Over the weekend, a significant development was reported by Politico unveiling a scoop: A mysterious individual known only as “Robert” disclosed to the publication documents purportedly pilfered from Donald Trump’s presidential campaign efforts.
Subsequent reports have indicated that The New York Times and The Washington Post have engaged with the same source, receiving similar stolen documents. Such actions bear the trademarks of a hack-and-leak scheme, where malevolent hackers siphon off confidential data and strategically disseminate it, aiming to damage their targets. The FBI is currently probing into the breach. Trump has directly implicated the Iranian government in the intrusion. Roger Stone, a close ally of Trump, disclosed that his email was compromised, setting the stage for this entire episode, as per informed individuals who spoke to The Washington Post.
This scenario mirrors a previous hack-and-leak incident in the run-up to a U.S. election, hinting at a recurrence of such digital incursions. Reviewing past such operations sheds light on the learned lessons and their relevance today.
Back in the summer of 2016, an entity introducing themselves as Guccifer 2.0, and claiming to be a Romanian “hacker, manager, philosopher [and] women lover,” took responsibility for breaking into the Democratic National Committee’s servers. This was contrary to cybersecurity firm CrowdStrike’s accusation of Russian intelligence’s involvement in the breach. Interestingly, at that time, Roger Stone disclosed his communication with Guccifer 2.0, leveraging the hacker’s claims to criticize the Democrats.
However, probing Guccifer 2.0 unveiled discrepancies, leading to a revelation two years later by the FBI that Guccifer 2.0 was actually a facade for two operatives from Russia’s military intelligence unit, the GRU. My focus on unraveling Guccifer 2.0’s real identity over the documents they leaked was perhaps facilitated by my background in cybersecurity journalism rather than political reporting.
The true identity of “Robert” remains uncertain at this juncture, but early indications seem to echo the Guccifer 2.0 episode.
Just before Politico broke the news about the Trump campaign sabotage, Microsoft exposed an attack by an Iranian-backed hacking team in June against a senior official from a presidential campaign, stemming from a hijacked ex-senior advisor’s email account. While the targeted campaign wasn’t specified, insider reports to The Washington Post and Politico suggest the FBI has been looking into the attack on Trump’s campaign since June.
In light of this, Google’s Threat Analysis Group verified much of what Microsoft announced, indicating evidence of Iran-backed hackers targeting emails of individuals connected to both President Biden and former President Trump as early as May.
To summarize: Iranian hackers likely compromised Stone’s email to subsequently assault the Trump campaign, extracted documents (we know of files related to the vetting of Republican vice presidential hopeful J.D. Vance so far), and devised the “Robert” persona to stimulate journalistic interest in these leaks.
Contact Us
Holding more insights on the Trump campaign hack or other politically driven digital infiltrations? Confidentially reach out to Lorenzo Franceschi-Bicchierai via Signal at +1 917 257 1382, through Telegram and Keybase @lorenzofb, or by email. TechCrunch welcomes tips via SecureDrop as well.
What sets this episode apart from the 2016 occurrences is the manner of media reportage surrounding this incident.
Previously, numerous outlets highlighted the documents leaked by Guccifer 2.0 and those from Hillary Clinton’s campaign chairman John Podesta, inadvertently echoing the Russian agenda of distracting the public with claims of corruption. Kathleen Hall Jamieson, a scholar at the University of Pennsylvania, remarked to the Associated Press this week that the 2016 leaks suffered from an injurious portrayal by the media.
This round, the initial response to the Trump campaign’s cyber breach centered around the mechanics of the hack-and-leak strategy, rather than the contents of the leaks, drawing acclaim from misinformation specialists.
“Politico and [journalist] Alex Isenstadt are commendable for transforming this narrative into a cautionary tale of a (seemingly ineffective) foreign misinformation endeavor, rather than just disseminating the leaked documents from Trump’s campaign,” commented Thomas Rid, a professor at Johns Hopkins familiar with the 2016 Russian cyber tactics.
It remains to be seen if “Robert” releases anything deemed more impactful by the media. Additionally, as highlighted by my ex-colleague Joseph Cox, the hacking landscape has featured numerous instances where leaks were in the public interest and merited reporting. This incident might eventually align with those precedents.
Nonetheless, the essentiality for journalists to contextualize hack-and-leak scenarios remains paramount, irrespective of their origins—be it state-sponsored agents seeking to destabilize elections and candidates or hacktivists propelled by noble motives.
When queried by Politico on the document acquisition, “Robert” purportedly advised discretion: “I suggest you don’t delve into the origin of these documents. Any disclosure could endanger me and legally hinder your ability to publish them.”
Perhaps, “Robert” is aware that journalists have assimilated the lessons from the past.
Compiled by Techarena.au.
Fanpage: TechArena.au
Watch more about AI – Artificial Intelligence
