SUBSCRIBE TO OUR FREE NEWSLETTER
Daily news & progressive opinion—funded by the people, not the corporations—delivered straight to your inbox.
5
#000000
#FFFFFF
5
#000000
#FFFFFF
'Cozy Bear' & 'Fancy Bear' Attack: Russian Hackers Infiltrate DNC Computers
Two separate groups from Russia penetrated Democratic National Committee's computer network and spied on all communications
Jun 14, 2016
Two separate groups associated with Russian intelligence agencies hacked into the Democratic National Committee (DNC) computer network, spying on communications and stealing research on Donald Trump, the Washington Post reported on Tuesday.
The Post described the extent of the intrusion:
The intruders so thoroughly compromised the DNC's system that they also were able to read all email and chat traffic, said DNC officials and the security experts.
The intrusion into the DNC was one of several targeting American political organizations. The networks of presidential candidates Hillary Clinton and Donald Trump were also targeted by Russian spies, as were the computers of some GOP political action committees, U.S. officials said. But details on those cases were not available.
"It's the job of every foreign intelligence service to collect intelligence against their adversaries," explained Shawn Henry, president of CrowdStrike, the cyber firm called in to handle the DNC breach and a former head of the FBI's cyber division, in an interview with the Post. "We're perceived as an adversary of Russia. Their job when they wake up every day is to gather intelligence against the policies, practices and strategies of the U.S. government."
Dmitri Alperovitch, CrowdStrike co-founder and chief technology officer, agreed, writing in a blog post: "the upcoming U.S. election, and the associated candidates and parties are of critical interest to both hostile and friendly nation states," he wrote. "The 2016 presidential election has the world's attention, and leaders of other states are anxiously watching and planning for possible outcomes."
No donor financial or contact information was breached, the Washington Post reported.
"Attacks against electoral candidates and the parties they represent are likely to continue up until the election in November," Alperovitch added.
DNC leaders first learned that something was awry in April, when chief executive Amy Darcey was told that the organization's IT team had detected unusual activity. Darcey reached out to Henry for assistance.
CrowdStrike quickly identified that the hackers were two groups it had dealt with before. One group that CrowdStrike has named Cozy Bear first infiltrated the DNC's network last summer and was monitoring employees' chat and email communications, while the other, dubbed Fancy Bear, only gained access in April. It was this most recent intrusion that the DNC's IT team detected.
"The hackers stole two files," Henry told the Post. "And they had access to the computers of the entire research staff--an average of about several dozen on any given day."
In his blog post, Alperovitch described the groups' technical sophistication. "We've had lots of experience with both of these actors attempting to target our customers in the past and know them well," Alperovitch wrote. "In fact, our team considers them some of the best adversaries out of all the numerous nation-state, criminal and hacktivist/terrorist groups we encounter on a daily basis."
"Both adversaries engage in extensive political and economic espionage for the benefit of the government of the Russian Federation and are believed to be closely linked to the Russian government's powerful and highly capable intelligence services," Alperovitch added.
NPR reported that according to CrowdStrike, "the two Russian hacking groups have also 'previously infiltrated the unclassified networks of the White House, State Department, and U.S. Joint Chiefs of Staff,' as well as private companies in the energy, media, and aerospace sectors."
It didn't appear that the two groups had coordinated the attacks together, Alperovitch told the Post. "Fancy Bear is believed to work for the GRU, or Russia's military intelligence service, he said. CrowdStrike is less sure of whom Cozy Bear works for but thinks it might be the Federal Security Service or FSB, the country's powerful security agency, which was once headed by Putin," the newspaper noted.
An Urgent Message From Our Co-Founder
Dear Common Dreams reader, It’s been nearly 30 years since I co-founded Common Dreams with my late wife, Lina Newhouser. We had the radical notion that journalism should serve the public good, not corporate profits. It was clear to us from the outset what it would take to build such a project. No paid advertisements. No corporate sponsors. No millionaire publisher telling us what to think or do. Many people said we wouldn't last a year, but we proved those doubters wrong. Together with a tremendous team of journalists and dedicated staff, we built an independent media outlet free from the constraints of profits and corporate control. Our mission has always been simple: To inform. To inspire. To ignite change for the common good. Building Common Dreams was not easy. Our survival was never guaranteed. When you take on the most powerful forces—Wall Street greed, fossil fuel industry destruction, Big Tech lobbyists, and uber-rich oligarchs who have spent billions upon billions rigging the economy and democracy in their favor—the only bulwark you have is supporters who believe in your work. But here’s the urgent message from me today. It's never been this bad out there. And it's never been this hard to keep us going. At the very moment Common Dreams is most needed, the threats we face are intensifying. We need your support now more than ever. We don't accept corporate advertising and never will. We don't have a paywall because we don't think people should be blocked from critical news based on their ability to pay. Everything we do is funded by the donations of readers like you. When everyone does the little they can afford, we are strong. But if that support retreats or dries up, so do we. Will you donate now to make sure Common Dreams not only survives but thrives? —Craig Brown, Co-founder |
Our work is licensed under Creative Commons (CC BY-NC-ND 3.0). Feel free to republish and share widely.
Two separate groups associated with Russian intelligence agencies hacked into the Democratic National Committee (DNC) computer network, spying on communications and stealing research on Donald Trump, the Washington Post reported on Tuesday.
The Post described the extent of the intrusion:
The intruders so thoroughly compromised the DNC's system that they also were able to read all email and chat traffic, said DNC officials and the security experts.
The intrusion into the DNC was one of several targeting American political organizations. The networks of presidential candidates Hillary Clinton and Donald Trump were also targeted by Russian spies, as were the computers of some GOP political action committees, U.S. officials said. But details on those cases were not available.
"It's the job of every foreign intelligence service to collect intelligence against their adversaries," explained Shawn Henry, president of CrowdStrike, the cyber firm called in to handle the DNC breach and a former head of the FBI's cyber division, in an interview with the Post. "We're perceived as an adversary of Russia. Their job when they wake up every day is to gather intelligence against the policies, practices and strategies of the U.S. government."
Dmitri Alperovitch, CrowdStrike co-founder and chief technology officer, agreed, writing in a blog post: "the upcoming U.S. election, and the associated candidates and parties are of critical interest to both hostile and friendly nation states," he wrote. "The 2016 presidential election has the world's attention, and leaders of other states are anxiously watching and planning for possible outcomes."
No donor financial or contact information was breached, the Washington Post reported.
"Attacks against electoral candidates and the parties they represent are likely to continue up until the election in November," Alperovitch added.
DNC leaders first learned that something was awry in April, when chief executive Amy Darcey was told that the organization's IT team had detected unusual activity. Darcey reached out to Henry for assistance.
CrowdStrike quickly identified that the hackers were two groups it had dealt with before. One group that CrowdStrike has named Cozy Bear first infiltrated the DNC's network last summer and was monitoring employees' chat and email communications, while the other, dubbed Fancy Bear, only gained access in April. It was this most recent intrusion that the DNC's IT team detected.
"The hackers stole two files," Henry told the Post. "And they had access to the computers of the entire research staff--an average of about several dozen on any given day."
In his blog post, Alperovitch described the groups' technical sophistication. "We've had lots of experience with both of these actors attempting to target our customers in the past and know them well," Alperovitch wrote. "In fact, our team considers them some of the best adversaries out of all the numerous nation-state, criminal and hacktivist/terrorist groups we encounter on a daily basis."
"Both adversaries engage in extensive political and economic espionage for the benefit of the government of the Russian Federation and are believed to be closely linked to the Russian government's powerful and highly capable intelligence services," Alperovitch added.
NPR reported that according to CrowdStrike, "the two Russian hacking groups have also 'previously infiltrated the unclassified networks of the White House, State Department, and U.S. Joint Chiefs of Staff,' as well as private companies in the energy, media, and aerospace sectors."
It didn't appear that the two groups had coordinated the attacks together, Alperovitch told the Post. "Fancy Bear is believed to work for the GRU, or Russia's military intelligence service, he said. CrowdStrike is less sure of whom Cozy Bear works for but thinks it might be the Federal Security Service or FSB, the country's powerful security agency, which was once headed by Putin," the newspaper noted.
Two separate groups associated with Russian intelligence agencies hacked into the Democratic National Committee (DNC) computer network, spying on communications and stealing research on Donald Trump, the Washington Post reported on Tuesday.
The Post described the extent of the intrusion:
The intruders so thoroughly compromised the DNC's system that they also were able to read all email and chat traffic, said DNC officials and the security experts.
The intrusion into the DNC was one of several targeting American political organizations. The networks of presidential candidates Hillary Clinton and Donald Trump were also targeted by Russian spies, as were the computers of some GOP political action committees, U.S. officials said. But details on those cases were not available.
"It's the job of every foreign intelligence service to collect intelligence against their adversaries," explained Shawn Henry, president of CrowdStrike, the cyber firm called in to handle the DNC breach and a former head of the FBI's cyber division, in an interview with the Post. "We're perceived as an adversary of Russia. Their job when they wake up every day is to gather intelligence against the policies, practices and strategies of the U.S. government."
Dmitri Alperovitch, CrowdStrike co-founder and chief technology officer, agreed, writing in a blog post: "the upcoming U.S. election, and the associated candidates and parties are of critical interest to both hostile and friendly nation states," he wrote. "The 2016 presidential election has the world's attention, and leaders of other states are anxiously watching and planning for possible outcomes."
No donor financial or contact information was breached, the Washington Post reported.
"Attacks against electoral candidates and the parties they represent are likely to continue up until the election in November," Alperovitch added.
DNC leaders first learned that something was awry in April, when chief executive Amy Darcey was told that the organization's IT team had detected unusual activity. Darcey reached out to Henry for assistance.
CrowdStrike quickly identified that the hackers were two groups it had dealt with before. One group that CrowdStrike has named Cozy Bear first infiltrated the DNC's network last summer and was monitoring employees' chat and email communications, while the other, dubbed Fancy Bear, only gained access in April. It was this most recent intrusion that the DNC's IT team detected.
"The hackers stole two files," Henry told the Post. "And they had access to the computers of the entire research staff--an average of about several dozen on any given day."
In his blog post, Alperovitch described the groups' technical sophistication. "We've had lots of experience with both of these actors attempting to target our customers in the past and know them well," Alperovitch wrote. "In fact, our team considers them some of the best adversaries out of all the numerous nation-state, criminal and hacktivist/terrorist groups we encounter on a daily basis."
"Both adversaries engage in extensive political and economic espionage for the benefit of the government of the Russian Federation and are believed to be closely linked to the Russian government's powerful and highly capable intelligence services," Alperovitch added.
NPR reported that according to CrowdStrike, "the two Russian hacking groups have also 'previously infiltrated the unclassified networks of the White House, State Department, and U.S. Joint Chiefs of Staff,' as well as private companies in the energy, media, and aerospace sectors."
It didn't appear that the two groups had coordinated the attacks together, Alperovitch told the Post. "Fancy Bear is believed to work for the GRU, or Russia's military intelligence service, he said. CrowdStrike is less sure of whom Cozy Bear works for but thinks it might be the Federal Security Service or FSB, the country's powerful security agency, which was once headed by Putin," the newspaper noted.
We've had enough. The 1% own and operate the corporate media. They are doing everything they can to defend the status quo, squash dissent and protect the wealthy and the powerful. The Common Dreams media model is different. We cover the news that matters to the 99%. Our mission? To inform. To inspire. To ignite change for the common good. How? Nonprofit. Independent. Reader-supported. Free to read. Free to republish. Free to share. With no advertising. No paywalls. No selling of your data. Thousands of small donations fund our newsroom and allow us to continue publishing. Can you chip in? We can't do it without you. Thank you.