Russia has pledged retribution after the US turfed out dozens of diplomats and imposed sanctions over alleged cyberattacks aimed at skewing the presidential election.

Moscow has consistently denied it was behind the hacking and insists Washington has never provided any firm proof of its guilt.

Therein lies the problem: irrefutable evidence determining the identity of the hackers and the reason for their attacks is hard, if not impossible, to find.


Here is what is known so far about the “who, what and why” of the hacking strikes during the recent US election campaign.

Who hacked what? 

— In May, US National Intelligence Director James Clapper warns of cyberattacks against the campaigns, without specific reference to any source.

— On June 15, CrowdStrike, a cybersecurity firm hired by the Democratic National Committee to investigate break-ins in its computer systems, points to two separate Russian intruders.

“Both adversaries engage in extensive political and economic espionage for the benefit of the government of the Russian Federation and are believed to be closely linked to the Russian government’s powerful and highly capable intelligence services,” it says.

CrowdStrike says hacking entity Cozy Bear, linked to Russia’s GRU military intelligence agency, intercepted Democratic Party communications from June 2015 on, while Fancy Bear, linked to Russia’s security service (FSB), targeted and stole DNC dossiers related to then Republican frontrunner Donald Trump beginning in March.


A month later, the WikiLeaks website begins publishing the pirated material.

— On September 5, US President Barack Obama warns Russian President Vladimir Putin over the hacking during a private meeting in China, according to US officials.

— On October 7, the 17 US intelligence agencies conclude the Russian government is behind the cyberattacks and that they are “intended to interfere with the US election process”.

Meanwhile, WikiLeaks publishes a near-daily dose of emails stolen from the Gmail account of John Podesta, chairman of Hillary Clinton’s campaign, up until just before the election. SecureWorks, another cybersecurity consultant, says Podesta’s emails were hacked by the same groups who hacked the DNC.


— On December 9-10, the Washington Post and New York Times report that the CIA concluded Moscow intended to help Trump’s campaign by releasing the hacked material.

The billionaire president-elect dismisses the CIA conclusion as “ridiculous”. Russia denies all claims.

— On December 12, leading Congressional lawmakers call for an investigation into Russia’s role in the cyberattacks.

— On December 15, Republican Senator Lindsey Graham reveals his campaign accounts were also hacked by Russians ahead of the November vote.

— On December 29, Obama announces a barrage of punishment for Moscow over the alleged attacks, including the deportation of 35 suspected intelligence agents and sanctions against the GRU and FSB intelligence agencies.


The FBI and Department of Homeland Security also release a briefing to provide “technical details regarding the tools and infrastructure used by the Russian civilian and military intelligence Services to compromise and exploit networks and endpoints associated with the US election.”

Could Russia pull this off? 

The talents of Russian state-serving hackers are now the stuff of legend.

Descended from the tradition of Soviet economic espionage, they broadened the scope to also probe and punish political targets.


Russia was blamed for a cyberattack on Estonia in 2007, when the Baltic state’s main internet sites crashed after being flooded with surplus requests, in a so-called distributed denial of service, or DDoS, attack. It knocked out the national emergency hotline for more than an hour.

Other Russian neighbours including Ukraine and Georgia, as well as states which have strained relations with Moscow, have endured similar attacks.

The US election hacking looks like a Russian state-sponsored strike, Andrey Soldatov, editor-in-chief of and a specialist on Russian secret services and cybercrime, told AFP.


“Given Russia’s history of cyberattacks, I would think this is a case of coordination between private and government actors, involving informal actors coordinated by those at the highest levels,” Soldatov said.

The campaign hackers did not need innovative technical skills to strike; simple “phishing” emails, which invite email readers to click on a link, were enough to get the hackers in.

All for Trump? 

Experts have not converged on whether Russia set out to help Trump clinch a White House victory, as Clinton’s team says.

Soldatov says it is likely that the Kremlin sought to weaken the position of the former secretary of state, whom it views as “a kind of sworn enemy” and has blamed for inciting unrest after Russia’s own elections in 2011.

“But I’m not certain the principal goal was to get Trump elected. These guys at the Kremlin are believers in conspiracy theories,” he said, noting that up until the November 8 vote Moscow had warned that potential voter fraud could steal the election from Trump.

(Feature image source: Reuters)