When Russia set out to interfere with the 2016 election, it went all out.
Over the course of the election, a wide-ranging group of Russians probed state voter databases for insecurities; hacked the Hillary Clinton campaign, the Democratic Congressional Campaign Committee and the Democratic National Committee; tried to hack the campaign of Sen. Marco Rubio and the Republican National Committee; released politically damaging information on the internet; spread propaganda on Twitter, Facebook, YouTube and Instagram; staged rallies in Florida and Pennsylvania; set up meetings with members of the Trump campaign and its associates; and floated a business proposition for a skyscraper in Moscow to the Trump Organization.
The goal, as determined by the U.S. intelligence community and backed up by evidence gathered by Special Counsel Robert Mueller: To damage the Clinton campaign, boost Trump’s chances and sow distrust in American democracy overall.
The details of these efforts have come out in drips and drabs since the 2016 election ended, with information revealed by a memo from intelligence agencies, court documents filed by Mueller, testimony from Trump associates in court and before Congress and investigative news reports.
Mueller has completed a final report to Attorney General William Barr detailing his findings, but so far only a brief summary to Congress by Barr has been released. But while lawmakers and the public wait to see the report, the big picture of Russian influence efforts has been available for a while.
Here’s what we know about how Russia worked to manipulate the 2016 election.
Probing state voter databases
U.S. intelligence agencies have concluded that Russia did not alter actual votes during the 2016 election. But Russians did target voter registration systems or state websites in at least 21 states before Election Day, fully accessed some states’ systems and stole hundreds of thousands of voters’ personal information.
The FBI alerted states to the threat about two months before the 2016 election when hackers accessed voter registration databases in Illinois and Arizona. Then in January 2017, the government issued its first report on election interference and blamed Russia for the hacks. However, DHS did not tell top state officials that their systems were scanned by hackers until nearly a year after the election.
In July of 2018, Mueller indicted 12 Russian nationals for their part in allegedly hacking into U.S. election systems. The prosecutors offered up more details, including saying that hackers stole information on 500,000 voters from an unnamed state’s website, including names, addresses, partial Social Security numbers, dates of birth and driver’s license numbers. Russians then visited the websites of counties in Georgia, Iowa and Florida, according to the indictment. The hackers also penetrated a voter registration software vendor, according to the indictment, and posed as the company sending malicious emails to several Florida election administrators.
In addition to all this, the Senate Intelligence Committee’s report said that in a small number of states, Russians “were able to gain access to restricted elements of election infrastructure” and “were in a position to, at a minimum, alter or delete voter registration data.”
Hacking the Clinton campaign
One of the most striking elements of Russia’s plan to influence the U.S. election did not involve votes at all, but rather agents with Russian military intelligence, known as GRU, hacking into the emails of staff working for Hillary Clinton’s presidential campaign. These efforts, as laid out by Mueller in the key July 2018 indictment, began in earnest in March of 2016.
During that month, the agents sent emails that looked like Google security notifications to many Clinton campaign staffers and volunteers. But rather than helping them lock down their accounts, these emails instructed recipients to click a link to change their password, and when the user did so, this gave the Russian agents access to their accounts. Using this method, the GRU agents stole tens of thousands of emails from Clinton campaign staffers, including campaign chairman John Podesta.
The GRU agents then created a fake online group called Guccifer 2.0 and used that persona to share these emails with WikiLeaks. That group in turn released the stolen emails in the run up to the November election, creating frequent negative news cycles for Clinton and distracting from the message she hoped to send voters in the final days of the campaign.
Hacking the Democratic Congressional Campaign Committee
The hacking did not stop with Clinton’s team. GRU officers also used malicious emails to gain access to the Democratic Congressional Campaign Committee computer network, according to the special counsel indictment. Once inside, the hackers installed malware that allowed them to access more computers and steal thousands of emails and documents related to the election. In April of 2016, for example, the indictment said the hackers searched a DCCC computer for terms including “hillary,” “cruz” and “trump,” and copied a folder titled “Benghazi Investigations.”
Hacking the Democratic National Committee
This access to the DCCC then allowed the hackers to penetrate the Democratic National Committee network. In early June of 2016, the Russian officers launched DCLeaks.com and posted thousands of stolen documents and emails there. Days later, the DNC announced it had been hacked, prompting the Russians to create the Guccifer 2.0 persona to shift attention away from them and cover who had done the hacking.
The Russian agents, posing as Guccifer 2.0, soon shared stolen documents with WikiLeaks, which promised it would ensure the material “will have a much higher impact than what you are doing,” according to Mueller’s indictment. On July 22, just days before the Democratic National Convention, WikiLeaks released more than 20,000 stolen emails.
This dump piqued the interest of the Trump campaign. According to an indictment against longtime Trump confidant Roger Stone, a “senior Trump Campaign official was directed to contact Stone about any additional releases and what other damaging information” WikiLeaks had about Clinton’s campaign. Stone had been bragging about connections to WikiLeaks, and as the election approached, prosecutors say he continued to update the Trump campaign about the group’s plans. In early October, Steve Bannon, then Trump’s campaign chairman, reached out to Stone to express concern after WikiLeaks delayed releasing emails. But Stone reassured him and when WikiLeaks released Podesta’s emails on Oct. 7, 2016, just after the Washington Post published audio from “Access Hollywood” of Trump bragging about assaulting women, Bannon sent Stone a message: “well done.”
It can be difficult to prove what Trump and his campaign staff knew about all this, says Timothy Naftali, a New York University professor and co-author of Impeachment: An American History.
“From the president’s actions, his words and Mueller’s indictments, I suspect that Mueller found evidence of suspicious contact. We know from the Roger Stone indictment that there was contact with WikiLeaks,” Naftali added. “But contact with WikiLeaks isn’t necessarily proof of willful collusion with a foreign government.”
Targeting Sen. Marco Rubio and other Republicans
Clinton was not Trump’s only presidential opponent targeted by Russian influence efforts. In December, just after the 2016 election, Sen. Lindsey Graham of South Carolina said that his presidential campaign’s emails had been hacked, and the DC Leaks website published some emails related to Republicans that year.
Then in March of 2017, as the Senate Intelligence Committee was looking into Russian meddling in the election, Republican Sen. Marco Rubio told the committee that his presidential campaign was also targeted by Russians after he dropped out of the race in 2016.
“In July of 2016, shortly after I announced I’d seek re-election to the United States Senate, former members of my presidential campaign team who had access to the internal information of my presidential campaign were targeted by IP addresses with an unknown location within Russia. That effort was unsuccessful,” Rubio said at the Senate Intelligence hearing in 2017.
He also revealed that his former campaign staff had been targeted again, just the day before the hearing, by an IP address registered in Russia. The second instance was also unsuccessful, Rubio said.
While Rubio only described cyberattacks that took place after he dropped his bid for the White House, experts have said the Florida senator, like Clinton, was targeted as early as the 2016 primary season.
“Russia’s overt media outlets sought to sideline opponents on both sides of the political spectrum,” Clint Watts, a fellow at the Foreign Policy Research Institute, told the Senate Intelligence Committee just hours before Rubio’s comments.
Targeting the Republican National Committee
Russian hackers also probed some other Republicans, but their efforts were more limited and less successful than those aimed at Democrats. James Comey testified in January of 2017, when he was still FBI director, that Russians tried to targeted the Republican National Committee in 2016. “There was evidence of hacking directed at state-level organizations, state-level campaigns, and the RNC, but old domains of the RNC,” he told the Senate Intelligence Committee.
However, he clarified that these domains were no longer in use when hackers probed them and that the Russians did not release any information they found from these efforts. “We did not develop any evidence that the Trump campaign or the current RNC was successfully hacked,” Comey added.
Spreading propaganda on social media
The more subtle influence efforts that Watts was describing actually stretched back even further than the primary season. Russia’s plans to affect the U.S. election began in April of 2014 with the development of a “troll farm” that could spread false and disparaging messages on social media, as TIME previously reported and another crucial indictment confirmed. Mueller’s indictment in February of 2018 charged 13 Russian nationals and three Russian companies — including the Internet Research Agency — with conspiracy to defraud the United States, conspiracy to commit bank fraud and identity theft.
The Internet Research Agency and its employees, the indictment said, sought to conduct “information warfare against the United States of America” in order to spread distrust and support Trump’s election. In an operation that cost millions of dollars, the Russians studied U.S. political groups, traveled to gather intelligence in several states and developed a network of fake accounts that they used to infect the American electorate. Throughout 2016, they posted divisive content about topics such as Black Lives Matter, immigration and gun control; they bought political ads criticizing Clinton; and they pumped out hashtags like #Hillary4Prison and #TrumpTrain to their masses of followers.
All of this was incredibly successful, according to University of Pennsylvania professor Kathleen Hall Jamieson. Experts disagree about how to quantify the impact of Russia’s social media campaign, but Jamieson, who did a forensic analysis of online activity in 2016 for her book Cyberwar: How Russian Hackers and Trolls Helped Elect a President—What We Don’t, Can’t, and Do Know argues that it’s very likely Russia did sway the outcome of the 2016 election.
Much of the information about Russia’s influence is already public in Mueller’s indictments, in news articles and in the reports published from Congressional investigations over the past two years. But Jamieson says the Mueller report could provide more insight into the vulnerabilities that Russians exploited in 2016.
“We will know more about that once we know about any other forms of contact that the Russians had with the Trump campaign and with any other operatives that might be tied in some way with the U.S. democratic system,” Jamieson said. “We should be looking to any other revelations with a perspective that asks if we were to prevent a recurrence, how would this help us prevent a recurrence not simply by Russia but by any other foreign nation state.”
Staging physical events in the U.S.
Beyond getting voters in the U.S. to follow Facebook or Twitter accounts and read fake news websites, the Russians translated their social media influence into real-life events. Posing as American grassroots activists, the trolls set up and promoted rallies in swing states like Florida and Pennsylvania, as well as at Trump properties in New York, according to the indictment. In one of their most notable moves, the Russian trolls hired a real American to dress as Clinton in a prison uniform at a rally in West Palm Beach.
Setting up meetings with the Trump campaign
The Russian influence efforts also included meeting with members of the Trump campaign.
One of the earliest people targeted was George Papadopoulos, a young foreign policy adviser to the campaign. Papadopoulos met a professor named Joseph Mifsud who said he had Kremlin connections and a woman named Olga who claimed to be Russian President Vladimir Putin’s niece. When the pair told him they wanted to set up a meeting between the Trump campaign and Russian officials, Papadopoulos eagerly passed on this information to Trump and other campaign officials, including future Attorney General Jeff Sessions.
Mifsud later told Papadopoulos about Clinton’s hacked emails, and though Papadopoulos continued to push for a meeting with Russian officials, the summit never happened during the campaign. Papadopoulos was the first Trump associate to plead guilty in the Mueller investigation and has since served time in prison for lying to FBI agents about his Russian contacts.
In April of 2016, Trump himself briefly met with the Russian ambassador Sergey Kislyak before giving a foreign policy speech. Sessions and Trump’s son-in-law Jared Kushner also met with Kislyak that day. While the White House later tried to downplay these meetings, the Washington Post reported that Sessions had “substantive” discussions about Russia-related policy.
As all of this was going on, Russians were also setting up a meeting with Donald Trump Jr. A publicist who emailed Trump Jr. promised a Russian lawyer would have documents that could “incriminate” Clinton, and this led to the infamous Trump Tower meeting in June of 2016. Trump’s son-in-law Jared Kushner and then-campaign chairman Paul Manafort joined Trump Jr. that day.
Manafort himself, who had plenty of Russia connections from his days consulting politicians in Ukraine, has also come under scrutiny for his discussions with old friend Konstantin Kilimnik, who prosecutors believe has links to Russian intelligence. Court filings revealed that Manfort shared polling data with Kilimnik during the campaign and that the two talked about a potential peace plan for Ukraine.
While the special counsel’s investigation did not find that the Trump campaign coordinated with the Russian government, Mueller’s indictments have shown that people in Trump’s orbit were often happy to accept help from Russians when it was offered. And many of these actions are unprecedented in U.S. history, according to Julian Zelizer, a professor of history and public affairs at Princeton University.
“If there’s any evidence that any of his interactions or campaign officials’ interactions with Russian officials might have influenced public policy decisions as President, I think that’s going to open the doors to more investigations,” Zelizer said. “Even if they don’t have a criminal case that he directly conspired with the Russian government, there’s a lot in between that and nothing.”
Trying to recruit people associated with Trump
The Russians also tried to collect people to help them along the way, and the prime example is Carter Page, another former Trump campaign foreign policy adviser. Russian intelligence agents tried to recruit him as early as 2013, and Page continued his contact with Russians while working for the Trump campaign. In July of 2016, Page traveled to Russia, gave a speech, met with at least one Kremlin official there — and told all this to at least four Trump campaign officials. His activity attracted the attention of the FBI, who got a Foreign Intelligence Surveillance Act warrant to wiretap Page.
Mifsud, the Maltese professor who interacted with Papadopoulos, claimed to have Russian connections, but it remains unclear whether he was actually working with the Russian government. The Associated Press and other news organizations have tried to learn more about Mifsud, but he has largely disappeared for the last year.
Efforts to build a Trump Tower in Moscow
Economic interests also played an important role in Russia’s relationship with Trump during the 2016 campaign.
Despite Trump’s frequent denials of any business in Russia on the campaign trail, his personal lawyer Michael Cohen spent much of 2016 working on a deal to develop a Trump Tower in Moscow. Cohen’s efforts, which continued until June of 2016, included reaching out directly to the Kremlin for help, planning a trip to Russia and briefing Trump’s children Trump Jr. and Ivanka “approximately 10 times” about the plans. Cohen initially lied to Congress about the extent of the project, but in November of 2018 he pleaded guilty and then testified again in February, saying that Trump indirectly encouraged him to lie.
Here again, experts said that while the public has learned a lot about the Trump’s business dealings with Russians, the Mueller report could reveal more even if it did not find criminal behavior.
“I think the Mueller investigation may well have turned up evidence as to why the Trump campaign misled us about Trump’s efforts to do business in Moscow,” says NYU’s Naftali. “The Mueller investigation concluded that it wasn’t collusion with the Russian government, but that doesn’t mean that it wasn’t a source of undue influence on actions by the candidate. I think it’s perfectly reasonable for the public to want to know if that undue influence still exists on the President.”