How Clinton's campaign e-mails were hacked - and leaked

Former Secretary of State Hillary Clinton speaks to the audience at the annual convention of the American Federation of Teachers Friday, at the David L. Lawrence Convention Center in Pittsburgh, Pennsylvania, on July 13, 2018. PHOTO: AFP

WASHINGTON • Although the broad outlines of the Russian hacking and influence campaign ahead of the 2016 US election have been widely reported, the indictment of 12 Russian military intelligence officers by special counsel Robert Mueller describes for the first time the identities, techniques and tactics of the operation to disrupt American democracy.

It includes details on how the Russians delivered the hacked e-mails to WikiLeaks, the online anti-secrecy organisation led by Julian Assange that became the main platform for the Russians to display their trove of hacked e-mails.

The hackers worked for the spy agency called the Main Intelligence Directorate of the General Staff, or the GRU, the indictment said. They also allegedly targeted a state election board, identified by US officials as Illinois. The Russians stole information about 500,000 voters.

The new indictments follow earlier charges that Russian operators of social media accounts had spread propaganda and false news stories during the 2016 campaign. Absent from indictment are any allegations of conspiracy between Russian operatives and Americans, including members of the Trump campaign.

"The single most remarkable thing is that the special counsel names and shames 12 GRU officers, goes into detail of its operation and does this at a moment when we are days away from the Helsinki summit," said strategic studies professor Thomas Rid at Johns Hopkins University who was one of the first researchers in 2016 to identify Guccifer 2.0, an online identity created as part of the GRU operation.

US Deputy Attorney-General Rod Rosenstein last Friday said the indictment's timing was dictated purely by the fact that prosecutors had found the information was sufficient to present to a grand jury.

Two GRU teams in particular, Units 26165 and 74455, both located in Moscow, carried out most of the campaign, beginning in early 2016, according to the indictment. One of Unit 26165's officers, Senior Lieutenant Aleksey Lukashev, used various online fake personas to craft "spearphishing" e-mails to trick members of Mrs Hillary Clinton's campaign, including chairman John Podesta, into clicking on links that enabled the hackers to obtain the victims' login and password credentials.

Another unit mate, Captain Nikolay Kozachek, allegedly crafted the X-Agent malware used to hack the Democratic Congressional Campaign Committee and Democratic National Committee networks in April 2016. Both were among those indicted.

Unit 74455, also known as the Main Centre for Special Technology, engineered the release of the stolen documents through a website it created called DCLeaks and the online persona Guccifer 2.0, according to the indictment.

The campaign began as early as March 2016, when Lt Lukashev sent a spearphish e-mail to Mr Podesta that was designed to look like a security notification from Google. It instructed the user to change his password by clicking on a link. E-mails hacked from Mr Podesta's account would be released on WikiLeaks in a steady steam later that year, ensuring that material embarrassing to Mrs Clinton's campaign would continue on a daily basis to deflect from her message in the weeks leading up to the election.


Join ST's Telegram channel and get the latest breaking news delivered to you.

A version of this article appeared in the print edition of The Sunday Times on July 15, 2018, with the headline How Clinton's campaign e-mails were hacked - and leaked. Subscribe