WASHINGTON — American intelligence agencies have told the White House they now have “high confidence” that the Russian government was behind the theft of emails and documents from the Democratic National Committee, according to federal officials who have been briefed on the evidence.
But intelligence officials have cautioned that they are uncertain whether the electronic break-in at the committee’s computer systems was intended as fairly routine cyberespionage — of the kind the United States also conducts around the world — or as part of an effort to manipulate the 2016 presidential election.
The emails were released by WikiLeaks, whose founder, Julian Assange, has made it clear that he hoped to harm Hillary Clinton’s chances of winning the presidency. It is unclear how the documents made their way to the group. But a large sampling was published before the WikiLeaks release by several news organizations and someone who called himself “Guccifer 2.0,” who investigators now believe was an agent of the G.R.U., Russia’s military intelligence service.
The assessment by the intelligence community of Russian involvement in the D.N.C. hacking, which largely echoes the findings of private cybersecurity firms that have examined the electronic fingerprints left by the intruders, leaves President Obama and his national security aides with a difficult diplomatic and political decision: whether to publicly accuse the government of President Vladimir V. Putin of engineering the hacking.
Such a public accusation could result in a further deterioration of the already icy relationship between Washington and Moscow, at a moment when the administration is trying to reach an accord with Mr. Putin on a cease-fire in Syria and on other issues. It could also doom any effort to reach some kind of agreement about acceptable behavior in cyberspace, of the kind the United States has been discussing with China.
In an interview with Savannah Guthrie of NBC News on Tuesday, President Obama stopped short of accusing the Russian agencies from seeking to manipulate the election but said, “Anything’s possible.”
He noted that “on a regular basis, they try to influence elections in Europe.”
Stealing information about another country’s political infighting is hardly new, and the United States has conducted covert collection from allies like Germany and adversaries like Russia for decades. Publishing the documents — what some have called “weaponizing” them — is a different issue. Mrs. Clinton’s campaign has suggested that Mr. Putin was trying to even the score after the former secretary of state denounced a 2011 Russian election as filled with fraud.
“The first thing that the secretary of state did was say that they were not honest and not fair, but she had not even yet received the material from the observers,” Mr. Putin said at the time. “She set the tone for some actors in our country and gave them a signal,” Mr. Putin continued. “They heard the signal and, with the support of the U.S. State Department, began active work.”
Campaign officials have also suggested that Mr. Putin could be trying to tilt the election to Donald J. Trump. But they acknowledge that they have no evidence.
Asked on Tuesday at the Democratic convention in Philadelphia whether “there’s more to the Trump/Russian relationship that hasn’t come out,” John Podesta, the Clinton campaign chairman, said, “Well, he certainly has a bromance with Mr. Putin, so I don’t know.”
Mr. Podesta said that while Russia had a “history” of interfering in democratic elections in Europe, it would be “unprecedented in the United States.”
The Republican platform, adopted last week in Cleveland, calls on the United States to “respond in kind and in greater magnitude” to cyberattacks. “Russia and China see cyber operations as part of a warfare strategy during peacetime,” it says. “Our response should be to cause diplomatic, financial and legal pain.”
But the Trump campaign has dismissed the accusations about Russia as a deliberate distraction, meant to draw attention away from the content of nearly 20,000 emails and documents from the Democratic committee that WikiLeaks started releasing on Friday. They showed efforts to impugn Senator Bernie Sanders of Vermont in his effort to challenge Mrs. Clinton for the nomination.
On Twitter Tuesday night, Mr. Trump said that in order to deflect “the horror and stupidity of the Wikileakes disaster,” Democrats were saying: “Russia is dealing with Trump. Crazy!”
“For the record,” he said, “I have ZERO investments in Russia.”
Mr. Obama, in his interview with NBC News, criticized Mr. Trump for suggesting last week that the United States should not defend from Russian aggression any country that does not contribute sufficient funds to NATO. He said Mr. Trump was “undermining” the country’s post-World War II alliances in Europe.
Secretary of State John Kerry raised the cyberattack with his Russian counterpart, Sergey V. Lavrov, on Tuesday at a meeting of foreign ministers in Vientiane, Laos. Mr. Lavrov dismissed the idea that Russia was involved, telling reporters who asked about the charges: “I don’t want to use four-letter words.”
Mr. Kerry made no accusations, saying he had to allow the F.B.I. to “do its work” before he drew “any conclusions in terms of what happened or who’s behind it.”
The federal investigation, involving the F.B.I. and the intelligence agencies, has been going on since the Democratic National Committee first called in a private cybersecurity firm, Crowdstrike, in April.
Preliminary conclusions were discussed on Thursday at a weekly cyberintelligence meeting for senior officials. The Crowdstrike report, supported by several other firms that have examined the same bits of code and telltale “metadata” left on documents that were released before WikiLeaks’ publication of the larger trove, concludes that the Federal Security Service, known as the F.S.B., entered the committee’s networks last summer.
The G.R.U., a competing, military intelligence unit, was a later arrival. Investigators believe it is the G.R.U. that has played a bigger role in releasing the emails.
In an essay published on Lawfare, a blog that often deals with cyberissues, Susan Hennessey, previously a lawyer for the National Security Agency, called the published evidence about Russian involvement “about as close to a smoking gun as can be expected when a sophisticated nation-state is involved.”
Mr. Assange’s threat to release documents, she wrote, “means, put simply, that actors outside the U.S. are using criminal means to influence the outcome of a US election. That’s a problem.”
But American intelligence agencies have their doubts that the Russian intention, at least initially, was to sway the American election. The intrusion began just shortly after Mr. Trump announced his candidacy for the Republican nomination. At the time, his chances looked minuscule. One senior official noted that while the cyberattack might have been intended to embarrass Mrs. Clinton, who was the presumptive nominee, it could not have been aimed at bolstering Mr. Trump.
It is far from clear that Mr. Obama or the F.B.I. director, James B. Comey, would ever name Russia as the origin of the hack. Mr. Obama has only once accused a country of attacking an American organization, when he said North Korea was the source of the 2014 attack against Sony Pictures Entertainment. But the United States has no relationship with North Korea, and there was little to lose from identifying it.
In the case of Russia and China — countries with which the United States has complex relationships — Mr. Obama has in the past made the opposite decision. He never named the Russian intelligence agencies as the perpetrators of hacks on the State Department and White House unclassified email systems, or on the Joint Chiefs of Staff.
While the administration has called out the People’s Liberation Army of China for stealing intellectual property — even indicting officers of its now-inactive Unit 61398 — it never publicly accused the Chinese intelligence services of stealing the security-clearance files on more than 21 million Americans who held or applied for clearances.
By happenstance, the intelligence report on the Democratic National Committee hacking was circulating here the day that Mr. Obama issued a new policy, long in development, to organize the government’s response to major cyberattacks and to set up a six-point “grading system” to assess the severity of strikes against American companies, government agencies and organizations.
The action against the Democratic committee, they said, would qualify as a “significant cyber incident,” which was defined as one that causes “demonstrable harm to the national security interests, foreign relations or economy of the United States, or to the public confidence, civil liberties or public health and safety of the American people.”
Ranking the hacking in the pantheon of other penetrated networks is difficult. The top ranking under Mr. Obama’s system would be reserved for an attack that disabled American power grids, for example, akin to the suspected Russian attack on Ukraine’s electrical system in December. The attack on the Office of Personnel Management and Sony, which destroyed 70 percent of the studio’s computers, would also rank above the “category 3” level, which defines a “significant” attack.
But the ranking system does not mandate what kind of response the president would authorize. And it was designed before many in Washington imagined the use of cyberattacks to release information in the midst of a dizzying, and volatile, presidential campaign.
You must be logged in to post a comment Login