The Perfect Weapon: How Russian Cyberpower Invaded the U.S.
WASHINGTON — When Special Agent Adrian Hawkins of the FBI called the Democratic National Committee in September 2015 to pass along some troubling news about its computer network, he was transferred, naturally, to the help desk.
华盛顿——2015年9月，联邦调查局(FBI)特工阿德里安·霍金斯(Adrian Hawkins)打电话给民主党全国委员会（Democratic National Committee，简称DNC)，通报关于对方计算机网络的一些令人不安的消息，电话自然就被转到了服务部门。
His message was brief, if alarming. At least one computer system belonging to the DNC had been compromised by hackers federal investigators had named “the Dukes,” a cyberespionage team linked to the Russian government.
The FBI knew it well: The bureau had spent the last few years trying to kick the Dukes out of the unclassified email systems of the White House, the State Department and even the Joint Chiefs of Staff, one of the government’s best-protected networks.
Yared Tamene, the tech-support contractor at the DNC who fielded the call, was no expert in cyberattacks. His first moves were to check Google for “the Dukes” and conduct a cursory search of the DNC computer system logs to look for hints of such a cyberintrusion. By his own account, he did not look too hard even after Hawkins called back repeatedly over the next several weeks — in part because he wasn’t certain the caller was a real FBI agent and not an impostor.
答复电话的DNC技术支持承包商亚利德·塔敏(Yared Tamene)并非网络攻防专家。他的第一个行动就是到谷歌上搜索“the Dukes”，然后粗略查看了DNC的电脑系统日志，寻找这种网络入侵的痕迹。据他自己说，即使在接下来的几周里，霍金斯打过几次电话之后，他始终没有特别仔细地查找——部分原因是，他不确定来电者是真的FBI特工，还是江湖骗子。
“I had no way of differentiating the call I just received from a prank call,” Tamene wrote in an internal memo, obtained by The New York Times, that detailed his contact with the FBI.
It was the cryptic first sign of a cyberespionage and information-warfare campaign devised to disrupt the 2016 presidential election, the first such attempt by a foreign power in American history. What started as an information-gathering operation, intelligence officials believe, ultimately morphed into an effort to harm one candidate, Hillary Clinton, and tip the election to her opponent, Donald Trump.
Like another famous American election scandal, it started with a break-in at the DNC. The first time, 44 years ago at the committee’s old offices in the Watergate complex, the burglars planted listening devices and jimmied a filing cabinet. This time, the burglary was conducted from afar, directed by the Kremlin, with spear-phishing emails and zeros and ones.
An examination by The Times of the Russian operation — based on interviews with dozens of players targeted in the attack, intelligence officials who investigated it and Obama administration officials who deliberated over the best response — reveals a series of missed signals, slow responses and a continuing underestimation of the seriousness of the cyberattack.
The DNC’s fumbling encounter with the FBI meant the best chance to halt the Russian intrusion was lost. The failure to grasp the scope of the attacks undercut efforts to minimize their impact. And the White House’s reluctance to respond forcefully meant the Russians have not paid a heavy price for their actions, a decision that could prove critical in deterring future cyberattacks.
The low-key approach of the FBI meant that Russian hackers could roam freely through the committee’s network for nearly seven months before top DNC officials were alerted to the attack and hired cyberexperts to protect their systems. In the meantime, the hackers moved on to targets outside the DNC, including Clinton’s campaign chairman, John D. Podesta, whose private email account was hacked months later.
FBI的低调处理意味着，俄罗斯黑客可能在DNC的网络里无拘无束地逛了近七个月，之后，DNC的高级官员才被警告有黑客袭击，才雇用网络专家保护他们的系统。与此同时，黑客继续攻击DNC之外的目标，包括克林顿的竞选团队主席约翰·D·波德斯塔(John D. Podesta)，他的私人邮件账户数月后也遭到黑客袭击。
Even Podesta, a savvy Washington insider who had written a 2014 report on cyberprivacy for President Barack Obama, did not truly understand the gravity of the hacking.
By last summer, Democrats watched in helpless fury as their private emails and confidential documents appeared online day after day — procured by Russian intelligence agents, posted on WikiLeaks and other websites, then eagerly reported on by the American media, including The Times. Trump gleefully cited many of the purloined emails on the campaign trail.
The fallout included the resignation of Rep. Debbie Wasserman Schultz of Florida, the chairwoman of the DNC, and most of her top party aides. Leading Democrats were sidelined at the height of the campaign, silenced by revelations of embarrassing emails or consumed by the scramble to deal with the hacking. Though little-noticed by the public, confidential documents taken by the Russian hackers from the DNC’s sister organization, the Democratic Congressional Campaign Committee, turned up in congressional races in a dozen states, tainting some of them with accusations of scandal.
这造成的后果包括佛罗里达州众议员、DNC主席黛比·沃瑟曼·舒尔茨(Debbie Wasserman Schultz)以及她的大部分党内高级助手辞职。在竞选的高潮阶段，民主党的多个领导人物被迫出局，或因曝光的难堪邮件而保持沉默，或在应对这次袭击的混乱中垮台。虽然公众很少注意到，但是俄罗斯黑客从DNC的姐妹组织民主党国会竞选委员会(Democratic Congressional Campaign Committee)窃取的机密文件在十几个州的国会竞选中出现，有些州的竞选受到了丑闻指控的影响。
In recent days, a skeptical president-elect, the nation’s intelligence agencies and the two major parties have become embroiled in an extraordinary public dispute over what evidence exists that President Vladimir Putin of Russia moved beyond mere espionage to deliberately try to subvert American democracy and pick the winner of the presidential election.
Many of Clinton’s closest aides believe that the Russian assault had a profound effect on the election, while conceding that other factors — from Clinton’s weaknesses as a candidate, to her private email server, to the public statements of FBI Director James A. Comey about her handling of classified information — were also important.
克林顿的很多亲信认为，俄罗斯的网络袭击对美国大选产生了深刻影响，同时他们也承认其他因素也很重要，包括克林顿作为候选人的弱点，她的私人邮件服务器，以及FBI局长詹姆斯·B·科米(James B. Comey)关于她的机密信息处理方式的公开声明。
While there’s no way to be certain of the ultimate effect of the hack, this much is clear: A low-cost, high-impact weapon that Russia had test-fired in elections from Ukraine to Europe was trained on the United States, with devastating effectiveness. For Russia, with an enfeebled economy and a nuclear arsenal it cannot use short of all-out war, cyberpower proved the perfect weapon: cheap, hard to see coming, hard to trace.
“There shouldn’t be any doubt in anybody’s mind,” Adm. Michael S. Rogers, the director of the National Security Agency and commander of U.S Cyber Command, said at a postelection conference. “This was not something that was done casually, this was not something that was done by chance, this was not a target that was selected purely arbitrarily,” he said. “This was a conscious effort by a nation-state to attempt to achieve a specific effect.”
“任何人都不应该有任何怀疑，”国家安全局局长、美国网络司令部(Cyber Command)指挥官迈克尔·S·罗杰斯海军上将(Adm. Michael S. Rogers)在大选后的一次会议上说。“这不是随意做出的行为，不是偶然的，目标的选择也不是随意的，”他说，“这是一个国家为达到特定效果而进行的一次有意识的行动。”
For the people whose emails were stolen, this new form of political sabotage has left a trail of shock and professional damage. Neera Tanden, president of the Center for American Progress and a key Clinton supporter, recalls walking into the busy Clinton transition offices, humiliated to see her face on television screens as pundits discussed a leaked email in which she had called Clinton’s instincts “suboptimal.”
这种新型政治破坏震惊了那些邮件被盗的人，严重破坏了他们的职业前途。美国进步中心(Center for American Progress)主席、克林顿的重要支持者尼拉·坦登(Neera Tanden)回忆说，有一次，她走进克林顿繁忙的过渡办公室，羞愧地看见自己的脸出现在电视屏幕上，专家们在讨论她的一封被泄露的邮件，她在其中称，克林顿的直觉“并非最佳”。
“It was just a sucker punch to the gut every day,” Tanden said. “It was the worst professional experience of my life.”
The United States, too, has carried out cyberattacks, and in decades past the CIA tried to subvert foreign elections. But the Russian attack is increasingly understood across the political spectrum as an ominous historic landmark — with one notable exception: Trump has rejected the findings of the intelligence agencies he will soon oversee as “ridiculous,” insisting that the hacker may be American, but that “they have no idea.”
Trump cited the reported disagreements between the agencies about whether Putin intended to help elect him. On Tuesday, a Russian government spokesman echoed Trump’s scorn.
“This tale of ‘hacks’ resembles a banal brawl between American security officials over spheres of influence,” Maria Zakharova, the spokeswoman for the Russian Foreign Ministry, wrote on Facebook.
Julian Assange, the WikiLeaks founder and editor, has resisted the conclusion that his site became a pass-through for Russian hackers working for Putin’s government or that he was deliberately trying to undermine Clinton’s candidacy. But the evidence on both counts appears compelling.
Over the weekend, four prominent senators, two Republicans and two Democrats, joined forces to pledge an investigation while pointedly ignoring Trump’s skeptical claims.
“Democrats and Republicans must work together, and across the jurisdictional lines of the Congress, to examine these recent incidents thoroughly and devise comprehensive solutions to deter and defend against further cyberattacks,” said Sens. John McCain, Lindsey Graham, Chuck Schumer and Jack Reed.
“民主党人和共和党人必须携手合作，在国会的所有管辖领域，彻底调查这些最新事件，制订全面解决方案，以遏制和打击更多的网络袭击，”参议员约翰·麦凯恩(John McCain)、林赛·格雷厄姆(Lindsey Graham)、查克·舒默(Chuck Schumer)和杰克·瑞德(Jack Reed)称。
“This cannot become a partisan issue,” they said. “The stakes are too high for our country.”
As the year draws to a close, it now seems possible that there will be multiple investigations of the Russian hacking — the intelligence review Obama has ordered completed by Jan. 20, the day he leaves office, and one or more congressional inquiries. They will wrestle with, among other things, Putin’s motive.
Did he seek to mar the brand of American democracy, to forestall anti-Russian activism for both Russians and their neighbors? Or to weaken the next American president, since presumably Putin had no reason to doubt U.S. forecasts that Clinton would win easily? Or was it, as the CIA concluded last month, a deliberate attempt to elect Trump?
In fact, the Russian hack-and-dox scheme accomplished all three goals.
What seems clear is that Russian hacking, given its success, is not going to stop. Two weeks ago, the German intelligence chief, Bruno Kahl, warned that Russia might target elections in Germany next year. “The perpetrators have an interest to delegitimize the democratic process as such,” Kahl said. Now, he added, “Europe is in the focus of these attempts of disturbance, and Germany to a particularly great extent.”
But Russia’s cybertsars have by no means forgotten the American target. On the day after the presidential election, the cybersecurity company Volexity reported five new waves of phishing emails, evidently from Cozy Bear — the nickname for one of the two Russian hacking groups the cybersecurity firm CrowdStrike found at work inside the DNC network — aimed at think tanks and nonprofits in the United States.
One of them purported to be from Harvard University, attaching a fake paper. Its title: “Why American Elections Are Flawed.”