Cyberwar (2016) s02e02 Episode Script

Who Hacked the DNC

1 The most explosive hack in history.
An election becomes a battleground.
Once they hack, if you don't catch 'em in the act, you're not going to catch 'em.
Sources admit Russia's behind it under orders from Vladimir Putin.
This is the most successful covert influence campaign in recorded history.
This is Washington D.
C.
on the day Donald Trump is sworn into office.
The spectacle here seems to reflect all the controversies of the election campaign.
And will to the best of my ability And will to the best of my ability Preserve, protect, and defend Justice! Shut it down! The Constitution of the United States The Constitution of the United States - So help me God.
- So help me God.
So they're throwing concussion grenades.
Trying to get people outta here.
And people are throwing stones.
Jesus fucking Christ! Back up! Back up! This actually got pretty fucking serious.
There's riot cops everywhere.
And many who came out to protest today believe that none of this would've even been possible without the hidden hand of Vladimir Putin.
So is Trump a legitimate president in your eyes? The hack of the Democratic National Committee became huge news in July 2016, when WikiLeaks published nearly 20,000 emails stolen from the DNC servers.
Those emails revealed the supposedly neutral DNC was actively supporting Hillary Clinton and trying to undermine her opponent, Bernie Sanders.
But I'm on the hunt to find the actual DNC hackers and understand just what's going on in this geopolitical game with Russia.
First, I wanna talk to an expert American spook and get his spin on the story.
Here in Washington at the epicentre of the intelligence community in the United States, everybody s really sure that it was the Russians that did the hack.
So I thought I d talk to somebody who s pretty familiar with that community, Michael Hayden, who s not only an ex-NSA chief, but an ex-CIA chief as well.
Espionage is an accepted international practice.
Nation states steal other nation states' secrets.
If your nation doesn't do that, then it's not fulfilling its responsibilities to keep you safe.
For Soviet and American spies, the Cold War was actually pretty hot; stealing secrets, fuelling proxy wars, planning covert assassinations.
When the Soviet Union collapsed, America stopped worrying so much about its former superpower enemy.
Then 2016 happened.
And this has gone beyond espionage.
It's gone into covert influence, where they were trying to use the information they stole in order to create effects inside the American political process.
The DNC hired security researchers at Crowdstrike to investigate the breach.
They confirmed that two different groups of hackers had broken into the DNC s systems.
Both groups are allegedly closely linked with Russian intelligence agencies.
By October, the American government formally pinned the blame on Russia, but it wasn t until after the election that the US intelligence community revealed to get The Donald elected.
So then you're quite confident that this was Russia? There's no question? To be very, very clear, when the intelligence community, on a matter like this that's really in the spotlight, stands by its high-confidence judgement that this is what happened, I think we can take this one to the bank.
Hacking into the servers of the Democratic Party may have been standard operating procedure for the Russians.
But when the stolen files made their way to WikiLeaks and founder Julian Assange made the decision to publish, it was a game changer.
Thank you, WikiLeaks! Hillary cheats! Thank you, WikiLeaks! Hillary cheats! Thank you, WikiLeaks! Hillary cheats! So what, leaking that s breaking the rules? It is a completely different kind of action.
You have now gone from espionage to what we would have called a covert influence campaign, where you take the information, you wash it through third parties - DC Leaks, WikiLeaks, other fora - and you push this information out not to learn about a society - that's espionage - but to change the society.
Look, the American definition of covert action is activities designed to influence foreign, political, military or economic events in which it is intended that the hand of our government be hidden.
That's a perfect definition of what the Russians just did to us, and that's quite a different matter than my "honourable" international espionage.
And let me just step back with a little professional respect; this is the most successful covert influence campaign in recorded history.
- So you ran NSA and CIA.
- Right.
Did you have a Russia problem? 'Cause a lot of people talk about it being a new Cold War.
For it to be a Cold War would require Russia to be a peer.
But this isn't a strong state.
This is a state that's running out of the things it needs to be something strong in international affairs.
Let me come clean with you, alright? I went to over 50 countries as the director of the Central Intelligence Agency because they were important.
Not one of those countries was Russia.
If I had a weakness as director of CIA, it was probably I didn't pay enough attention to the Russians.
Russia s most visible interference may have been breaking into the DNC and releasing damaging material on Hillary Clinton.
But in reality, the influence campaign was much wider and deeper than most people even realize, reaching as far as primary races in crucial swing states.
In the lead-up to the 2016 election, someone hacked into the servers of the Democratic National Committee and handed a trove of documents to WikiLeaks.
This is like Watergate, only now in cyber time.
Online, a person or persona calling himself Guccifer 2.
0 took responsibility, and claimed he was a lone hacker.
But US officials believe he was actually a front for Russian intelligence.
But the DNC wasn t Russia s only target; Russian hackers also broke into the lesser-known Democratic Congressional Campaign Committee.
Insiders call it the DCCC.
It s an organization that works to elect Democrats to the US House of Representatives.
In August, Guccifer 2.
0 started leaking DCCC documents related to primary races here in the swing state of Florida.
Have you ever played dominoes? Oh yeah, I love dominoes.
Not with these guys.
These guys are like experts.
They really add it all up in their brain, and usually they have big arguments too.
Oh, really? Yeah, like you know, over politics and stuff.
You can hear a lot of political conversations going on.
Annette Taddeo was hoping to represent the Democratic Party in the general election.
But documents uncovered by hackers revealed something similar to what was discovered at the DNC: the Party establishment was actively supporting her over her Democratic rival.
Taddeo believes the documents hurt her campaign, and eventually cost her the nomination.
I remember asking the Democratic Congressional Campaign Committee, "Are we affected?" "No, no, no, we're not affected, we're fine.
" Those were the famous last words.
Yeah, you were affected! Until I got that text message on my way to a TV interview, where they said, "The DCCC has been hacked, your campaign specifically, and we don't really know what's out there.
" - How'd that hit you? - Scary.
I felt like I was naked to the world because everything was out in the open.
It's like if you're a football team preparing for the Super Bowl, you have your playbook, and all of a sudden, you know, they steal your playbook and everybody can see it, including your opponent.
I think that just like there are laws that say if you steal the recipe for Coca-Cola, you you know, you can get in trouble if you publish this information.
Just because somebody gives it to you, doesn't mean that you can just publish this information.
Why is it that when it comes to campaigns, you can get stolen information and yet not get in trouble for publishing it? I think that that should not be allowed.
But publishing leaked information is an American tradition, and details from the hacked documents appeared in papers across South Florida.
And though the hackers may have been Russian, in this case, the leaker was American; an infamous local Florida blogger who was in direct contact with Guccifer 2.
0.
Aaron Nevins is a former Republican operative who blogs under the alias Mark Miewurd".
You know, for an obscure blog in Florida that was publishing salacious details about Florida politicians, you got a pretty big scoop.
How did that happen? I you know, ask and ye shall receive, like the Bible says.
The hacker or hackers put out a a blog post saying, "Contact me if you want more information.
" So I sent a direct message that basically said, "I'm happy to If you have anything Florida-specific, I'm happy to release it.
" So just to be clear, what exactly did Guccifer 2.
0 give you? Like how many documents are we talking about here? Oh, it was a lot, a lot of stuff.
And that's one of the reasons why I started parceling it out to the papers here around the state, because it was every single congressional district divided by district, and a folder on each.
- Gigabytes we talking here? - Gigabytes.
And they're on my Dropbox still.
So why don't you show me these messages you got that you sent to Guccifer.
Sure.
Um, you can see the first one.
"Feel free to send any Florida-based information to editor FLA" - Got it.
- Dot com.
"Hi, thank for your info.
There'll be no viruses.
" "Even just for lulz, ha ha ha.
" "Holy fuck, man, I don't think you realize what you gave me.
" So I can see you're kind of freaking out a little bit.
Yeah.
Oh, "You owe me a million.
" There it is.
So, races that I've worked on, where they ve done this type of data to find the what we would call "persuadables", that's the huge million dollar value.
It's the swayable people, that's what you're after.
It's the swayable people.
That document gave a pretty good road map for the entire state of Florida as to where the Democrats will be deploying their resources.
So you just coughed up the playbook basically.
Basically.
For the first two days as I was parceling it out, looking through it, trying to figure out what exactly I had, the only thing that was going through my mind was when's the FBI gonna kick down my door? Do you feel like you might've been kind of a a tool of a foreign state? Nah, I don't think that, because it was all You gotta remember, it was all Americans who were who were releasing the information, and who were using the information.
But in reality, this was not an all-American effort.
And to find out who did the actual hacking, and how the Russian government hides its fingerprints, I m heading to Moscow.
Based on uniform intelligence assessments, the Russians were responsible for hacking the DNC.
Before handing power over to Trump, Obama outright blamed Russia for the hack.
I m in Moscow, hunting down the hackers who actually pulled that off.
I ve worked all my sources, and I ve finally met someone who claims he has direct knowledge of the attack.
He seems well known in the Russian hacking community, but to protect his identity I can t say much more about him.
This is what he told me.
Tell me who you are.
I know you can't say exactly who you are, but why don't you describe to me who you are and what you do.
Have you ever been offered to work for Russian intelligence before? How does that happen? Could you kinda describe that scene for me? So you do work with Russian intelligence then? Or you have? You know, it's funny, 'cause I deal with spies a lot.
And when they say that, that usually means yes.
I know the attack was at least partly a spear phishing operation.
Basically, two groups linked to Russian intelligence - codenamed Cozy Bear and Fancy Bear - sent fake emails to DNC workers.
Fancy Bear's messages prompted people to change and inadvertently reveal their email passwords.
But I want this guy to tell me if it was just that simple.
Did you get a chance to look at any of the malware that was used, or any of the operations that were suspected to be done by some of those hackers to get a sense of how sophisticated that actor was? What about the allegation that phishing emails had a lot to do with the DNC hacks? Do you think that's a possibility? I m still not sure why this man in the shadows who seemed so nervous agreed to be filmed in the first place, and our conversations raised more questions than they answered.
I started to get a little paranoid that Russian intelligence might be getting onto me and the story the biggest hack in history that was widely believed to directly involve them.
I heard the Russian government was aware of my reporting in Russia, and that's never good.
Then, like what s happened almost every time I ve started reporting from this country, the story somehow got murkier and weirder.
And if he s telling the truth, I m about to meet a guy who actually hacked the DNC.
Someone we made contact with at a Russian hacker meeting reached out to me, saying we needed to talk.
He claimed to work in the criminal underground and for the government, and said he had direct involvement in the DNC hack.
He instructed me to meet him in a remote town, so I hopped on a train.
So I'm on a train out of Moscow right now, and I can t really say where I m going or who I m speaking with because I really don t know who's listening to me right now.
Online, the person I met was eager to talk, cracking jokes and sending pictures.
But in person, what I saw was a chain-smoking stress case.
His desperation and vulnerability was unnerving to say the least.
So we re still negotiating.
It s been literally hours now, and he s refusing to go on camera, but he s agreed to answer questions off camera.
And I thought I was supposed to have just a chill banya interview, but this has now turned into him talking about fearing for his life.
So it s a pretty pretty intense scenario.
First he wanted money, then the promise of asylum in North America.
I told him I couldn t give him either.
Finally, he agreed to talk to me on the record, as long as there were no cameras or audio recorders.
An interpreter wrote down my questions in English and his answers in Russian.
This is a re-enactment of our conversation.
So what do you do day to day? So you re a malware writer? You put together spear phishing emails? And who do you do this for? And who do you work for? So you talk about these forums where someone comes in and commissions something.
Do you know who it is? Like someone in the government, FSB, GRU, Department K? I mean, how do you know people there are working for the state? If what this mysterious hacker is saying is true, then he would've been working with Fancy Bear.
That s the nickname given to a cyber espionage group that s allegedly linked to Russia s military intelligence agency, the GRU.
So you re part of Fancy Bear.
What do you do with the group? What s your role? So you hacked the DNC? And how many? Who ordered it? Do you not wanna talk about this stuff? For some of the hacks you ve done before, has the FSB ever hired you? But you have to wonder if the FSB's hired you or bought some of your services in the past, or the information that you've gotten.
Are you currently sitting inside of any American computer networks? Can you say which ones? So just to be clear, you ve hacked top 100 companies around the world, political parties This is all for money? Is the government protecting you, or are you afraid of them killing you or throwing you in jail for some of the hacks that you've done? But isn t that strange, since you ve helped the government? Why are you talking to us? Are you afraid to stay here? How do we know what you ve told us is even true? This might be the closest I ll come to the real source of the 2016 election hacks.
If this man is telling the truth, the US intelligence community was right; the Russian government did in fact order the attacks.
But the individual hackers behind the keyboards could have been freelancers who were hired or pressured into doing the work, or who didn t even know what they were doing.
And that is definitely the MO of Vladimir Putin.
The question is why, and what will America do next?