On Friday, Deputy Attorney General Rod Rosenstein announced that the Department of Justice had indicted 12 Russian intelligence officers for working to undermine the 2016 U.S. presidential election. Their method: Hacking into the Democratic National Committee’s and the Democratic Congressional Campaign Committee’s networks, as well as email accounts belonging to individuals working on Hillary Clinton’s campaign—most famously Clinton’s campaign chairman John Podesta. The latest indictment is part of special counsel Robert Mueller’s ongoing investigation into Russian interference in the 2016 election. All the officers are members of GRU, the Russian foreign intelligence agency, operating under units numbered 26165 and 74455. We’ve known since 2016 that these operations were almost certainly the work of Russian agents. But the indictment adds some important new details to our understanding of how this election meddling went down.
In the press conference, Rosenstein said that one team of these operatives was responsible for retrieving the documents and another team was in charge of disseminating the material. The Russian officers siphoned off thousands of stolen emails and files, which were released online in the summer of 2016 under the monikers “DCLeaks,” a website, and “Guccifer 2.0,” a mysterious online figure. Guccifer 2.0 communicated directly with numerous reporters, including Trump confidante Roger Stone, who posted screenshots of his private Twitter exchange with the disguised Russian hacking group in March 2017. The indictment is presumably referring to Stone when it describes a person who was “in regular contact with senior members of the presidential campaign of Donald J. Trump.”
Guccifer 2.0 didn’t hit the scene, however, until after the cybersecurity firm Crowdstrike, brought in to analyze the DNC’s data breach, published a report that found “two separate Russian intelligence-affiliated adversaries present in the DNC network.” The next day, Guccifer 2.0 claimed responsibility for the hack in a WordPress blog, noting the infiltration “was easy, very easy.” The blog posted opposition research on Donald Trump stolen from the DNC. A few days later, Guccifer 2.0 started a Twitter account declaring that he wasn’t a team of Russians but rather a “lone hacker”—a claim the indictment says is false—and admitted to handing his bounty to WikiLeaks. In an interview with Motherboard, Guccifer 2.0 claimed to be Romanian, but when pressed to explain how he hacked into the DNC servers in Romanian, the person behind the account sent back only a few sentences riddled with mistakes. Still, that summer the Kremlin denied any involvement in the DNC breach.
The indictment brings previously unknown details to light about just how active Guccifer 2.0 was, including the allegation that the Kremlin hackers “received a request for stolen documents from a candidate for the US. Congress,” a request they fulfilled. The indictment claims that in one exchange with a reporter, Guccifer 2.0 sent documents about the Black Lives Matter movement and that the two communicated about writing a story. Guccifer 2.0 also offered to provide a reporter emails stolen from Hillary Clinton’s staff and handed over the password to retrieve the emails from DCLeaks.com, one of the domains registered by the Russian hacking group.
WikiLeaks, which the indictment refers to as Organization 1, allegedly conspired with the fictitious Guccifer 2.0 character in order to receive a trove of more than 20,000 private emails stolen from the DNC server, which WikiLeaks eventually made public. The indictment includes text of their conversations:
Organization 1: if you have anything hillary related we want it in the next tweo [sic] days prefable [sic] because the DNC [Democratic National Convention] is approaching and she will solidify bernie supporters behind her after.
The Russian agents: 0k … i see.
Organization I: we. think trump has only a 25% chance of winning against hillary … so conflict between bernie and hillary is interesting.
The information that the team of 12 Russian operatives stole inarguably had repercussions throughout the 2016 campaign. Days before the release of the DNC emails, Sen. Bernie Sanders formally came out in support of Hillary Clinton, and the Democratic National Convention was supposed to unify the two candidates’ supporters. But the emails, which contained correspondence between high-level DNC staff criticizing Sanders and discussing ways to undermine him, undoubtedly turned many of Sanders’ staunch supporters off to the idea of supporting a Clinton presidency. And the Podesta leaks created a steady trickle of uncomfortable news for the Clinton campaign not long after. All of which supported the goal of the broader Kremlin efforts, according to U.S. intelligence agencies: to help Trump win the Oval Office. The indictment alleges that the team ceased its operations in November 2016. With Trump on his way to the White House at that point, their job was done.
