Sen. Marco Rubio announced during a Senate Select Intelligence Committee hearing today that members of his former presidential campaign were targeted by hackers from IP addresses located in Russia. Thomas Rid, a professor at King’s College, also testified at the hearing that Russian attacks on the Clinton campaign were more widespread than previously known.
Rubio said that members of his team were first targeted by Russian IPs in July 2016, shortly after he announced he would seek reelection to the Senate. He added that the targeting had continued as recently as yesterday. “Within the last 24 hours, at 10:45 a.m. yesterday, a second attempt was made against former members of my campaign team, again targeted from an IP address in Russia.” He added that the attack was unsuccessful.
It’s important to note that IP addresses alone are not sufficient to attribute a cyberattack. VPNs make it simple for a user to mask or change their IP address. An intelligence community report on Russian hacking listed a number of IP addresses involved in the DNC hack, 367 of which are exit nodes for the anonymity software Tor, according to The Intercept.
Rubio seemed surprised during an earlier session of the hearing when an FBI consultant said he may have “anecdotally suffered” from the efforts of online trolls targeting critics of Russia.
Rid conducted an analysis of the phishing links used to access the email accounts of DNC staffers and found that Russian intelligence officials targeted 6,730 people with approximately 19,315 links over the course of a year, Motherboard reports. Clinton and 102 members of her staff were targeted by the links between March 10 and April 7, 2016.
“GRU targeted Clinton’s personal account but she did not fall for the trick,” Rid said.
Rid added that Russian intelligence’s strategy was to target “existing weaknesses” in American culture. “The more polarized a society, the more vulnerable it is. America in 2016 of course was highly polarized,” he told the committee.
Emails exfiltrated from DNC staffers’ accounts were subsequently leaked on WikiLeaks, DCLeaks and other sites. Rid said WikiLeaks, Twitter and “overeager” journalists who were “aggressively covering the political leaks while neglecting or ignoring their provenance” were exploited by Russian intelligence to spread the information.