Former FBI director James Comey's testimony is a solid reminder that the Russian hacking campaign went far beyond the Democratic National Committee and John Podesta.
When some think about the Russian government's interference in the 2016 US election, they may only really recall the caches of emails stolen from the Democratic National Committee and John Podesta, which Wikileaks and others subsequently dumped online. That's the aspect that received possibly the most media coverage, and probably faced the most intense fallout.
But as security researchers have previously found, and as former FBI Director James Comey reiterated in public testimony before the US Senate Intelligence Committee on Thursday, Russian hackers targeted many, many more organizations, possibly stretching to over a thousand entities.
"There was a massive effort to target government and near-governmental agencies, like non-profits," Comey said, adding that he first became aware of Russian "cyber intrusions" in the late summer of 2015.
When asked how many entities in total Russian hackers specifically targeted during their campaign, Comey added, "It's hundreds; I suppose it could be more than a thousand, but it's at least hundreds."
As Motherboard previously reported, researchers at cybersecurity company SecureWorks found that the hackers sent nearly 9,000 phishing links to around 4,000 individuals from October 2015 to May 2016. Comey's comments today underscore just how widespread the hacking effort was, and clarify that many organizations were targeted, in addition to the aforementioned individuals.
In a report earlier this week, The Intercept identified another alleged target: VR Systems, a company related to US voting infrastructure. Comey repeated that, while he was at the FBI, he saw no evidence that Russian hacking managed to directly manipulate votes.
Of course, attacks by Russian hackers didn't stop after the US elections. In fact, as Motherboard reported after Election Day, hackers with links to the Russian government launched a series of spear-phishing attacks a mere hours after Trump's victory speech.
Comey alluded to this fact in later testimony, saying, "it's a long term practice of theirs," referencing to interfering in elections.
"They'll be back."
This story was updated after publication to include information from the hearing as it continued.