WASHINGTON — Few moments in the 2016 presidential election delighted Donald Trump more than the hacking of Democratic operatives. In July, after the Democratic National Committee’s emails were posted online, he — perhaps jokingly — called for more hacks: “Russia: If you’re listening, I hope you’re able to find the 30,000 emails that are missing. I think you will probably be rewarded mightily by our press.” When WikiLeaks released the emails of Clinton campaign chairman John Podesta in October, Trump was ecstatic. “I love WikiLeaks!” he declared. He said “WikiLeaks” at least 141 times the month before the election.
Trump probably didn’t mean to invite hackers to target him and his allies and post their findings on WikiLeaks.
But politically motivated hacks and leaks have continued unabated since Trump won the election. White House chief of staff John Kelly’s personal cell phone may have been compromised while he was working on the transition team at the end of 2016. Outgoing White House communications director Hope Hicks told the Senate Intelligence Committee last month that one of her email accounts had been hacked. And Trump associates and others outside the administration have seen their emails hacked and released for political purposes. Yousef Al Otaiba, the United Arab Emirates ambassador to the United States, had his emails leaked to U.S. media outlets.
So did Trump confidant and top Republican fundraiser Elliott Broidy.
Broidy acknowledges the similarities between the hackers who targeted him last month and those who targeted Democratic operatives during the election. “For whatever reasons, they don’t agree with what someone’s doing, so they try to wreak havoc and destroy their reputation,” he told HuffPost.
The 2016 election hack wasn’t the first of its kind. But it was the most spectacular. And given the gambit’s success, it may be hard for any government, organization or powerful individual that wants to influence U.S. public opinion to resist trying to copy it.
“Everyone involved in politics — whether you’re on a more state-focused campaign or national — you’re going to be heavily targeted, especially seeing the success of what happened,” said Ben Johnson, a former cybersecurity specialist at the National Security Agency. “Everyone is a target, from the intern to the candidate.”
Hillary Clinton’s aides and allies warned that they weren’t the first, and wouldn’t be the last, to be hurt by politically motivated hacking and that the U.S. government should take the threat seriously. Even Broidy now seems to agree.
“I’m not happy to see anyone hacked. That includes whether it’s Hillary Clinton or John Podesta, or anyone else,” Broidy said. “What happened in the 2016 election, or what’s happened to me, or what will happen to somebody else today or tomorrow — it’s just not right and I think we should work hard to make sure it doesn’t happen.”
Not all state-sponsored hacks have been aimed at the political process. China and North Korea, which are allegedly behind some of the highest-profile hacks, have stolen information with the apparent goals of obtaining intelligence, accessing trade secrets or securing a ransom. When the U.S. and Israel allegedly deployed an advanced team of hackers in Iran, their aim was to destroy a critical part of Iran’s nuclear program.
About a decade ago, hackers demonstrated how to use stolen information to advance a political narrative. Thousands of private emails sent by scientists affiliated with the Climatic Research Unit at England’s University of East Anglia were hacked in 2009. WikiLeaks published those materials and climate change deniers seized on parts of the emails to accuse the authors of scientific misconduct and fabricating a pattern of global warming.
Climategate, as it was termed, broke just weeks before a United Nations climate conference in Copenhagen, Denmark. Negotiations over ways to curb greenhouse gas emissions collapsed.
The release of the emails appeared to be timed to disrupt the conference, although it’s unclear how much damage they did. The stolen zip file was stored on a server in Russia, but investigators never conclusively attributed the hack to Moscow. Regardless of who orchestrated it, Climategate was an early example of hackers plotting to “take the fruits of illegal behavior, weaponize them, then use them in a political context,” Podesta told Mother Jones.
In 2013, the hacker Guccifer, later revealed to be a Romanian individual named Marcel Lazăr Lehel, began releasing emails he’d stolen from U.S. political figures. He leaked emails from former Secretary of State Colin Powell, former Bill Clinton adviser Sidney Blumenthal, and Dorothy Bush Koch, the sister of George W. Bush. There is no public proof that Lehel’s efforts were state-sanctioned.
The hackers who later targeted the DNC and Podesta adopted Guccifer’s persona, referring to themselves as Guccifer 2.0. WikiLeaks dumped the first cache of stolen emails about Hillary Clinton and the party’s internal deliberations only days before the Democratic convention. Podesta’s emails were posted about an hour after The Washington Post’s story about Trump bragging that he could grab women by the genitals in a 2005 “Access Hollywood” recording.
The Clinton campaign pleaded with reporters to be cautious about covering the hacked emails. “You’re basically doing Russia’s bidding right now,” Jesse Lehrich, a former campaign spokesman, recalled telling the media.
But Lehrich’s reminders had limited effect. WikiLeaks had already posted the emails online for anyone to read and some of them contained newsworthy information about a major presidential candidate.
“Unless there’s a giant pact among reporters that nobody will cover this stuff — which, let’s face it, is never gonna happen — reporters are trapped in this fucked-up situation,” Lehrich said. “You’re either missing out on stuff people are writing up, fighting a noble battle that’s not actually accomplishing anything. Or you’re furthering the agenda of foreign actors,” he said.
Another challenge for reporters — and anyone hoping to capitalize on hacked material — is that it’s often extremely difficult to determine who is responsible for a hack and what their motivations might be. Authentication can be a hurdle: Hackers might slip forged or altered documents into a giant release, which would be hard to catch. The Clinton team refused to confirm on the record the authenticity of any of the emails stolen during the campaign.
You're basically doing Russia's bidding right now. Jesse Lehrich, a Clinton campaign spokesman
So far, the Trump administration has done very little to protect the country from cyberattacks. In January 2017, he vowed to appoint a team of experts to deliver a plan to counter hackers within the first 90 days of his presidency.
But months passed and Trump’s administration blew through self-imposed deadlines without taking action. When the president signed an executive order on cybersecurity last May, Robert Ackerman, the founder of a cybersecurity venture firm called Allegis Capital, described it as “the skeleton of a policy” that mostly built off existing initiatives. Trump later floated the idea of creating an “impenetrable Cyber Security unit″ — in coordination with Russian President Vladimir Putin. Lawmakers slammed the notion and Trump backed down.
Even members of Trump’s own party have blasted him for failing to address the nation’s cyber vulnerabilities. “Unfortunately, leadership from the executive branch on cybersecurity has been weak,” said Sen. John McCain (R-Ariz.) last August.
State-sponsored hacking is very tough to identify, track and prevent — especially as hackers develop more sophisticated ways to obscure their identities and hackers-for-hire allow states to direct an operation without leaving their fingerprints. But there are things the U.S. government can and should do.
Experts have long urged the government to take a more active role in protecting critical infrastructure ― like power grids, water systems and emergency services ― and in regulating security standards for internet-accessible consumer products ― like cameras, thermostats and baby monitors. They also have pressed the federal government to give states the money to replace easily hackable touch-screen voting machines.
And now that Trump is in power, he, his allies and coworkers, and his correspondents are targets as well — not just for Russia, but for anyone in the world who wants to sway American public opinion.
“This is not going away anytime soon,” said Hank Thomas, the CEO and founder of Strategic Cyber Ventures. “Hacking is far too lucrative and inexpensive for governments to not keep it as a primary tool in their arsenal of defense and espionage tools.”
The purpose of the DNC and Podesta hacks was to dump a massive amount of information online all at once and to allow everyone to comb through it, craft their own conspiracies or disinformation, and spread it quickly on social media. More recent hacks have been carefully curated and delivered to the reporters who knew best how to tell the story the hackers wanted the public to hear.
Last summer, a group that called itself GlobalLeaks selectively released to several media outlets, including HuffPost, emails belonging to Yousef Al Otaiba, the UAE’s influential ambassador who is close to presidential son-in-law Jared Kushner. The name GlobalLeaks appeared to be a nod to DCLeaks, the group that had distributed the Democratic emails during the 2016 election.
But unlike DCLeaks, GlobalLeaks targeted just one politically prominent individual: Otaiba. And instead of just being dumped online, the documents were leaked to specific reporters who wrote about foreign policy and the Middle East.
The emails, which showed Otaiba repeatedly criticizing Trump, were released amid a diplomatic crisis between the UAE (and others) and Qatar. Otaiba had been carefully cultivating ties to the new administration, working to gain Washington’s support in cutting off Qatar and its broader foreign policy agenda. The leaker denied having connections to Qatar. The source used a .ru email address, suggesting they were Russian or trying to appear Russian.
It’s not clear what, if any, effect the stolen emails had on Trump’s view of the Gulf dispute. Over the next several months, he flip-flopped between accusing Qatar of funding terrorism and offering to help Qatar resolve the rift with its neighbors. But the emails undoubtedly sullied Otaiba’s reputation in Washington. Last August, the Intercept published an account of Otaiba hiring escorts. The story relied, in part, on those emails.
Then last month, the hacking hit someone with personal ties to the president: Broidy. On Feb. 28, a group identifying itself as LA Confidential emailed reporters, again including at HuffPost, copies of the GOP fundraiser’s emails. The documents appeared to show Broidy trying to use his connections to the Trump administration to influence the outcome of a Justice Department investigation into a potential client of his wife’s law firm. (Broidy denies any wrongdoing.) They also show Broidy privately pitching Trump on the idea of a Gulf-funded Muslim army to fight America’s wars.
Broidy, who is outspokenly critical of Qatar, has accused the small gas-rich nation of orchestrating the hack. He told HuffPost that he would share proof to back up his allegation at a later date. Qatar denies it was involved in the hack.
He has not discussed the threat of state-sponsored hacking operations with Trump, Broidy said. Nor does he share the frustration of Trump’s critics, who say the president hasn’t done enough to respond to Russia’s election interference. “I’m more interested in law enforcement doing its job because the laws and the policies are there,” he said.
Asked how he reacted when the DNC and Podesta emails were released during the presidential race, Broidy said he couldn’t recall. “I mean I don’t think stealing stuff from people is right,” he said. “It’s just not my thing. I’m very interested in national security and law and order.”
Lehrich, the Clinton campaign spokesman, said he does have sympathy for Republican hacking victims like Broidy.
“This guy Broidy seems like a really bad dude, and the things that he’s done, obviously there is merit to them being exposed,” Lehrich said. “But at the same time, I think it’s a dangerous, slippery slope when they’re coming to light thanks to hostile foreign actors who have their own agenda.”
Maxwell Strachan and Akbar Shahid Ahmed contributed reporting.