FBI gave heads-up to only a fraction of Russian hackers’ US targets

WASHINGTON (AP) — The FBI failed to notify scores of U.S. officials that Russian hackers were trying to break into their personal Gmail accounts despite having evidence for at least a year that the targets were in the Kremlin’s crosshairs, The Associated Press has found.

Nearly 80 interviews with Americans targeted by Fancy Bear, a Russian government-aligned cyberespionage group, turned up only two cases in which the FBI had provided a heads-up. Even senior policymakers discovered they were targets only when the AP told them, a situation some described as bizarre and dispiriting.

“It’s utterly confounding,” said Philip Reiner, a former senior director at the National Security Council, who was notified by the AP that he was targeted in 2015. “You’ve got to tell your people. You’ve got to protect your people.”

FBI policy calls for notifying victims, whether individuals or groups, to help thwart both ongoing and future hacking attempts. The policy, which was disclosed in a lawsuit filed earlier this year against the FBI by the nonprofit Electronic Privacy Information Center, says that notification should be considered “even when it may interfere with another investigation or (intelligence) operation.”

Last week, the FBI declined to discuss its investigation into Fancy Bear’s spying campaign, but did provide a statement that said in part: “The FBI routinely notifies individuals and organizations of potential threat information.”

Three people familiar with the matter — including a current and a former government official — said the FBI has known for more than a year the details of Fancy Bear’s attempts to break into Gmail inboxes. A senior FBI official, who was not authorized to publicly discuss the hacking operation because of its sensitivity, declined to comment on when it received the target list, but said that the bureau was overwhelmed by the sheer number of attempted hacks.

“It’s a matter of triaging to the best of our ability the volume of the targets who are out there,” he said.

In the face of a tidal wave of malicious phishing attempts, the FBI sometimes passes on information about the attacks to service providers and companies, who can then relay information to clients or employees, he added.

The AP did its own triage, dedicating two months and a small team of reporters to go through a hit list of Fancy Bear targets provided by the cybersecurity firm Secureworks.

Previous AP investigations based on the list have shown how Fancy Bear worked in close alignment with the Kremlin’s interests to steal tens of thousands of emails from the Democratic Party . The hacking campaign disrupted the 2016 U.S. election and cast a shadow over the presidency of Donald Trump, whom U.S. intelligence agencies say the hackers were trying to help . The Russian government has denied interfering in the American election.

The Secureworks list comprises 19,000 lines of targeting data . Going through it, the AP identified more than 500 U.S.-based people or groups and reached out to more than 190 of them, interviewing nearly 80 about their experiences.

Many were long-retired, but about one-quarter were still in government or held security clearances at the time they were targeted. Only two told the AP they learned of the hacking attempts on their personal Gmail accounts from the FBI. A few more were contacted by the FBI after their emails were published in the torrent of leaks that coursed through last year’s electoral contest. But to this day, some leak victims have not heard from the bureau at all.

Charles Sowell, who previously worked as a senior administrator in the Office of the Director of National Intelligence and was targeted by Fancy Bear two years ago, said there was no reason the FBI couldn’t do the same work the AP did.  read more

SNIP: If I wanted to leak secrets to a foreign government or business, I would lower security standards. What were 0bama, Comey and the FBI leaking?