The Plot to Hack America: How Putin's Cyberspies and WikiLeaks Tried to Steal the 2016 Election

FOREWORD

The 2016 presidential election was already surreal—a former reality TV host fueled by white backlash had completed a hostile takeover of the Republican Party—before the bears emerged.

By the summer, as the campaign intensified, a WordPress page operated by someone claiming the mantle Guccifer2.0 was dumping embarrassing emails and memoranda stolen from the Democratic National Committee. When the anti-secrecy organization Wikileaks did the same thing, Guccifer2.0 claimed credit as the source; Wikileaks has kept its sourcing obscure. But the leaks showed the Democrats’ political apparatus to be petty, vindictive and determined to anoint Hillary Clinton as the Democratic nominee despite grassroots enthusiasm for challenger Bernie Sanders. Chairwoman Debbie Wasserman Schultz resigned.

Then something unexpected happened.

Cybersecurity researchers analyzing the committee network breach noticed that the particulars of the attack showed distinct patterns for gaining access—familiar patterns. Their tools were prohibitively expensive for random hackers, particularly their use of previously unknown software flaws. Instead, the researchers concluded, the hack was the work of two well-known groups tied to Russian intelligence. They are known by the weird names Fancy Bear and Cozy Bear.

Intelligence professionals weren’t actually mad at the Russians for digitally breaking into the DNC. “That’s a valid intelligence target,” one cybersecurity analyst and Defense Intelligence Agency veteran told me. But usually they hoard stolen data, not spill it out onto the Internet. Suddenly, it looked like the bears had changed their game.

Attributing culpability for cyberattacks is difficult. Competent spy agencies labor to make it nigh-impossible. But it didn’t take long before Obama administration and congressional leaders started expressing with unusual certainty—off the record, of course—that Russia was behind the assault. A theory emerged. The Russians were putting a digital thumb on the scale of the US election to help the aforementioned reality-TV host—who just happened to be running on the most pro-Russia platform in GOP history.

As of this writing, the election is undecided. And there are knowledgeable cybersecurity researchers skeptical of Russian involvement. So here comes Malcolm Nance, an intelligence, counterterrorism, and national-security lifer, to sort out what’s known, what’s suspected, and what it all means. If you’ve read books like The Terrorists of Iraq and Defeating ISIS, you know Malcolm’s expertise. If you’ve seen his 2007 congressional testimony using his firsthand experience with waterboarding to call it torture—back when that was controversial—you know Malcolm’s integrity. And if you’ve spent any time with his fellow Navy senior chiefs, you know Malcolm’s bluntness.

It’s worth scrutinizing this bizarre episode in American politics and security. It’s unlikely to be a one-off event. After all, bears tend to go where they want—unless something stops them.