WASHINGTON: Exactly seven months before the 2016 presidential election, Russian government hackers made it onto a Democratic committee’s network.
One of their carefully crafted fraudulent emails had hit pay dirt, enticing an employee to click a link and enter her password.
That breach of the Democratic Congressional Campaign Committee was the first significant step in gaining access to the Democratic National Committee network.
To steal politically sensitive information, prosecutors say, the hackers exploited some of the United States’ own computer infrastructure against it, using servers they leased in Arizona and Illinois. The details were included in an indictment released Friday by special counsel Robert Mueller, who accused the GRU, Russia’s military intelligence agency, of taking part in a wide-ranging conspiracy to interfere in the 2016 presidential election. The companies operating the servers were not identified in the court papers.
The Russians are accused of exploiting their access to inexpensive, powerful servers worldwide — conveniently available for rental — that can be used to commit crimes with impunity. Reaching across oceans and into networks without borders can obfuscate their origins.
The indictment painstakingly reconstructs the hackers’ movements using web servers and a complex bitcoin financing operation.
Two Russian hacking units were charged with tasks, including the creation and management of a hacking tool called “X-agent” that was implanted onto computers. The software allowed them to monitor activity on computers by individuals, steal passwords and maintain access to hacked networks. It captured each keystroke on infected computers and took screenshots of activity displayed on computer screens, including an employee viewing the DCCC’s online banking information.
From April to June 2016, the hackers installed updated versions of their software on at least 10 Democratic computers. The software transmitted information from the infected computers to a GRU-leased server in Arizona, the indictment said. The hackers also created an overseas computer to act as a “middle server” to obscure the connection between the DCCC and the hackers’ Arizona-based server.
Once hackers gained access to the DCCC network, it searched one computer for terms that included “hillary,” “cruz,” and “trump” and copied select folders, including “Benghazi Investigations.”
In emails, the hackers embedded a link that purported to be a spreadsheet of Clinton’s favorability ratings, but instead it directed the computers to send its data to a GRU-created website.
Meanwhile, around the same time, the hackers broke into 33 DNC computers and installed their software on their network. Captured keystrokes and screenshots from the DCCC and DNC computers, including an employee viewing the DCCC’s banking information, were sent back to the Arizona server.
The Russian hackers used other software they developed called X-Tunnel to move stolen documents through encrypted channels to another computer the GRU leased in Illinois.
Despite the use of US-based servers, such vendors typically aren’t legally liable for criminal activities unless it can be proved in federal court that the operator was party to the criminal activity.
A 1996 federal statute protects Internet vendors from being held liable for how customers use their service, and except for a few exceptions, provides immunity to the providers. The law is considered a key part of the legal infrastructure of the Internet, preventing providers from being saddled with the behemoth task of monitoring activity on their servers.
“The fact that someone provided equipment and or connectivity that was used to engage in data theft is not going to be attributed to the vendor in that circumstance,” Eric Goldman, a professor of law and co-director of the High Tech Law Institute at Santa Clara University School of Law, said. A notable exception, however, is if federal prosecutors are bringing a criminal charge for violations of a federal criminal law.
In that case, “we’re going to require a high level of knowledge of their activity or intent,” Goldman said.
When the DNC and DCCC became aware they had been hacked, they hired a cybersecurity firm, Crowdstrike, to determine the extent of the intrusions. Crowdstrike, referred to as “Company 1” in the indictment, took steps to kick the hackers off the networks around June 2016. But for months the Russians eluded their investigators and a version of the malware remained on the network through October — programed to communicate back to a GRU-registered Internet address.
“We do not have any information to suggest that it successfully communicated,” said Adrienne Watson, the DNC’s deputy communications director.
As the company worked to kick them off, GRU officials allegedly searched online for information on Company 1 and what it had reported about its use of X-Agent malware and tried to delete their traces on the DCCC network by using commercial software known as CCleaner. Though Crowdstrike disabled X-agent on the DCCC network, the hackers spent seven hours unsuccessfully trying to connect to their malware and tried using previously stolen credentials to access the network on June 20, 2016.
The indictment also shows the reliance of Russian government hackers on American technology companies such as Twitter, to spread its stolen documents.
The hackers also accessed DNC data in September 2016 by breaking into DNC computers hosted on the Amazon Web Services’ cloud. The hackers used Amazon Web Services’ backup feature to create “snapshots” that they moved onto their own Amazon cloud accounts. Amazon also provides cloud computing services for various government agencies, including the Central Intelligence Agency.
Russian hackers used US online infrastructure against itself
Russian hackers used US online infrastructure against itself
- The Russians are accused of exploiting their access to inexpensive, powerful servers worldwide
- The hackers accessed DNC data in September 2016 by breaking into DNC computers hosted on the Amazon Web Services’ cloud
Rising energy prices from the Iran war could help Russia pay for fighting in Ukraine
- Prices for Russia’s oil exports have risen from under $40 per barrel as recently as December to about $62 per barrel
- The halt in production of ship-borne liquefied natural gas, or LNG, by major supplier Qatar will sharply increase global competition for available cargoes — including those from Russia
FRANKFURT: The Iran war’s disruption of Middle East oil and gas supplies and soaring prices are strengthening Russia’s ability to profit from its energy exports, a pillar of the Kremlin’s budget and a key to paying for its own war in Ukraine.
Prices for Russia’s oil exports have risen from under $40 per barrel as recently as December to about $62 per barrel — first on fears of war and then due to interruption of almost all tanker traffic through the Strait of Hormuz, the conduit for some 20 percent of the world’s oil consumption.
Russian oil still trades at a considerable discount to international benchmark Brent crude, which has risen above $82 from the closing price of $72.87 on Friday, the eve of the attack on Iran by the US and Israel. However, Russian crude is now above the benchmark of $59 per barrel that was assumed in the Russian Finance Ministry’s budget plan for 2026. Oil and gas tax revenues account for up to 30 percent of the Russian federal budget.
Additionally, the halt in production of ship-borne liquefied natural gas, or LNG, by major supplier Qatar will sharply increase global competition for available cargoes — including those from Russia.
A change in fortunes
Russia had seen state oil and gas revenue fall to a four-year low of 393 billion rubles ($5 billion) in January and the budget shortfall of 1.7 trillion rubles ($21.8 billion) for that month was the biggest on record, according to Finance Ministry figures.
The lower revenue was due to weaker global prices and to deep discounts fueled by US and European Union hindrance of Russia’s “shadow fleet” of tankers with obscure ownership used sell oil to its biggest customers, China and India, in defiance of a Western-imposed price cap and sanctions on Russia’s two biggest oil companies, Lukoil and Rosneft.
Economic growth has stagnated as massive military spending has leveled off. President Vladimir Putin has resorted to tax increases and increased borrowing from compliant domestic banks to keep state finances on an even keel in the fifth year of the war.
“Russia is a big winner from the war-related energy turmoil,” said Simone Tagliapietra, energy expert at the Bruegel think tank in Brussels. “Higher oil prices mean higher revenues for the government and therefore stronger capability to finance the war in Ukraine.”
Amena Bakr, head of Middle East and OPEC+ insights at data and analytics firm Kpler, writes: “With Middle East barrels facing logistical disruption, both India and China face strong incentives to deepen reliance on Russian supply.”
Additionally, the price of future delivery of natural gas has skyrocketed in Europe, raising questions about EU plans to put an end to imports of Russian LNG by 2027 — reviving bad memories of a 2022 energy crunch after Moscow cut off most supplies of pipeline gas due to the war.
Length of strait’s closure is the key factor
Much depends on how long the Strait of Hormuz remains closed to most ship traffic, said Alexandra Prokopenko, an expert on the Russian economy at the Carnegie Russia Eurasia Center in Berlin.
A quick exit from the conflict would return Brent prices to roughly $65 per barrel and “a short-lived spike would not fundamentally change” Russia’s budget picture, she said. A middle scenario in which some shipping resumes and oil stabilizes at around $80 per barrel would give Russia “some fiscal relief,” depending on how long the higher prices last.
A long-term closure with Iranian strikes damaging refineries and pipelines could send oil to $108 per barrel, accelerate inflation and push Europe to the edge of recession. “This scenario would bring the largest windfall to Russia,” she said.
Even several weeks of interruption in Gulf LNG could lead to calls in Europe to suspend plans to ban new Russian supply contracts after April 25, said Chris Weafer, CEO of Macro-Advisory Ltd. consultancy.
“The EU is under even more pressure to work with the US to find a solution to the Ukraine conflict and, very likely, to consider easing the plan for a total block for Russian oil and gas imports,” he said. “Countries such as Hungary and Slovakia and those who have been big buyers of Russian LNG, will press for that review.”
In any case “the Russian federal budget will have a much better result in March,” Weafer said, due to lower discounts on Russian oil and “because there are eager buyers of Russian oil and oil products.”
Putin says European leaders have only themselves to blame
Putin said European governments were to blame for their energy predicament.
“What is happening today on the European markets, is, of course, above all the result of the mistaken policies of European governments in the energy sphere,” Putin said Wednesday on state TV.
He said that “maybe it would be more beneficial for us to halt (gas) supplies now to the European market, and leave for the markets that are opening and get established there,” adding that “it’s not a decision, but in this case what’s called ‘thinking out loud.’”
Putin said he would have the government to look into the issue.
Russia’s Deputy Prime Minister Alexander Novak said Wednesday that Russian oil was “in demand” and that Russia was ready to increase supplies to China and India, the Tass news agency reported.
The head of Russia’s sovereign wealth fund, Kirill Dmitriev, took a dig at European Commission President Ursula von der Leyen and EU foreign policy chief Kaja Kallas, writing on X that “surely the wise Ursula and Kaja have a backup LNG plan. Or maybe not.”
Belgium, France, the Netherlands and Spain have continued to import around 2 billion cubic meters of Russian LNG per month, and on top of that Hungary imports 2 billion cubic meters a month through the Turkstream pipeline across the Black Sea, Tagliapietra said. That would amount to 45 billion cubic meters in 2026, 15 percent of total gas demand for this year.
It’s “not easy to replace this in case the LNG market gets tighter with continued shutdowns in Qatar,” he said.
