By Debbie Gregory.
When former Marine Capt. Robert Johnston chose computer science as his major at the Naval Academy in Annapolis, Maryland, he had no idea how that decision would impact our nation.
During his service in the Marine Corps, Johnson directed the Marine Corps Red Team, which tries to hack into the Corps computers to test its defenses. As a civilian, Johnson led the private security team that investigated the hacking of the Democratic National Committee’s (DNC) servers, coming to the conclusion that Russian intelligence was indeed responsible.
In 2015, Johnston was leading newly formed Cyber Protection Team 81, based in Fort Meade, Maryland, as part of the military’s Cyber Command (Cybercom) when a malware attack against the Pentagon had reached the unclassified computers of the Joint Chiefs of Staff. Johnston helped the Joint Chiefs firm up security measures.
He left the Marine Corps in November 2015, and signed up to work for CrowdStrike, a well-known cyberprotection company.
In April, 2016, the DNC IT department became convinced that there was a hacking problem, and they called CrowdStrike.
Johnston found that their computer systems had been fully compromised by two attacks. Malware from the first attack had been festering in the DNC’s system for a whole year. The second infiltration was only a couple of months old. Both sets of malware were associated with Russian intelligence.
CrowdStrike and the DNC gave the story to the Washington Post, and on June 14, 2016, the Post published the story: “Russian government hackers penetrated DNC, stole opposition research on Trump.”
In retrospect, Johnston thinks the Washington Post story accelerated the hackers’ timeline.
“I believe now that they were intending to release the information in late October or a week before the election,” Johnson said. “But then they realized that we discovered who they were. I don’t think the Russian intelligence services were expecting it, expecting a statement and an article that pointed the finger at them.”
In July 2016, WikiLeaks began to release thousands of emails hacked from the DNC server. Johnson’s analysis laid the groundwork for what would eventually lead to the investigation of Russia’s intervention into the U.S. presidential election.