The head of the FBI is being asked to brief Congress about the bureau’s process for notifying Americans attacked by Russian cybercriminals after a new report revealed that only a fraction of current and former U.S. government officials were told they were targeted by state-sponsored hackers.
“I write to you with great concern about reports that the FBI failed to notify scores of U.S. government officials that they were the targets of hacking attempts perpetrated by a malicious actor linked to Russian military intelligence known as APT28, or ’Fancy Bear,’” Rep. Ted Lieu, California Democrat, wrote in a letter Tuesday to FBI Director Christopher Wray.
“The FBI apparently had knowledge of Russian efforts to break into officials’ personal Gmail accounts for over a year,” Mr. Lieu added, referencing a report published Monday by The Associated Press. “I respectfully request that you brief Members of Congress on the FBI’s reasoning for maintaining its silence and detail the Bureau’s policy regarding the notification of cyber intrusions affecting current or former U.S. government officials.”
The FBI did not immediately return an email seeking comment.
“When we receive the letter we’ll follow our usual procedure and provide any response to the member of Congress who made the request,” the FBI told The Washington Times later Tuesday.
The AP reported Monday that the FBI alerted only two of nearly 80 Americans targeted in recent years by Fancy Bear, a hacking outfit attributed with successfully breaching the personal email account of John Podesta, the campaign manager of Hillary Clinton’s unsuccessful 2016 presidential campaign, among other victims.
Three sources including both a current and former government official said the FBI knew about the operation for more than a year but didn’t warn its targets, including some who only learned they were at risk upon being contacted by the AP, the report said.
“As a computer science major and Member on the House Judiciary Committee, I have been deeply concerned about the breadth and complexity of the cybersecurity threats facing our nation. These threats often outpace our ability to track them, let alone combat them. However, given the FBI’s mission of protecting the United States from the malign efforts of ’foreign intelligence and espionage’ and ’cyber-based attacks,’ the FBI’s response to this advanced persistent threat appeared to have been deficient and demands further attention,” Mr. Lieu responded to the report.
“Failing to notify current or former U.S. officials of known cyberattacks hampers their ability to assess and mitigate damage. Threat actors can often glean useful data from private email accounts that is then used to conduct further attacks,” Mr. Lieu wrote.
Fancy Bears hacker attempted to breach the Gmail accounts of 4,700 targets ranging from American politicians to Russian critics of the Kremlin, according to SecureWorks, a private security firm that stumbled across internal details of the operation last year and provided them to AP for further analysis.
Targets of the hacking campaign were sent emails masqueraded as security warnings from Google asking them to enter their log-in credentials on a website controlled by Fancy Bear, according to security researchers. Some of the victims of the “spear-phishing” operation, such as Mr. Podesta, ultimately saw their personal correspondence published online by WikiLeaks, while others, including Colin Powell and former NATO commander Philip Breedlove, had their emails published on a site linked to Fancy Bear called “DC Leaks.”
Russia used both WikiLeaks and DC Leaks to release emails stolen from Americans hacked by its military intelligence, the U.S. Office of the Director of National Intelligence concluded in January. Russia has denied hacking U.S. targets, and WikiLeaks has denied obtaining victim data from Russia.
• Andrew Blake can be reached at ablake@washingtontimes.com.
Please read our comment policy before commenting.