For example, past attacks by Fancy Bear show consistent use of the Russian language in developing its malware. Their targets have included NATO and Eastern European governments, with a focus on stealing political and military data, as opposed to intellectual property -- more typically a target of Chinese hackers.
Targeting the DNC could obviously align with Russia's goals, as one of the U.S.'s biggest geopolitical opponents.
Russian officials have flatly denied any involvement, but that doesn't tell us much one way or the other.
A lone hacker, Guccifer 2.0, has sought to take credit for the DNC hack, claiming it was "easy, very easy," and leaking several documents to back up his claim. Some media reports say the hacker is Romanian and dislikes Russians.
Not everyone believes the claims. On Tuesday, the DNC itself said the leaked files may be “part of a disinformation campaign by the Russians.”
In Guccifer 2.0's first post, the hacker mocked CrowdStrike, the security firm that claimed Russians were behind the breach, and denounced unspecified "illuminati" and their “conspiracies.”
“Together we’ll be able to throw off the political elite, the rich clans that exploit the world!” the hacker wrote in another posting.
Johnson sees the timing of Guccifer's appearance as too convenient.
“It’s a very timely cover-up,” he said. “It seems a little too staged.”
Buratowski agreed. He noted that Guccifer 2.0 could be one person or multiple people belonging to a larger group. Metadata found within the leaked DNC documents included snippets of Russian.
“There’s always the possibility that [Guccifer 2.0] is just a smokescreen to divert attention from the real actors,”Buratowski said.
Sign up for Computerworld eNewsletters.