FBI did not alert US officials of Russian hacking attempts
FBI did not alert US officials of Russian hacking attempts
All were caught up in a Russian government-aligned cyberespionage campaign. None was warned by the FBI.
The bureau repeatedly failed to alert targets of the Russian hacking group known as Fancy Bear despite knowing for more than a year that their personal emails were in the Kremlin’s sights, an Associated Press investigation has found.
“No one’s ever said to me, ‘Hey Joe, you’ve been targeted by this Russian group,’” said former Navy intelligence officer Joe Mazzafro, whose inbox the hackers tried to compromise in 2015. “That our own security services have not gone out and alerted me, that’s what I find the most disconcerting as a national security professional.”
The FBI declined to discuss its investigation into Fancy Bear’s spying campaign, but did provide a statement that said in part: “The FBI routinely notifies individuals and organizations of potential threat information.”
Three people familiar with the matter — including a current and a former government official — said the FBI has known the details of Fancy Bear’s attempts to break into Gmail inboxes for more than a year. A senior FBI official, who was not to authorized to publicly discuss the hacking operation because of its sensitivity, said the bureau had been overwhelmed by an “almost insurmountable problem.”
The AP conducted its own investigation into Fancy Bear, dedicating two months and a small team of reporters to go through a list of 19,000 phishing links provided by the cybersecurity firm Secureworks.
The list showed how Fancy Bear worked in close alignment with Kremlin interests to steal tens of thousands of emails from the Democratic Party, the AP reported this month.
But it wasn’t just Democrats the hackers were after.
The AP identified more than 500 US-based targets in the data, reached out to more than 190 of them and interviewed nearly 80 people, including current or former military personnel, Democratic operatives, diplomats or ex-intelligence workers such as Mazzafro.
Many were long-retired, but about one-third were still in government or held security clearances at the time of the hacking attempts. Only two told the AP they learned of the hacking attempts from the FBI. A few more were contacted by the FBI after their emails were published in the torrent of leaks that coursed through last year’s electoral contest. To this day, some leak victims have not heard from the bureau.
One was retired Maj. James Phillips, who was one of the first people exposed by the website DCLeaks in mid-2016. A year later, Philips has yet to hear anything from the FBI.
In fact he didn’t learn his emails were “flapping in the breeze” until two months after the fact, when a journalist called him to ask for comment.
“The fact that a reporter told me about DCLeaks kind of makes me sad,” Phillips said in a telephone interview.
Phillips’ story would be repeated again and again as the AP spoke to officials from the National Defense University in Washington to the North American Aerospace Defense Command in Colorado.
Among them: a former head of the Defense Intelligence Agency, retired Lt. Gen. Patrick Hughes; a former head of Air Force Intelligence, retired Lt. Gen. David Deptula; a former defense undersecretary, Eric Edelman; and a former director of cybersecurity for the Air Force, retired Lt. Gen. Mark Schissler.
Some targets of Fancy Bear’s spying said they don’t blame the FBI for not notifying them.
“The expectation that the government is going to protect everyone and go back to everyone is false,” said Nicholas Eftimiades, a retired senior technical officer at the Defense Intelligence Agency who teaches homeland security at Pennsylvania State University in Harrisburg and was himself among the targets.
But Charles Sowell, who previously worked as a senior administrator in the Office of the Director of National Intelligence and was targeted by Fancy Bear two years ago, said there was no reason the FBI couldn’t do the same work the AP did.
“It’s absolutely not OK for them to use an excuse that there’s too much data,” said Sowell. “Would that hold water if there were a serial killer investigation, and people were calling in tips left and right, and they were holding up their hands and saying, ‘It’s too much’?
EDITOR’S NOTE — Raphael Satter’s father, David Satter, is an author and Russia specialist who has been critical of the Kremlin. His emails were published last year by hackers and his account is on Secureworks’ list of Fancy Bear targets. He was not notified by the FBI.
UK warns dual nationals over travel to Iran, as France holds on envoy nomination
- Britain is seeking the release of Nazanin Zaghari-Ratcliffe, a project manager with the Thomson Reuters Foundation who was arrested in April 2016
- France will not name a new ambassador to Tehran before getting information from Iran following a foiled plot to bomb an Iranian opposition rally in Paris in June
LONDON: Britain on Wednesday advised British-Iranian dual nationals against all but essential travel to Iran, tightening up its existing travel advice and warning it has only limited powers to support them if detained.
The advisory came in tandem with France’s decision to hold off on appointing a new ambassador to Iran, as it seeks clarification over an attempt to bomb an Iranian opposition rally in Paris in June
“The Foreign Secretary (Jeremy Hunt) has taken the decision to advise against all but essential travel by UK-Iranian dual nationals to Iran,” a foreign office spokeswoman said in an emailed statement.
“British citizens who also hold Iranian nationality face risks if they travel to Iran, as we have seen all too sadly in a number of cases. The Iranian government does not recognize dual nationality, so if a dual national is detained our ability to provide support is extremely limited.”
Earlier this month Britain’s Middle East minister Alistair Burt used a visit to Iran to discuss cases of detained dual nationals, alongside other diplomatic issues.
Britain is seeking the release of Nazanin Zaghari-Ratcliffe, a project manager with the Thomson Reuters Foundation who was arrested in April 2016 at a Tehran airport as she headed back to Britain with her daughter, now aged four, after a family visit.
She was convicted of plotting to overthrow Iran’s clerical establishment, a charge denied by her family and the Foundation, a charity organization that is independent of Thomson Reuters and operates independently of Reuters News.
Meanwhile, France will not name a new ambassador to Tehran before getting information from Iran following a foiled plot to bomb an Iranian opposition rally in Paris last June, French officials said on Wednesday.
An Iranian diplomat based in Austria and three other people were arrested on suspicion of plotting the attack on a meeting of the National Council of Resistance of Iran (NCRI).
Iran has said it had nothing to do with the plot, which it called a “false flag” operation staged by figures within the opposition group itself.
The incident has hit relations just as France and its European partners are seeking to salvage a 2015 nuclear agreement between Tehran and world powers.
France’s ambassador to Iran departed in the summer. Iran has also yet to replace its departed ambassador to Paris.
“We have a charge d’affaires today in Tehran and there is a high-level dialogue between French and Iranian authorities,” said a French presidential source.
“We are working together to bring to light what happened around this event ... I wouldn’t say there is a direct link (in not appointing an ambassador), but Iran has promised to give us objective facts in the coming weeks that would allow us to pursue our diplomatic relationship as it is today.”
A French diplomatic source said the nomination had indeed been suspended as a result of the alleged plot.
France’s Foreign Ministry in August told its diplomats and officials to postpone non-essential travel to Iran indefinitely, citing the plot and a hardening of Tehran’s attitude toward France, according to an internal memo seen by Reuters.
President Emmanuel Macron is likely to discuss the issue with Iranian President Hassan Rouhani when they meet on Sept. 25 on the sidelines of the UN General Assembly, the source said.
Along with Britain and Germany, France is trying save a 2015 agreement on Iran’s nuclear program, which was thrown into disarray when US President Donald Trump pulled out of the accord in May and re-imposed economic sanctions on Iran.
Even so, tensions between Paris and Tehran have grown in recent months as Macron and his government have become increasingly frustrated with Iran’s activities in the Middle East region, in particular its ballistic missile program.