Thursday morning, the Justice Department released a redacted version of Special Counsel Robert Mueller’s report on Russian interference in the 2016 presidential election. The report paints a troubling picture of American democracy under attack by a hostile foreign power. You can click here to access the 448-page report through the DOJ website, but we prefer this searchable version courtesy of the New York Times.
Mueller’s team warns that the “Russian government interfered in the 2016 presidential election in sweeping and systematic fashion.” Among the report’s most alarming findings are its revelations about the scope of Russian hacking. Volume I, Part III of the report, entitled “RUSSIAN HACKING AND DUMPING OPERATIONS,” focuses on hacking of U.S. election targets by the GRU, the intelligence division of Russia’s military. GRU units involved in the operation were divided into groups according to specialty: “One department, for example, developed specialized malicious software (“malware”), while another department conducted large-scale spearphishing campaigns.” The report also mentions “a bitcoin mining operation to secure bitcoins used to purchase computer infrastructure used in hacking operations,” but some details of this group have been redacted by William Barr under the “Investigative Technique” justification.
This section of the Mueller Report begins by describing the GRU’s assault on the Clinton Campaign and other Democratic targets, namely the Democratic Congressional Campaign Committee and the Democratic National Committee. Mueller’s investigation confirms that GRU officers targeted hundreds of email accounts and private networks in order to steal hundreds of thousands of documents including “strategy documents, fundraising data, opposition research, and emails from the work inboxes of DNC employees.” The GRU released stolen documents through two fictitious online profiles, “DCLeaks” and “Guccifer 2.0,” as well as through WikiLeaks.
The report states that many of these breaches were achieved through the GRU’s spearphishing operations. Spearphishing emails enabled the GRU to access numerous email accounts and, by extension, private networks:
GRU agents also used malware to infiltrate secure computers and steal data:
Mueller’s report explains that the GRU leased computers from international third-party providers in order to carry out their attacks and store stolen data. Some of the more essential leased computers were actually located inside the United States at an Arizona location.
While much of the information regarding stolen documents was made public prior to Mueller’s report, the report does contain some fresh findings concerning the hacking of election administration officials. GRU officers exploited software vulnerabilities on state and local networks to gain access to sensitive voter databases:
The state of Illinois is mentioned specifically in this section of the report:
The report’s most unexpected disclosures concern a hacking operation targeting an unnamed Florida county. The Mueller Report lays out in detail how the GRU gained access to the network of an unidentified Florida county just prior to the 2016 presidential election:
This is a worrisome discovery for a state long plagued by problematic elections. While it has been known that a Tallahassee elections vendor was compromised by Russian hacking in 2016, even Florida election officials were caught off guard by Mueller’s revelations about this particular breach. In a statement, the Florida Department of State said that they immediately reached out to the FBI for further information.