The FBI Botched Its DNC Hack Warning in 2016—but Says It Won’t Next Time
On April 28, 2016, an IT tech staffer for the Democratic National Committee named Yared Tamene made a sickening discovery: A notorious Russian hacker group known as Fancy Bear had penetrated a DNC server "at the heart of the network," as he would later tell the US Senate's Select Committee on Intelligence. By this point the intruders already had the ability, he said, to delete, alter, or steal data from the network at will. And somehow this breach had come as a terrible surprise—despite an FBI agent's warning to Tamene of potential Russian hacking over a series of phone calls that had begun fully nine months earlier.
The FBI agent's warnings had "never used alarming language," Tamene would tell the Senate committee, and never reached higher than the DNC's IT director, who dismissed them after a cursory search of the network for signs of foul play. That miscommunication would result in the success of the Kremlin-sponsored hack-and-leak operation that would ultimately contribute to the election of Donald Trump.
Four years later, the FBI and the community of incident response security professionals who often work with the bureau's agents says the FBI has significantly changed how it communicates with hacking victims—the better to avoid another DNC-style debacle. In interviews with WIRED, FBI officials never explicitly admitted to a failure in the case of the DNC's botched notification. But they and their private sector counterparts nonetheless described a bureau that has revamped its practices to warn hacking targets faster, and at a higher level of the targeted organization—especially in cases that might involve the upcoming election or the scourge of ransomware costing companies millions of dollars across the globe.