Page:Report On The Investigation Into Russian Interference In The 2016 Presidential Election, Volume I, reprocessed June 2020.pdf/57

 circumstances, it doesn't necessarily mean that the two are connected. But it is a very serious matter…that type of allegation is very serious, as it's taken very seriously by us."

After the U.S. intelligence community publicly announced its assessment that Russia was behind the hacking operation, Assange continued to deny that the Clinton materials released by WikiLeaks had come from Russian hacking. According to media reports, Assange told a U.S. congressman that the DNC hack was an "inside job," and purported to have "physical proof" that Russians did not give materials to Assange.


 * C. Additional GRU Cyber Operations

While releasing the stolen emails and documents through DCLeaks, Guccifer 2.0, and WikiLeaks, GRU officers continued to target and hack victims linked to the Democratic campaign and, eventually, to target entities responsible for election administration in several states.

1. Summer and Fall 2016 Operations Targeting Democrat-Linked Victims

On July 27, 2016, Unit 26165 targeted email accounts connected to candidate Clinton's personal office. Earlier that day, candidate Trump made public statements that included the following: "Russia, if you're listening, I hope you're able to find the 30,000 emails that are missing. I think you will probably be rewarded mightily by our press." The "30,000 emails" were apparently a reference to emails described in media accounts as having been stored on a personal server that candidate Clinton had used while serving as Secretary of State.

Within approximately five hours of Trump's statement, GRU officers targeted for the first time Clinton's personal office. After candidate Trump's remarks, Unit 26165 created and sent malicious links targeting 15 email accounts at the domain including an email account belonging to Clinton aide. The investigation did not find evidence of earlier GRU attempts to compromise accounts hosted on this domain. It is unclear how the GRU was able to identify these email accounts, which were not public.

Unit 26165 officers also hacked into a DNC account hosted on a cloud-computing service. On September 20, 2016, the GRU began to generate copies of the DNC data using function designed to allow users to produce backups of databases (referred to  as "snapshots"). The GRU then stole those snapshots by moving