Spamming the world with leaks leaves everyone vulnerable to exploitation – that should be scarier than whether or not Russia is behind the current email dump
WikiLeaks’s release of 19,252 emails from the U.S. Democratic National Committee’s servers (DNC) has thrown the party into disarray as it embarks on it 2016 presidential convention in Philadelphia. Given the reactions to the data breach, including the resignation of its embattled chairwoman, Debbie Wasserman Schultz, the materials are assumed to be (mostly) legitimate.
The DNC blames Russia for the disclosure of this information, saying that the hacker(s) and the materials’ distributor, WikiLeaks, are taking their orders from Moscow, which the group denies. Much of what has been released is heavy on privacy violations but short on “smoking guns,” as Vox notes that, “The email trove contains some embarrassing revelations but no bombshells.” But those may not have been the main point.
Exposing instances of “dirty tricks” and conflicts of interest within the DNC this election cycle will probably have less impact than the very scale of the leaks. By releasing the DNC’s staff lists, its internal setup, and even its very work culture, the hacker(s) practice(s) a form of activism not without precedent in U.S. politics – and also not without allegations of foreign intelligence agencies’ sponsorship behind it to undermine institutions for their own gain. Such releases of information can cause real productivity losses in a corporate setting, and the same is true in government institutions – more so, in fact, because it undermines faith in those institutions and the values they embody. A leak like this, so broad and so complete, can in fact bring about changes in political behavior through resignations, protests, and lawsuits. While such responses to leaked information are not at all unwarranted, it is a real concern that those who made them possible did not do so with transparency in mind, but to conceal their role in the matter.
But was Russia really behind the DNC leak?
Several cyber security experts have found that hackers who went into the DNC servers in June were known Russian groups who have hacked corporate, news media, and government sites since 2014. The FBI, White House, and Department of Justice have not yet released their own definitive statements – though they too suspect Russian sponsorship – so the search for the culprit(s) is ongoing. The hacker(s) have so far covered their tracks well, especially after an initial round of leaked DNC documents came out in June and led to immediate suspicions of Russian sponsorship.
Prior attacks on government databases since 2014 have been sourced back to Russian hacking collectives, namely the groups APT 28 and APT 29 that have staged cyber attacks throughout Europe, the Middle East, and Asia, as well as in the U.S. Allegedly controlled by rival agencies of the Russian Intelligence Community, the cyber security firm CrowdStrike’s named them as the parties who breached the DNC’s servers this past spring. Telltale metadata – of Russian-language content, especially – was present within the first batch of documents that came out in June. With these files came public statements by a previously unknown hacker going by “Guccifer 2.0,” who has since claimed to be the source for all of the data WikiLeaks has now released on its website.
As WikiLeaks does not disclose its sources, it has neither confirmed nor denied that Guccifer 2.0 is, as he claims to be, its source. Guccifer 2.0 takes his name from the Romanian hacker Marcel Lazăr Lehel, who hacked a number of U.S. politicians or celebrities before he was arrested and extradited to the U.S. Guccifer “1.0” is not known to have had the backing of any larger collective, though, and his claims about what he did are generally accepted now. Guccifer 2.0, in contrast, has been the subject of suspicion due to discrepancies in his claims.
As yet, much of the material that casts doubt on Guccifer 2.0 relies heavily on extrapolating behavior from a handful of clues for a person who may or may not even exist. Although the DNC is confident the Russians have set up Guccifer 2.0 as a cutout, the U.S. government is taking its time in issuing its conclusion. If it reaches such a conclusion, though, it is totally unclear what will happen next. And not just in terms of U.S.-Russia relations, but relationships that other organizations have with WikiLeaks.
This leak has also exposed just how vulnerable U.S. digital infrastructure is. The ease with which the DNC servers were penetrated raises questions about citizens’ right to privacy and possible electoral fraud: who, exactly, is responsible for these cyber security and privacy issues in the U.S. government? There is also the legal liability that WikiLeaks may face for choosing not to redact personal data of reporters, activists, donors, voters, and family members of these people caught up in the leaks.
Moscow’s alleged motives, if it did sponsor the leaks, remain difficult to pin down, not least because it frequently misunderstands how U.S. politics work and evidence of a larger influence campaign relies more on assumptions than documentation. But the breach of the DNC servers, whether state-sponsored or not, is part of a larger wave of cyber attacks that blur the borders demarcating transparency initiatives and whistleblowers’ activism from state-sponsored influence operations exploiting such leaks. The potential co-option of hacktivism for influence campaigns and disinformation operations – whether they are from Russian, Chinese, or American sources – presages “an ugly future” for the Internet.