It’s one of the hottest questions circulating among cyberpunks, political junkies, and Facebook opinion-makers.

On Wednesday, October 12, 2016, Charlie Rose asked it of John Carlin, the now-former Assistant Attorney General and chief of the U.S. Department of Justice National Security Division.

“How did we determine that the Russians were behind the hacking of the DNC and perhaps John Podesta as well?”

Carlin’s long and not-quite-direct answer starts during the 2008 presidential election, when he briefed representatives from the Obama and the McCain campaigns on the fact that both had been “compromised” by Chinese hackers.

Neither campaign was aware of the breach. But Carlin and the FBI knew, in part due to the use of “sensitive sources and methods to collect the information.” Those sources and methods had to remain secret.

“At that time,” Carlin notes, “we had known for a while that China, in particular, was committing economic espionage.”

The feds weren’t saying so publicly. Cyberattacks on the 2008 campaigns were treated as an intelligence problem, “as a secret issue, as it had for years when it came to spy versus spy.”

Carlin, who was then Special Counsel to the Director of the FBI, was able to observe up close the intelligence-gathering capabilities, in real-time, of his colleagues.

“How did we determine that the Russians were behind the hacking of the DNC and perhaps John Podesta as well?”

He describes “a system where you could watch on a huge jumbotron screen, Chinese actors, for instance, hop into a university, hop from the university into a company, and then you’d watch the data exfiltrated out of the United States.”

That’s literally billions of dollars worth of intellectual property and trade secrets. It wasn’t enough, however, to just watch it happen.

Interdiction and disruption became the order of the day as the Justice Department learned to address cyberthreats.

During his nearly 20 years with the Justice Department, Carlin, also former Chief of Staff to FBI Director Robert Mueller, prosecuted cybercriminals, including indictments of five Chinese military hackers for economic espionage in 2014 and terrorists such as the Boston Marathon bombers.

His last project involved crafting a “proportional response” to Russia after the U.S. government officially accused it of hacking the Democratic National Committee, leaking files and attempting to influence the presidential election.

Carlin stepped down on October 15 as the head of the Justice Department’s National Security Division, which was created as part of the reforms pushed through in the aftermath of the September 11, 2001, terrorist attacks “because of a failure to share information across the law enforcement and intelligence divide.”

In the new model, prosecutors work literally side by side with intelligence officers. Success is not defined by a post-attack prosecution but “by preventing the attack from occurring.”

“You’ve got to know what they know, and you’ve got to be creative as lawyers and look across the full set of legal tools.”

That kit includes federal prosecution. But it also includes diplomacy, the use of military force, Treasury Department sanctions such as asset freezes, and Commerce Department restrictions on trade with terror-sponsoring states.

That transformation, completed in 2013, meant that U.S. attorneys were retrained and teamed with FBI agents. Their efforts now concentrate on “four major threat actors”: Russia, China, North Korea, and Iran.

Source : Cyberwarfare: Assessing 21st-Century Security Threats