Russia's involvement would be a 'watershed moment' in cyberespionage, a security expert said Credit: REUTERS/Rick Wilking The FBI has launched an investigation into the hacking of the Democratic National Committee’s computers, even as more evidence surfaced of possible Russian involvement in the attack.The data breach was first disclosed last month, when hackers published confidential DNC files, including opposition research on Republican presidential candidate Donald Trump.Then on Friday, Wikileaks published over 19,000 emails that were stolen from the DNC, some of which now threaten to damage the campaign of Democratic presidential candidate Hillary Clinton.The FBI confirmed on Monday that it was investigating the attack and said the perpetrators would be “held accountable.” “A compromise of this nature is something we take very seriously,” the agency said in a statement. The FBI declined to elaborate, but the outcome of its probe could have huge implications. If Russia is found responsible, it would mean a foreign state had tried to influence the outcome of a U.S. presidential election, said Justin Harvey, chief security officer at Fidelis Cybersecurity.“If a nation-state has crossed this line, and the FBI can show it was Russia, then it will be a watershed moment in cyber security,” he said. Some security investigators had already blamed Russia for the attacks, and that charge has now been echoed by the DNC and by Clinton’s campaign manager.“I don’t think it was coincidental that these emails were released on the eve of our convention here,” campaign manager Robby Mook said in an interview with CNN on Sunday, referring to the start of the Democratic National Convention in Philadelphia.Trump has espoused foreign policy views that could be favorable to Russia, giving it an incentive to undermine Clinton’s candidacy, the thinking goes.“You have Trump out there saying he may leave NATO,” Harvey noted. “Russia has tried for over half a century to dissolve NATO.”Security firm Crowdstrike, which was hired by the DNC to investigate the hack, has blamed the intrusion on two hacking teams with ties to the Russian government. Other firms including Fidelis have agreed with that claim.The cache of emails released by WikiLeaks on Friday adds to the belief that there was state-sponsored involvement. In early May, the emails show, Yahoo alerted a DNC consultant that her email account was likely being targeted by “state-sponsored actors.” The consultant had been in contact with journalists in the Ukraine about Trump’s campaign manager, Paul Manafort, apparently trying to establish an alleged link between Manafort and Russia.There’s still no “smoking gun” to prove Russia’s involvement, Harvey said. Fidelis reached its conclusion based on the malware that was used. The malicious code, including a reused IP address, was found in other attacks believed to have been carried out by the Russian hacking groups.Not everyone agrees with those findings. A lone hacker known as Guccifer 2.0 has tried to take credit for the breach and denies having any ties to Russia. To prove his claims, he leaked some stolen DNC documents last month and said additional files were sent to WikiLeaks for publication.But security experts are skeptical. Some believe Guccifer is part of a Russian-led misinformation campaign to divert blame from the country. Even if it turns out that state-sponsored hackers were not responsible in this case, they’ll have learned from the DNC breach, said Yonatan Striem-Amit, CTO at security firm Cybereason.“Nation-state actors are looking at this right now and realizing that they have a very important tool for political influence,” he said.Russian officials have flatly denied any involvement with the DNC breach. Related content feature How cybersecurity teams should prepare for geopolitical crisis spillover CISOs can anticipate and prepare for cyberattacks conducted by participants in geopolitical conflict such as the Israel/Hamas war by understanding the threat actors' motivations and goals. By Christopher Whyte Dec 05, 2023 12 mins Advanced Persistent Threats Advanced Persistent Threats Advanced Persistent Threats news analysis P2Pinfect Redis worm targets IoT with version for MIPS devices New versions of the worm include some novel approaches to infecting routers and internet-of-things devices, according to a report by Cado Security. By Lucian Constantin Dec 04, 2023 5 mins Botnets Hacker Groups Security Practices news Hackers book profit by scamming Booking.com customers Malicious elements are using Vidar infostealer to gain access to Booking.com’s management portal and defraud customers. By Gagandeep Kaur Dec 04, 2023 4 mins Cyberattacks opinion Proactive, not reactive: the path to ensuring operational resilience in cybersecurity The experience of the financial sector in dealing with threats is instructive to anyone in the cybersecurity space — there’s no substitute for getting out ahead of potential risks and problems. By Cameron Dicker Dec 04, 2023 6 mins Financial Services Industry Data and Information Security Security Practices Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe