Jailed Russian says he can prove hack of DNC on Kremlin's orders
Washington: A jailed Russian who says he hacked into the Democratic National Committee computers on the Kremlin's orders to steal emails released during the 2016 US presidential election campaign now claims he left behind a data signature to prove his assertion.
In an interview with Russia's RAIN television channel made public on Wednesday, Konstantin Kozlovsky provided further details about what he said was a hacking operation led by the Russian intelligence agency known by its initials FSB. Among them, Kozlovsky said he worked with the FSB to develop computer viruses that were first tested on large, unsuspecting Russian companies, such as the oil giant Rosneft, later turning them loose on multinational corporations.
Photographers stand as Hillary Clinton, 2016 Democratic presidential nominee, is seen speaking on a screen during the Democratic National Convention (DNC) in Philadelphia. Her campaign was marred by the hack.
Kozlovsky first came to public attention in early December when word spread about his confession in a Russian courtroom in August that he was the person who hacked into DNC computers on behalf of Russian intelligence.
He was jailed earlier this year, alleged to have been part of a hacking group there that stole more than $US50 million ($64 million) from Russian bank accounts through what's called the Lurk computer virus.Earlier this month, the alleged hacker posted to his Facebook page a transcript and an audio recording of his confession during a pre-trial court hearing. He also confessed online to having hacked investigators looking into the crash of Malaysia Airlines Flight 17, brought down in July 2014 by a missile near the disputed Ukrainian border with Russia.
In written answers from jail made public by RAIN TV, a Moscow-based independent TV station that has repeatedly run afoul of the Kremlin, Kozlovsky said he feared his minders might turn on him and planted a "poison pill" during the DNC hack. He placed a string of numbers that are his Russian passport number and the number of his visa to visit the Caribbean island of St Martin in a hidden .dat file, a generic data file.That allegation is difficult to prove, partly because of the limited universe of people who have seen the details of the hack. The DNC initially did not share information with the FBI, instead hiring tech firm CrowdStrike, run by a former FBI cyber leader.
That company has said it discovered the Russian hand in the hacking, but had no immediate comment on the claim by Kozlovsky that he planted an identifier.
The newest allegations are potentially significant. If the FSB did in fact direct Kozlovsky, then it debunks Russian President Vladimir Putin's assertion that his government had nothing to do with hacking that all major US intelligence agencies put at his feet.
Russia hacker Konstantin Kozlovsky during his arrest.
It also calls into question the belief the hack was conducted directed from central offices. Kozlovsky says he worked largely from home, with limited knowledge of others and that the political hack was just part of larger relationship with the FSB's top cyber officials on viruses directed at other countries and the private sector.
"Based on my experience and understanding of professional intelligence operations, the blending of criminal activity with sanctioned intelligence operations is an old page out of the Russian intelligence-services playbook," said Leo Taddeo, chief information security officer for Cyxtera Technologies and a former head of cyber operations in the FBI's New York office."What the defendant [in Russia] is describing would not be inconsistent with past Russian intelligence operations."
Kozlovsky's claims include an assertion that for the past seven years he was under the control of Major General Dmitry Dokuchayev, who he said gave him orders to breach the DNC servers to interfere in the US election process.
A federal court in San Francisco in February issued an arrest warrant for Dokuchayev for his alleged role in a hack of Yahoo accounts. A month later the FBI put the former hacker-turned-spy on a Wanted poster for his alleged role in directing hackers. He was arrested in Russia in late 2016 on treason charges in a high-profile incident that included the arrest of another FSB cyber leader.
Kozlovsky told RAIN TV that he had a relationship with Dokuchayev that preceded the latter's rise to a prominent post in the FSB.