By Raphael Satter, Jeff Donn and Desmond Butler | AP By Raphael Satter, Jeff Donn and Desmond Butler | AP November 27 at 5:43 a.m.
WASHINGTON – The targets of hackers: the former head of cybersecurity of the US Air Force UU A former director in the National Security Council. A former head of the Defense Intelligence Agency.
All were caught up in a cyberespionage campaign aligned with the Russian government. The FBI warned none.
The bureau did not repeatedly alert the targets of the Russian hacker group known as Fancy Bear despite knowing for more than a year that their personal emails were in full view of the Kremlin, according to an Associated Press investigation.
"No one told me: 'Hey Joe, you've been targeted by this Russian group,'" said former Navy intelligence officer Joe Mazzafro, whose inbox the hackers attempted to compromise in 2015. "That our own security services have not left and alerted me, that's what I find most disconcerting as a national security professional."
The FBI refused to discuss its investigation into Fancy Bear's espionage campaign, but provided a statement that said in part: "The FBI routinely notifies individuals and organizations of potential threat information."
Three people familiar with the matter, including a current and previous government official, said the FBI knew the details of Fancy Bear's attempts to enter Gmail's inboxes for more than a year. . A senior FBI official, who was not authorized to publicly discuss the piracy operation because of his sensitivity, said the office had been overwhelmed by an "almost insurmountable problem."
The AP conducted its own investigation into Fancy Bear, dedicating two months and a small team of journalists to review a list of 19,000 phishing links provided by the cybersecurity firm Secureworks.
The list showed how Fancy Bear worked closely with the interests of the Kremlin to steal tens of thousands of emails from the Democratic Party, the AP reported this month.
But it was not just the Democrats that the pirates pursued.
The PA identified more than 500 targets based on the US. UU In the data, he contacted more than 190 of them and interviewed about 80 people, including current or former military personnel, Democratic operatives, diplomats or former intelligence workers such as Mazzafro.
Many were retired for a long time, but about a third were still in government or have security clearances at the time of the piracy attempts. Only two told the AP that they knew about the FBI's piracy attempts. A few more were contacted by the FBI after their emails were published in the stream of leaks that went through last year's contest. To this day, some victims of leaks have not heard from the office.
One was withdrawn. Maj. James Phillips, who was one of the first people exposed by the DCLeaks website in mid-2016. A year later, Philips has not yet heard from the FBI.
In fact, he did not know that his emails were "waving in the breeze" until two months after the fact, when a journalist called him to ask for a comment.
"The fact that a reporter told me about DCLeaks saddens me," Phillips said in a telephone interview.
Phillips' story will be repeated over and over again as the AP spoke with officials from the National Defense University in Washington for the North American Aerospace Defense Command in Colorado.
Among them: a former head of the Defense Intelligence Agency, retired Lieutenant General Patrick Hughes; a former Chief of Intelligence of the Air Force, retired Lieutenant General David Deptula; a former undersecretary of defense, Eric Edelman; and a former cybersecurity director for the Air Force, retired Lieutenant General Mark Schissler.
Some Fancy Bear espionage targets said they do not blame the FBI for not notifying them.
"The expectation that the government will protect everyone and return to everyone is false," said Nicholas Eftimiades, a senior retired technical officer of the Defense Intelligence Agency who teaches national security at Pennsylvania State University in Harrisburg and It was one of the objectives.
But Charles Sowell, who previously worked as a senior administrator in the Office of the Director of National Intelligence and was targeted by Fancy Bear two years ago, said there was no reason why the FBI could not do the same job as AP itself. .
"It's not okay to use an excuse that there's too much data," Sowell said. "Would that stand if there was an investigation of serial killers, and people would ask for advice right and left, and they were raising their hands and saying, 'It's too much'?
" That's ridiculous. "
EDITOR'S NOTE – Raphael Satter's father, David Satter, is an author and specialist in Russia who has been critical of the Kremlin, his emails were published last year by hackers and his account is on the Secureworks list of Fancy Bear targets The FBI did not notify him
EDITOR'S NOTE _ One of a series of stories about the findings of an Associated Press investigation into Russian hackers who disrupted the US presidential election in 2016
Copyright 2017 The Associated Press, All Rights Reserved This material may not be published, transmitted, rewritten or redistributed.