were any potential hacking attempts successful,” she said.

It’s not clear yet how much overlap there is between the evidence gatheredDd by Mueller that was unveiled Friday and the probe into election meddling by the Senate Intelligence Committee, which previewed some of its Russian cyber-intrusion findings in May.

The Senate Intel summary released in May said that in at least six states, Russia’s attempts to hack election administrators went beyond the scans for vulnerabilities. A majority of those attempts, according to the committee, were “Structure Query Language (SQL)” injections, a tactic that Illinois officials previously had said was used on their elections system.

“In a small number of states, Russian-affiliated cyber actors were able to gain
access to restricted elements of election infrastructure. In a small number of
states, these cyber actors were in a position to, at a minimum, alter or delete voter registration data,” the committee said.

 

Read More →

Deputy Attorney General Rod Rosenstein announced Friday that a federal grand jury, as part of special counsel Robert Mueller’s probe, has indicted 12 Russian nationals accused of hacking the Democratic National Committee, the Democratic Congressional Campaign Committee and the Hillary Clinton campaign, including the email account of Clinton campaign chairman John Podesta.

The 12 defendants named in the indictment are members of the Russian intel agency, the GRU, according to a Justice Department press release about the indictment. The charges were unveiled days before President Trump is scheduled to meet with Russian President Vladimir Putin, though Rosenstein told reporters that the timing of the indictment reflected the evidence gathered and the prosecutors’ determination that it was sufficient to bring the charges.

The indictment includes 11 criminal counts and one forfeiture allegation. The criminal counts include conspiracy against the United States, identity theft and money laundering. The indictment names the Russians defendants: Viktor Borisovich Netyksho, Boris Alekseyevich Antonov, Dmitriy Sergeyevich Badin, Ivan Sergeyevich Yermakov, Aleksey Viktorovich Lukashev, Sergey Aleksandrovich Morgachev, Nikolay Yuryevich Kozachek, Pavel Vyacheslavovich Yershov, Artem Andreyevich Malyshev, Aleksandr Vladimirovich Osadchuk, Aleksey Aleksandrovich Potemkin, and Anatoliy Sergeyevich Kovalev.

The hackers, the DOJ said in its press release, released the hacked information “on the internet under the names DCLeaks and Guccifer 2.0 and through another entity.”

The GRU officials, according to the DOJ, coordinated to “plan the release of the stolen documents for the purpose of interfering with the 2016 presidential election.”

A group of the GRU agents, according to the DOJ, “also conspired to hack into the computers of state boards of elections, secretaries of state, and US companies that supplied software and other technology related to the administration of elections to steal voter data stored on those computers.”

Rosenstein unveiled the charges at a press conference at the Justice Department headquarters in Washington, D.C.

“There’s no allegation that the conspiracy changed the vote count or affected any election result,” he said.

He also said that in the indictment, there is no allegation that the Americans who corresponded with the alleged hackers “knew they were corresponding with Russian intelligence officers.”

He indicated that there were plans to transfer the case to the Justice Department’s National Security Division while it sought to apprehend the defendants.

His remarks also included an allusion to the attacks the Justice Department has weathered as the Mueller probe heated up  — attacks that were in full view during a Thursday congressional hearing with a FBI agent who worked on the investigation in its infancy.

“I want to caution you, the people who speculate about federal investigations usually do not know all of the relevant facts. We do not try cases on television or in congressional hearings,” Rosenstein said.

He also said he briefed President Trump on the allegations earlier this week, and that “president is fully aware of the department’s actions today.”

Asked by reporters for more information about Trump’s view of the allegations he said he’d let the President speak for himself.

According to the indictment, the hackers “covertly monitored the computers of dozens of” DNC and DCCC employees, starting in or around April 2016, and implanted malware code while stealing the emails of the employees.

The hackers began releasing the documents in or around June 2016, using fake online accounts dubbed Guccifer 2.0 and DCLeaks, as well as another unnamed entity described as a website that had previously “posted documents stolen from U.S. persons, entities, and the U.S. government.”

That appears to be a reference to Wikileaks.

The indictment describes how the alleged hackers sought to conceal their identities:

The indictment goes into great detail about how the alleged hackers infiltrated Democratic email accounts, including that of Podesta, who is not identified by name in the indictment. It recounts the alleged spearfishing attack on Podesta and other Clinton campaign officials down to the account name the hacker used to mask the link that delivered the phishing attack to the victims’ email inboxes.

Their alleged operation included researching the hacking victims on social media, and they even created an email account that was one letter off from the name of a Clinton campaign staffer.

The spearfishing campaign continued through the summer, according to the indictment, as the hackers also targeted campaign emails hosted on a third party domain provider used by Clinton’s personal office, as well as 76 email addresses hosted by the campaign’s domain.

The effort to hack the DCCC begin in and around March 2016, according to the indictment, and included spearfishing as well as searches for the system’s vulnerabilities. Mueller here too describes that effort in significant detail. The indictment says that the hackers were able to use their access to the DCCC computers to then hack the DNC network.

As the DNC and DCCC became aware, in or around May 2016, that their systems had been hacked, the alleged hackers took countermeasures to conceal their presence in their networks and to maintain access to the networks. That effort included registering a domain name that mimicked the platform that “included a DCCC donations page,” according to the indictment.

The hackers maintained their access to the DNC networks through around October 2016.

The indictment then describes the alleged hackers tactics to release the stolen information. Not only did they create the DCLeaks page that posted many of the stolen emails, according to the indictment, but they created fake Facebook and twitter pages to promote the website.

The creation of Guccifer 2.0 — an online persona that claimed to be a lone Romanian hacker — was in response to the DNC’s announcement in June 2016 that it had been hacked by Russian actors, the indictment said.

The indictment includes terms the hackers allegedly searched for translations while creating the Guccifer 2.0 page, that then appeared on Guccifer 2.0’s blog posts.

According to the indictment, Guccifer 2.0 interacted with a congressional candidate, a lobbyist, and a reporter, sending each of the unnamed individuals some of the stolen materials. The indictment also includes communications that Guccifer 2.0 had with “who was in regular contact with senior members of the presidential campaign of Donald J. Trump.”

Communications between Guccifer 2.0 and “Organization 1” — presumably a reference to Wikileaks — are also documented in the indictment.

About a week after Guccifer 2.0 successfully transferred some stolen materials to Organization 1, Organization on June 22 released 20,000 emails and other documents hacked from the DNC, with the release timed to the start of the Democratic National Convention, the indictment said.

Read the indictment below:

Read More →

Nine hours after the start of Thursday’s extremely contentious House committee hearing, FBI official Peter Strzok was given the opportunity to explain the infamous “insurance policy” text he sent to FBI lawyer Lisa Page — a text that has become a focal point in GOP conspiracy theories of a deep state plot to undermine President Trump with the Russian investigation.

According to Strzok, it was sent in the context of a debate over how aggressively the FBI needed to move on its Russia probe. He that said at the time he was arguing to aggressively investigate the Trump campaign even though doing so could put a source at risk.

“While it isn’t likely according to all the pollsters and everybody that candidate Trump is elected, we need to make sure we are protecting America,” Strzok said at the hearing, explaining what he was arguing at the time the text message was sent. “We need to responsibly and aggressively investigate these actions, because you know what, if candidate Trump is elected, there might be people we need to be investigating that might be nominated for important security positions. Everybody in America would want to know that. Candidate Trump would want to know that.”

In the August 2016 text, which was revealed as part of a Justice Department Inspector General investigation, Strzok referenced a meeting he and Page attended with then-FBI Deputy Director Andy McCabe.

“I want to believe the path you threw out for consideration in Andy’s office—that there’s no way he gets elected—but I’m afraid we can’t take that risk. It’s like an insurance policy in the unlikely event you die before you’re 40…” Strzok’s text said.

In Strzok’s retelling of the discussions that he was referencing in the text, some were advocating for the FBI to move slowly — and not put the sensitive source who had provided information at risk — since Trump was not expected to win the election.

“What I’m saying is look we’re the FBI. We need to do our job. We need to go investigate,” he recalled Thursday of his sentiments in that text.

Read More →

Rep. Paul Gosar (R-AZ), citing his experience as a dentist, claimed he read body language very well and grilled FBI official Peter Strzok about the body language he exhibited earlier during a House Oversight and Judiciary Committee hearing Thursday.

Watch the clip below:

Read More →

FBI agent Peter Strzok said during congressional testimony Thursday that comments former New York Mayor Rudy Guiliani made to the media in the fall of 2016 had Strzok concerned that the FBI was leaking about the Clinton email probe. But Strzok denied that his concerns were specifically about potential leaks from federal investigators in New York.

I think there was discussion, I remember, and particularly some of it was in the context of reporting from Mr. Giuliani and others talking about connections to New York,” Sztrok told Rep. Raja Krishnamoorthi (D-IL). “I don’t want to scapegoat New York because a lot of people were aware of it.”

Krishnamoorthi, during a hearing with the House Oversight and Judiciary committees, was walking Strzok through a number of sections in the recent Justice Department Inspector General report on the FBI’s handling of the Clinton investigation. He focused on the sections about whether fears of leaks affected decisions about going public, right before the 2016 election, about certain actions in the probe.

Strzok confirmed that New York investigators were aware of a warrant for Anthony Weiner’s laptop. FBI Director James Comey’s would go on to inform Congress that he was reopening the email investigation, as the FBI was examining emails on the laptop.

I did not have concerns about New York,” Strzok said, when asked about the discussions around making the announcement to Congress. “My concerns were just general. That the more people who are aware of something, the greater chance that it leaks out somehow. But those concerns were not specific in my mind to New York.”

When Krishnamoorthi brought up a section in the IG report about former Attorney General Loretta Lynch recalling a Comey comment about the New York FBI office’s anti-Clinton sentiment, Sztrok told the lawmaker he’d have to ask Comey to explain those comments.

Krishnamoorthi then asked Strzok about the public comments Giuliani made about a “big surprise” coming in the campaign that Giuliani would go on to said he had heard from former FBI agents. Strzok said his remarks gave him “a lot of concern.”

Because, while it’s certainly possible that Mr. Giuliani is exaggerating or engaging in some sort of puffery, the reality is that also given the things that were going on, given timing that the laptop was there and he was talking about that in the context of a big surprise, it caused me great concern that he had information about that — that he should not have had,” Strzok said.

Read More →

Rep. Louie Gohmert (R-TX) accused FBI agent Peter Strzok of being liar in a verbal attack during a Thursday hearing, which escalated when Gohmert compared Strzok’s “smirk” in the hearing to “how many times did you look so innocent into your wife’s eye and lie to her.”

Strzok was testifying in front of the House Oversight and Judiciary committees, where Republicans peppered him with questions about anti-Donald Trump texts he sent to another FBI official, with whom he was having an affair.

Gohmert’s tirade prompted shouting from Democrats who accused the lawmaker of “intolerable harassment of a witness. “

“You need your medication!” one lawmaker shouted.

Watch below:

Read More →

Rep. Jim Jordan (R-OH) — one of the President Trump’s most vocal allies in efforts to bash special counsel Robert Mueller’s investigation — prompted shouts from his Democratic counterparts on the Oversight and Judiciary committees as he bulldozed over FBI agent Peter Strzok’s attempts to answer his questions. Even House Judiciary Committee Chairman Bob Goodlatte (R-VA) signaled Jordan would need to let the hearing move on.

Stzrok — a constant target of Republicans due to the anti-Trump texts he sent while working on the Hillary Clinton and Russia investigations — repeatedly told committee members at Thursday’s open hearing that he could not answer certain questions about the Russia probe since it is an ongoing investigation.

Jordan asked Strzok specifically about an email he sent to other top FBI officials that referred to copies of the infamous Trump-Russia dossier, and the difference between the versions handed over by Sen. John McCain, “Corn” and “Simpson.”

Jordan badgered Strzok over who Corn and Simpson — presumably references to Mother Jones journalist David Corn and Glenn Simpson, head of the firm that hired the ex-British spy to assemble the dossier — were. Jordan repeatedly interrupted Strzok as he tried to explain why he couldn’t answer the question, prompting Democrats to yell at Jordan to let the FBI official answer and to point out that Jordan’s time for questioning was expired.

Watch below:

Read More →

At a congressional hearing Thursday, FBI agent Peter Strzok defended himself from attacks from GOP lawmakers that a text he sent in 2016 — in which he said that “we’ll stop” then candidate-Donald Trump — proved he was biased in the Russia investigation into Trump’s campaign.

“In terms of the texts that ‘we will stop it,’ you need to understand that that was written late at night, off-the-cuff and it was in response to a series of events that included then-candidate Trump insulting the immigrant family of a fallen war hero and my presumption, based on that horrible, disgusting behavior, that the American population would not elect someone demonstrating that behavior to be president of the United States,” Strzok said.

“It was in no way unequivocally any suggestion that me, the FBI, would take any action whatsoever to improperly impact the electoral process for any candidate,” Strzok continued, adding that he took “great offense” with Oversight Chairman Trey Gowdy’s assertions about the texts.

Read More →

Minutes into lawmakers’ questioning of Peter Strzok, the FBI official under fire for anti-Donald Trump texts, House Judiciary Chairman Bob Goodlatte (R-VA) threatened to hold Strzok in contempt for declining to answer Oversight Chairman Trey Gowdy’s question about the FBI’s Russia probe.

Gowdy had asked how many people Strzok interviewed for the probe in the first week or so of the investigation. Strzok told Gowdy he was under instruction from the FBI not to answer questions about the ongoing Russian investigation.

Goodlatte jumped into to press Strzok to answer the question. Strzok continued to cite the FBI’s instructions.

Mr. Strzok, please be advised that you can either comply with the committee’s directive to answer the question or refuse to do so. The latter of which will place you at risk of a contempt citation and potential criminal liability,” Goodlatte said. “Do you understand that?”

Democrats leapt to Strzok’s defense, pointing out that Justice Department policy prohibits FBI personnel commenting publicly on ongoing investigations. When Strzok asked if he could consult with the FBI’s counsel, Republicans said he could only consult with his own personal lawyers, prompting more heated argument with the committees’ Democrats.

As Strzok continued to decline to answer Gowdy’s question, Goodlatte brought up the threat of contempt again.

Mr. Strzok, in a moment we’ll continue with the hearing, but based on your refusal to answer the question at the conclusion of the day we’ll be recessing the hearing and you will be subject to recall to allow the committee to consider proceeding with a contempt citation,” he said.

Read More →

The House Oversight Committee’s top Democrat, Elijah Cummings (D-MD) highlighted the number of guilty pleas special counsel Robert Mueller has secured in his Russian probe, in a demonstration that prompted a brief squabble over the signs Dem staffers were holding in the hearing showing who had entered guilty pleas in the investigation.

Cummings was making the point — in opening remarks for the highly anticipated hearing with FBI official Peter Strzok — that Republicans on the committee had previously said they would not seek to interfere with Mueller’s investigation. Cummings accused the Republicans of breaking that promise after Mueller started racking up guilty pleas, including from some people close to President Trump.

At first, Republicans appeared to protest the signs, but let Cummings move forward with the remarks when Democrats asked what rules the staffers were violating.

Watch the clip below:

Read More →

LiveWire