Russian Operation to Subvert U.S. Election Included Hacking of Democratic House Candidates

Thursday, December 15, 2016
(graphic: Getty Images)

 

By Eric Upton and Scott Shane, New York Times

 

WASHINGTON — South Florida has long been a laboratory for some of the nation’s roughest politics, with techniques like phantom candidates created by political rivals to siphon off votes from their opponents, or so-called boleteras hired to illegally fill out stacks of absentee ballots on behalf of elderly or disabled voters.

 

But there was never anything quite like the 2016 election campaign, when a handful of Democratic House candidates became targets of a Russian influence operation that made thousands of pages of documents stolen by hackers from the Democratic Congressional Campaign Committee in Washington available to Florida reporters and bloggers.

 

“It was like I was standing out there naked,” said Annette Taddeo, a Democrat who lost her primary race after secret campaign documents were made public. “I just can’t describe it any other way. Our entire internal strategy plan was made public, and suddenly all this material was out there and could be used against me.”

 

The impact of the information released by the hackers on candidates like Taddeo in Florida and others in nearly a dozen House races around the country was largely lost in the focus on the hacking attacks against the Democratic National Committee and Hillary Clinton’s presidential campaign. But this untold story underscores the effect the Russian operation had on the American electoral system.

 

“This is not a traditional tit-for-tat on a partisan political campaign, where one side hits the other and then you respond,” said Kelly Ward, executive director of the DCCC. “This is an attack by a foreign actor that had the intent to disrupt our election, and we were the victims of it.”

 

Why the Russian government might care about these unglamorous House races is a source of bafflement for some of the lawmakers who were targeted. But if the goal of Russian President Vladimir Putin was to make American democracy a less attractive model to his own citizens and to Russia’s neighbors, then entangling congressional races in accusations of leaks and subterfuge was a step in the right direction.

 

The intrusions in House races in states including Pennsylvania, New Hampshire, Ohio, Illinois, New Mexico and North Carolina can be traced to tens of thousands of pages of documents taken from the DCCC, which shares a Capitol Hill office building with the Democratic National Committee.

 

The document dump’s effectiveness was due in part to a de facto alliance that formed between the Russian hackers and political bloggers and newspapers across the United States. The hackers, working under the made-up name Guccifer 2.0, used social media tools to invite individual reporters to request specific caches of documents, handing them out the way political operatives distribute scoops. It was an arrangement that proved irresistible to many news outlets — and amplified the consequences of the cyberattack.

 

“It’s time for new revelations now,” the Guccifer 2.0 website proclaimed, as it began to pass out the DCCC documents, trying to entice reporters to look at them on their own. “All of you may have heard about the DCCC hack. As you see I wasn’t wasting my time! It was even easier than in the case of the DNC breach.”

 

Cybersecurity consultants believe the hacking of the DCCC took place around March or April of 2016 after a staffer clicked on a so-called phishing email. The DCCC shut down its computer system for a week — from the moment it learned of the attack in June. But it was already too late to close the door. The consequences started to become clear in August when the hackers released the home addresses, cellphone numbers and personal email addresses of Democratic House members.

 

“As you are aware, the DCCC and other Democratic Party entities have been the target of cybersecurity intrusions — an electronic Watergate break-in,” the House minority leader, Nancy Pelosi, wrote in an email the day after the personal information was released. The email continued, “It has been widely reported that this cybersecurity incident is part of a Russian cyberattack which appears to be an attempt to interfere with our elections. We take this troubling situation very seriously and have notified the appropriate authorities, including the FBI and Sergeant-at-Arms.”

 

State troopers were sent to the homes of House Democrats across the United States, and they were urged to immediately change their cellphone numbers and personal email addresses, although this took place after many received a series of obscene calls, texts and emails.

 

But it turned out this was just a warning shot.

 

Guccifer 2.0 followed up on the release of lawmakers’ personal data with large caches of internal party documents, starting with some documents related to House races in Florida, including Taddeo’s contest.

 

The seats that Guccifer 2.0 targeted in the document dumps were hardly random: They were some of the most competitive House races in the country. In Taddeo’s district, the House seat is held by a Republican, even though the district leans Democratic and Clinton won it this year by a large majority.

 

To prepare for the race, the DCCC had done candid evaluations of the two candidates vying in the primary for the nomination. Those inside documents, bluntly describing each candidate’s weaknesses, are considered routine research inside political campaigns. But suddenly they were being aired in public.

 

Taddeo, one of the internal DCCC documents noted, had “proven to be a somewhat poor fundraiser and she has gained a reputation as an inadequate campaigner among some of the talkers in the community.”

 

Her Democratic opponent in the August primary, Joe Garcia, “also made a large misstep during the campaign saying ‘communism works,’ which did not sit well in an area with a large Cuban refugee population,” the document says. “More embarrassingly, Garcia was caught on a C-SPAN feed picking his earwax and seemingly eating it, and the video made the rounds on the internet.”

 

Garcia was the first to use the material as a tool to attack his opponent, showing up at a televised debate with a printout of the documents and accusing Taddeo of hiring a private detective to follow him, an allegation she disputed. It was the first of many attacks based on the leaked material.

 

After Garcia defeated Taddeo in the primary using the material unearthed in the hacking, the National Republican Campaign Committee and a second Republican group with ties to House Speaker Paul Ryan, turned to the hacked material to attack him.

 

In Florida, Guccifer 2.0’s most important partner was an obscure political website run by an anonymous blogger called HelloFLA!, run by a former Florida legislative aide turned Republican lobbyist. The blogger sent direct messages via Twitter to Guccifer 2.0 asking for copies of any additional Florida documents.

 

“I can send you some docs via email,” Guccifer 2.0 replied on Aug. 22, according to a cellphone screen shot of the message that the blogger, who writes under the pen name Mark Miewurd, provided to The New York Times. “Great! Editor@hellofla.com. I’m just getting my kid from school but I’ll be able to get it up pretty quick after I get it. Thanks!”

 

“Do u have a size limit?” Guccifer 2.0 replied, a question that led the Florida blogger to set up an anonymous Dropbox account so he could take thousands of pages of stolen information from the Russian operative, data that the blogger immediately recognized would have an extremely high strategic value for the Republicans.

 

“I don’t think you realize what you gave me,” the blogger said, looking at the costly internal DCCC political research that he had just been provided. “This is probably worth millions of dollars.”

 

Guccifer 2.0 wrote back: “Hmmm. ok. u owe me a million.”

 

By September, Guccifer 2.0 had expanded his releases to include documents related to House races in Pennsylvania, New Hampshire, Ohio, Illinois and North Carolina, working with individual political bloggers like Miscellany Blue in New Hampshire.

 

“Exclusive: Leaked DCCC documents reveal effort to replace Shea-Porter with ‘fresh face for 2016,'” said one of the first dispatches posted in New Hampshire, on Miscellany Blue, referring to Carol Shea-Porter, the Democratic candidate for the House, who ended up narrowly winning the seat, despite the intense criticism directed at her by Democratic leaders that was revealed by the leaks.

 

In Pennsylvania, the leaked documents showed that Democratic Party officials did not like their own candidate for one House seat — a local businessman named Mike Parrish — and worked aggressively to recruit an alternative. Parrish, the internal party documents noted, owned a company in Pennsylvania that had been sued eight times, had been delinquent on his taxes and had been named in a 2013 lawsuit “alleging racketeering and corruption,” the DCCC internal report said.

 

Concerned, the party tried to recruit a local businesswoman, Marian Moskowitz, to challenge Parrish. But Moskowitz ultimately declined to run for the seat, so the party was left with Parrish, whose standing was further hurt when the details about the Democrats’ misgivings about him drew coverage from bloggers and newspapers.

 

Parrish lost his bid for the seat.

 

Guccifer 2.0 even posted a cache of confidential documents focusing on Rep. Ben Ray Luján, D-N.M., the chairman of the DCCC, who faced no serious challenger this year. Luján said it was a clear effort to send a message to the party leadership — that the hackers wanted to try to hurt Democrats at all levels of the party, from lesser known races in Florida to the leadership.

 

After the first political advertisement appeared using the hacked material, Luján wrote a letter to his Republican counterpart at the National Republican Congressional Committee urging him to not use this stolen material in the 2016 campaign.

 

“The NRCC’s use of documents stolen by the Russians plays right into the hands of one of the United States’ most dangerous adversaries,” Luján’s Aug. 29 letter said. “Put simply, if this action continues, the NRCC will be complicit in aiding the Russian government in its effort to influence American elections.”

 

Pelosi sent a similar letter in early September to Ryan. Neither received a response. By October, the Congressional Leadership Fund, a super PAC tied to Ryan, had used the stolen material in another advertisement, attacking Garcia during the general election in Florida.

 

AshLee Strong, a spokeswoman for Ryan, said he did not control how the material was used in the ad, although she did not dispute that the material had been stolen as part of an act of Russian espionage. “Speaker Ryan has said for months that foreign intervention in our elections is unacceptable,” she said in a written statement.

 

At least some Republican players turned down a chance to exploit the material, including Rep. Ryan Costello of Pennsylvania, who was running for re-election in a contest where he faced off against Parrish and was aware of the unflattering material about his opponent that had become public.

 

“We believed it was neither necessary nor appropriate,” said Vincent Galko, a campaign consultant to Costello, “to use information from a possible foreign source to influence the election.”

 

Still, Parrish, in an interview Tuesday, said he believed that the document dumps hurt his candidacy. But as a former Army cavalry troop commander who served in West Germany in the final years of the Cold War, he said he was not surprised to learn that the Russians were behind the cyberattack.

 

“I’ve have been fighting Russians my entire life,” he said. “To me this is just a continued punch-counterpunch; the Cold War games are still being played.”

 

To Learn More:

U.S. Intelligence Data, Analyses and Briefings Scoffed at by President-Elect Trump (by David E. Sanger, New York Times)

Hacking Threats, Voting Restrictions, and Trump’s Call for Poll Monitors Generate Election Day Concerns (by Christina A. Cassidy, Associated Press)

Trump Campaign Chief Ran Covert U.S. Lobbying Operation on Behalf of Pro-Russian Ukrainian Leader that Undercut U.S. Policy (by Jeff Horwitz and Chad Day, Associated Press)

Russians Hack Into Democratic National Committee Computers (by Jack Gillum, Deb Riechmann and Julie Pace, Associated Press)

Comments

Leave a comment