WASHINGTON – As the American presidential election entered the final stretch in 2016, a dozen Russian military intelligence officers were scattered throughout Moscow, unleashing a massive cyber operation to disrupt the vote.
That’s according to an indictment issued Friday that says the officers developed malicious computer code known as malware, hacked into Democratic Party computers and silently watched as unknowing staffers typed.
The Russians stole the Democrats’ secret files. They took snapshots of their screens. They used fake emails to dupe Hillary Clinton’s staffers into exposing their passwords.
And then, the indictment says, the Russians released their stolen information to the world.
Here’s a look at what’s in the indictment:
THE HACKING WAS CONNECTED TO THE HIGHEST LEVELS OF RUSSIAN GOVERNMENT
The indictment said Russia’s Main Intelligence Directorate of the General Staff — known as GRU — had multiple units that “conducted large scale cyber operations” to interfere with the 2016 U.S. presidential election.
One of the units was based on an unassuming side street in the Moscow suburb of Khimki, in a building referred to within the GRU as the “Tower,” according to the indictment. Another was based near central Moscow, not far from Defence Ministry headquarters.
Russian President Vladimir Putin has consistently asserted that Russia was not involved in the hacking or any attempt to interfere with U.S. elections. But GRU is part of the state machine, and their participation would indicate that Putin was closely involved in the effort.
THE HACKING WAS A SOPHISTICATED OPERATION
According to the indictment, the Russian hacking operation was so precise that they were able to pinpoint specific computers within the House Democratic campaign arm, the Democratic Congressional Campaign Committee, and the Democratic National Committee that stored information related to the election. They were able to search the computers for certain terms, like “Hillary,” ”Cruz,” and “Trump.” They also copied folders, including opposition research and field operation plans.
The Russians hid their involvement through fake email addresses and identities and a network of computers located around the world — including in the United States. They paid for their infrastructure using cryptocurrency.
TRUMP ASKED THE RUSSIANS TO HACK CLINTON — AND THEY DID
The indictment says the Russians used “spearphishing” — a technique used to steal passwords or otherwise gain access to computers — throughout the summer of 2016 to hack individuals associated with the Clinton campaign.
One attempt noted in the indictment appeared to come hours after Donald Trump suggested Russians look for Clinton’s emails. On the morning of July 27, 2016, Trump gave a speech in which he said “Russia, if you’re listening,” he’d love to get a look at the thousands of emails Clinton had said she deleted from her tenure as secretary of state.
The indictment points to a hacking attempt that same day, saying that “after hours” the Russians attempted to “spearphish for the first time email accounts at a domain hosted by a third-party provider and used by Clinton’s personal office.” Around the same time, the indictment says, they targeted 76 email addresses at the Clinton campaign’s domain.
In all, the indictment says the Russians targeted over 300 individuals associated with the Clinton campaign, the DCCC and the DNC.
THE RUSSIANS COMMUNICATED WITH A TRUMP-AFFILIATED PERSON
The indictment does not allege that that any Americans, including Trump campaign officials, were knowingly in contact with Russian intelligence officers. But it does say that Russians wrote to an unnamed person “who was in regular contact with senior members of the presidential campaign of Donald J. Trump.”
On August 15, 2016, the Russians wrote, according to the indictment: “thank u for writing back … do u find anyt(h)ing interesting in the docs i posted?”
Two days later, the Russians added, “please tell me if i can help u anyhow … it would be a great pleasure to me.”
In September, the Russians wrote the person again and referred to a stolen DCCC document posted online. “What do u think of the info on the turnout model for the democrats entire presidential campaign.”
The person responded, “(p)retty standard,” according to the indictment.
THE RUSSIANS STOLE VOTER INFORMATION
The indictment says the Russians hacked the website of a state board of elections and stole the information of roughly 500,000 voters, including names, addresses, partial Social Security numbers, dates of birth and driver’s license numbers. They also hacked into a national election vendor that supplied software used to verify voter registration information.
Federal officials have said state election sites in at least 18 states were probed by the Russians. The indictment adds county offices — specifically in Georgia, Florida and Iowa — to the list of election administration sites they allegedly visited “to identify vulnerabilities.”
Department of Homeland Security officials have said there is no evidence of any election results being tampered with during the 2016 intrusions.
Associated Press writers Eric Tucker and Lynn Berry in Washington and Frank Bajak in Pittsburgh contributed to this report.