Russian Bears Hacked the US Democratic Party, Stealing Research on Donald Trump

Rafia Shaikh
Posted Jun 14, 2016
21Shares
Share Tweet Submit

Russian government hackers have breached the computer network of the US Democratic National Committee and gained access to opposition research on Republican presidential candidate Donald Trump. Security researchers and representative Debbie Wasserman Schultz, chairwoman of the Democratic National Committee, have confirmed the breach.

Russian hackers steal research on Donald Trump

Quoting U.S. officials, the Washington Post said that the Russian hackers targeted the networks of Trump and Democratic presidential candidate Hillary Clinton. The spies also tried to breach computers of some Republican political action committees. The cyber attack was a comprehensive and sophisticated attempt, enabling intruders to read all email and chat traffic on the committee’s system. Security experts have said that one access to the DNC network lasted the course of an entire year.

The security firm, CrowdStrike, conducted the cleanup operation this weekend, expelling hackers from the system of the committee. The security firm identified two separate groups on the network, including Cozy Bear, which CrowdStrike said, had previously successfully hacked into unclassified networks of the White House and State Department.

COZY BEAR (also referred to in some industry reports as CozyDuke or APT 29) is the adversary group that last year successfully infiltrated the unclassified networks of the White House, State Department, and US Joint Chiefs of Staff. In addition to the US government, they have targeted organizations across the Defense, Energy, Extractive, Financial, Insurance, Legal, Manufacturing Media, Think Tanks, Pharmaceutical, Research and Technology industries, along with Universities.

Cozy Bear entered the DNC’s systems last summer, monitoring email and chat conversations. The group may have been working for Russia’s Federal Security Service (FSB), Dmitri Alperovitch, co-founder and chief technology officer of CrowdStrike said. FSB was once run by the current Russian President Vladimir Putin.

Along with Cozy Bear, a second group named Fancy Bear gained access in late April and “went straight to the oppo research specifically on Donald Trump and exfiltrated some of it.” Fancy Bear may be affiliated with the Main Intelligence Department (or GRU), Russia’s premier military intelligence service.

Following Election Hacks, DoD Launches Crowdsourced Security Initiative with $7 Million in Contracts

The groups, while being termed as the “best threat actors” that have been encountered by the firm, worked separately. No financial, donor or personal information appears to have been compromised, the WaPo has reported.

This is not the first time that we are seeing cyber attacks against political candidates and organizations. Security researchers expect to see more such hacking attempts on campaigns and political organizations as the presidential election nears. “The security of our system is critical to our operation and to the confidence of the campaigns and state parties we work with,” House Democrat and DNC chair Debbie Wasserman Schultz said in a statement.

Share Tweet Submit