A lone hacker claimed responsibility Wednesday for breaking into the Democratic National Committee (DNC) computer systems last summer and allegedly released the contents of the DNC’s opposition research files on Republican presidential candidate Donald Trump.
“Shame on CrowdStrike: Do you think I’ve been in the DNC’s networks for almost a year and saved only 2 documents? Do you really believe it?” hacker Guccifer 2.0 wrote in a WordPress blog, taunting the security firm brought in by the DNC to investigate and mitigate the intrusions, and which on Tuesday had published details of its investigation in a blog penned by CrowdStrike Co-founder and CTO Dimitri Alperovitch .
The DNC files, published in a WordPress blog by hacker with the moniker Guccifer 2.0, present the narratives that the organization could use to hammer the outspoken GOP nominee in the presidential election, including his positions on immigration and climate change as well as his lack of foreign policy experience.
CrowdStrike had attributed the intrusions to the work of two different but sophisticated hacking groups, Cozy Bear (aka CozyDuke or APT 29) and Fancy Bear (aka Sofacy or APT 28), both affiliated with the Russian government, but working separately. Alperovitch called the group’s tradecraft “superb” with “operational security second to none.” He said the groups’ “extensive usage of ‘living-off-the-land’ techniques enables them to easily bypass many security solutions they encounter.”
“I’m very pleased the company appreciated my skills so highly))) But in fact, it was easy, very easy,” Guccifer 2.0 wrote. “Guccifer may have been the first one who penetrated Hillary Clinton’s and other Democrats’ mail servers. But he certainly wasn’t the last. No wonder any other hacker could easily get access to the DNC’s servers.”
Guccifer 2.0 not only published files that purportedly came from a database on Trump but also what appeared to be financial records, the type of documents Guccifer 2.0 said DNC Chairwoman Debbie Wasserman Schultz claimed were not compromised.
In an update Wednesday, the security firm said it “stands fully by its analysis and findings identifying two separate Russian intelligence-affiliated adversaries present in the DNC network in May 2016.”
CrowdStrike acknowledged the claims of responsibility made by Guccifer 2.0 in a WordPress blog and said it is investigating the documents published. “Whether or not this posting is part of a Russian Intelligence disinformation campaign, we are exploring the documents’ authenticity and origin,” the company said. “Regardless, these claims do nothing to lessen our findings relating to the Russian government’s involvement, portions of which we have documented for the public and the greater security community.