The FBI and the Department of Homeland Security (DHS) on Thursday released a joint report detailing how federal investigators linked the Russian government to hacks of Democratic Party organizations.
The document makes clear reference to the hacks of the Democratic National Committee (DNC) and Hillary Clinton campaign chairman John Podesta, though it does not mention either by name.
The 13-page report provides technical details regarding tools and infrastructure used by Russian civilian and military intelligence services to “compromise and exploit networks and endpoints associated with the U.S. election, as well as a range of U.S. Government, political, and private sector entities.” (See the entire report below.)
The report, known as a “Joint Analysis Report” or JAR, refers to the Russian hacking campaign as “Grizzly Steppe.”
It comes as part of a slate of retaliatory measures against Russia issued Thursday by the Obama administration in response to the hacks, and expands on a joint statement issued by the two agencies in October, formally attributing the attacks to Russia.
In the October statement, officials described the the hacks and subsequent publication of stolen emails on WikiLeaks as an attempt to “interfere” with the U.S. election that is “consistent with the Russian-directed efforts,” but provided no evidence to support their assessment.
Private security firms provided more detailed forensic analysis, which the FBI and DHS said Thursday correlated with the IC’s findings.
“The Joint Analysis Report recognizes the excellent work undertaken by security companies and private sector network owners and operators, and provides new indicators of compromise and malicious infrastructure identified during the course of investigations and incident response,” read a statement.
The report identifies two Russian intelligence groups already named by CrowdStrike and other private security firms.