FBI Leaves It To Journalists To Notify US Government Targets Of Russian Hacking

from the all-the-small-things dept

The last year-and-a-half has provided plenty of evidence that the Russian government attempted to influence the 2016 presidential election. Unfortunately, most of the evidence confirming this has been delivered by entities outside the US government. The government has released reports but has omitted plenty of key details.

This hasn’t done much for those affected by Russia’s efforts. In almost every case, individuals targeted by Russian government-directed hacking entity Fancy Bear were made aware of this by journalists, not the FBI, despite the fact both had access to the same evidence.

The FBI failed to notify scores of U.S. officials that Russian hackers were trying to break into their personal Gmail accounts despite having evidence for at least a year that the targets were in the Kremlin’s crosshairs, The Associated Press has found.

Nearly 80 interviews with Americans targeted by Fancy Bear, a Russian government-aligned cyberespionage group, turned up only two cases in which the FBI had provided a heads-up. Even senior policymakers discovered they were targets only when the AP told them, a situation some described as bizarre and dispiriting.

“It’s utterly confounding,” said Philip Reiner, a former senior director at the National Security Council, who was notified by the AP that he was targeted in 2015. “You’ve got to tell your people. You’ve got to protect your people.”

The FBI refused to comment specifically on its disclosure efforts (or rather, the lack thereof). It offered no official excuse for its across-the-board lack of notification. Even the few that were notified could hardly be considered to be apprised of anything.

Rob “Butch” Bracknell, a 20-year military veteran who works as a NATO lawyer in Norfolk, Virginia, said an FBI agent visited him about a year ago to examine his emails and warn him that a “foreign actor” was trying to break into his account.

“He was real cloak-and-dagger about it,” Bracknell said. “He came here to my work, wrote in his little notebook and away he went.”

Despite evidence otherwise, the FBI claims it “routinely” notifies people and organizations about potential threats. The statement it issued to the AP would sound credible if it weren’t immediately disproved by results of the AP investigation. This lack of target notification dovetails nicely with the government’s handling of other disclosure efforts. The government says the same thing about the hardware and software vulnerabilities its intelligence agencies exploit. It claims to be very forthcoming about vulnerabilities and yet exploits it never informed affected tech companies about have been repeatedly leveraged to attack computers all over the world.

The FBI’s unofficial excuse for this lack of notification is unavailing:

A senior FBI official, who was not authorized to publicly discuss the hacking operation because of its sensitivity, declined to comment on timing but said that the bureau was overwhelmed by the sheer number of attempted hacks.

“It’s a matter of triaging to the best of our ability the volume of the targets who are out there,” he said.

This doesn’t explain why the AP was able to track down affected government employees and contractors — using less personal information than the FBI has access to — and inform those affected by Fancy Bear hacking. The AP unquestionably has less manpower available than the nation’s largest law enforcement agency. Certainly limiting its notification efforts to just this hacking effort allowed the AP to complete this task, but even in the face of multiple hacking attacks, the FBI should have been able to provide more notification. The “there’s too much to deal with properly” excuse doesn’t even impress former Intelligence Community members — people who definitely know about drowning in data.

Charles Sowell, who previously worked as a senior administrator in the Office of the Director of National Intelligence and was targeted by Fancy Bear two years ago, said there was no reason the FBI couldn’t do the same work the AP did.

“It’s absolutely not OK for them to use an excuse that there’s too much data,” Sowell said. “Would that hold water if there were a serial killer investigation, and people were calling in tips left and right, and they were holding up their hands and saying, ‘It’s too much’? That’s ridiculous.”

Phishig attempts aren’t murders, but the underlying assertion — there’s too much happening to do anything about — is still worthless. The FBI wants to be the go-to agency for national security issues as well as a key player in the cyberwar, but seems unwilling to perform the mundane, but necessary, tasks that accompany those noble pursuits. The boring parts of the job still need to be done. If the FBI seriously wants people to get behind its counterterrorism efforts and cybersecurity work, it needs to make a better effort getting behind the people affected by those the agency is targeting.

Filed Under: , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “FBI Leaves It To Journalists To Notify US Government Targets Of Russian Hacking”

Subscribe: RSS Leave a comment
Vidiot (profile) says:

"The AP unquestionably has less manpower available…"

Budgets are tight… full-blown agents are expensive. Sounds like the FBI needs a squad of $8/hr part-timers to do what the AP did so easily. And with Home Depot jobs harder and harder to come by, imagine how many 60+ applicants they’d have! Boost American employment stats!

They could call them "Junior G-Men".

John E Cressman (profile) says:


Once again, misleading title. The fact of the matter is, there are agents of every government CONSTANTLY trying to hack us and every other government.

I’m not surprised they didn’t notify people however, their general policy is not to comment on an ongoing investigation. My HOPE is, they were monitoring those accounts, trying to track down the culprits but I have little faith in the FBI, or any other government agency.

Shane (profile) says:


Every government on the face of the earth attempts to influence American elections. That’s the whole point of using the US dollar as a global reserve currency you idiots.

Move on already. Sick and tired of every single outlet of any type anywhere spewing DNC party line bile.

You guys are even soft peddling the reversal of Net Neutrality. “Oh, don’t be too hard on Ajit Pai…. We don’t want to seem EXTREME…”


Anonymous Coward says:

Judging a book by the cover

“unwilling to perform the mundane, but necessary, tasks that accompany those noble pursuits. The boring parts of the job still need to be done.”

Not exactly. The FBI doesn’t have 1000’s of agents responding to these events. They barely have a few 100. Of those 100’s, they are likely broken down into country specific specialties: China, Iran, Russia, etc… Now take it down further into spear-phishing, malware, exploitation, etc.. So realistically, they probably have <15 people working.

Despite them being total asshats, they are doing the best they can. They also have responsibilities to business who work on behalf of the Gov as well.

The cyber game is as complicated as the encryption debate. So how does the FBI know if Fancy Bear is spear-phishing people? They are likely camping out on some sensitive information. Running around and telling EVERYONE they are being targeted is not realistic. The FBI is likely tracking TTPs and gathering further information to figure out what is happening on strategic level. They are triaging the problem.

I love me some FBI bashing; however, this is not as straight forward as we want it to be.

To comment on the “$8/hr part-timers”, what exactly do you propose? Do you want to hire a bunch of census-style people to do notifications? I just rolled my eyes at this. The media would sniff this out and then cyber actors would know they are being tracked and change TTPs making it difficult to detect them again.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...