Summary IV A. The DNC Hack and the FBI's Response
In August of 2015, the FBI reached out to the DNC about a potential breach of their network. The FBI warned the DNC multiple times, however, the DNC did not identify the intrusion until April of 2016. The DNC claimed that the warnings they were receiving from the FBI did not accurately convey the seriousness of the situation. It is also possible that there was some tension between the FBI and the DNC due to the FBI investigation into Hillary Clinton’s emails.
Upon learning that their network was compromised the DNC hired CrowdStrike, a cybersecurity firm, to fix the problem and suggest further action. There were two intrusions. COZYBEAR, who is connected to either the FSB or the SVR, had penetrated the network in July of 2015. A second intruder, FANCYBEAR, who is associated with the GRU penetrated the network in April of 2016. The intrusions resulted in the exfiltration of files and emails. The DNC’s cloud environment was also targeted in September of 2016 but CrowdStrike identified the attempted intrusion. Hacked materials were published online by both Guccifer 2.0 (GRU online persona), and WikiLeaks.
The FBI’s victim-driven response to cyberattacks does not force cooperation from the victim entity. However, the committee concluded that the FBI could have been more pro-active in warning the DNC. The FBI only communicated with the IT department, and could have notified the DNC Chair, Debbie Wasserman Schultz, or a member of congress with a sufficient clearance. DHS and the ODNI concluded that the hack was directed by the Russian government.