Page:Report On The Investigation Into Russian Interference In The 2016 Presidential Election.pdf/57

From Wikisource
Jump to navigation Jump to search
This page has been validated.

U.S. Department of Justice

Attorney Work Product // May Contain Material Protected Under Fed. R. Crim. P. 6(e)

circumstances, it doesn't necessarily mean that the two are connected. But it is a very serious matter…that type of allegation is very serious, as it's taken very seriously by us."[1]

After the U.S. intelligence community publicly announced its assessment that Russia was behind the hacking operation, Assange continued to deny that the Clinton materials released by WikiLeaks had come from Russian hacking. According to media reports, Assange told a U.S. congressman that the DNC hack was an "inside job," and purported to have "physical proof" that Russians did not give materials to Assange.[2]

C. Additional GRU Cyber Operations

While releasing the stolen emails and documents through DCLeaks, Guccifer 2.0, and WikiLeaks, GRU officers continued to target and hack victims linked to the Democratic campaign and, eventually, to target entities responsible for election administration in several states.

1. Summer and Fall 2016 Operations Targeting Democrat-Linked Victims

On July 27, 2016, Unit 26165 targeted email accounts connected to candidate Clinton's personal office PP . Earlier that day, candidate Trump made public statements that included the following: "Russia, if you're listening, I hope you're able to find the 30,000 emails that are missing. I think you will probably be rewarded mightily by our press."[3] The "30,000 emails" were apparently a reference to emails described in media accounts as having been stored on a personal server that candidate Clinton had used while serving as Secretary of State.

Within approximately five hours of Trump's statement, GRU officers targeted for the first time Clinton's personal office. After candidate Trump's remarks, Unit 26165 created and sent malicious links targeting 15 email accounts at the domain PP  including an email account belonging to Clinton aide PP . The investigation did not find evidence of earlier GRU attempts to compromise accounts hosted on this domain. It is unclear how the GRU was able to identify these email accounts, which were not public.[4]

Unit 26165 officers also hacked into a DNC account hosted on a cloud-computing service Personal Privacy . On September 20, 2016, the GRU began to generate copies of the DNC data using PP  function designed to allow users to produce backups of databases (referred to PP   as "snapshots"). The GRU then stole those snapshots by moving

  1. See Assange: "Murdered DNC Staffer Was 'Potential' WikiLeaks Source," Fox News (Aug. 25, 2016)(containing video of Assange interview by Megyn Kelly).
  2. M. Raju & Z. Cohen, A GOP Congressman's Lonely Quest Defending Julian Assange, CNN (May 23, 2018).
  3. "Donald Trump on Russian & Missing Hillary Clinton Emails," YouTube Channel C-SPAN, Posted 7/27/16, available at (starting at 0:41).
  4. Investigative Technique