Skip to main content

Sign up for our newsletter.

Quality journalism. Progressive values. Direct to your inbox.

"It's the job of every foreign intelligence service to collect intelligence against their adversaries," commented a former head of the FBI's cyber division. (Photo: Christiaan Colen/flickr/cc)

'Cozy Bear' & 'Fancy Bear' Attack: Russian Hackers Infiltrate DNC Computers

Two separate groups from Russia penetrated Democratic National Committee's computer network and spied on all communications

Two separate groups associated with Russian intelligence agencies hacked into the Democratic National Committee (DNC) computer network, spying on communications and stealing research on Donald Trump, the Washington Post reported on Tuesday.

The Post described the extent of the intrusion:

The intruders so thoroughly compromised the DNC's system that they also were able to read all email and chat traffic, said DNC officials and the security experts.

The intrusion into the DNC was one of several targeting American political organizations. The networks of presidential candidates Hillary Clinton and Donald Trump were also targeted by Russian spies, as were the computers of some GOP political action committees, U.S. officials said. But details on those cases were not available.

"It's the job of every foreign intelligence service to collect intelligence against their adversaries," explained Shawn Henry, president of CrowdStrike, the cyber firm called in to handle the DNC breach and a former head of the FBI's cyber division, in an interview with the Post. "We're perceived as an adversary of Russia. Their job when they wake up every day is to gather intelligence against the policies, practices and strategies of the U.S. government."

Dmitri Alperovitch, CrowdStrike co-founder and chief technology officer, agreed, writing in a blog post: "the upcoming U.S. election, and the associated candidates and parties are of critical interest to both hostile and friendly nation states," he wrote. "The 2016 presidential election has the world's attention, and leaders of other states are anxiously watching and planning for possible outcomes."

No donor financial or contact information was breached, the Washington Post reported.

"Attacks against electoral candidates and the parties they represent are likely to continue up until the election in November," Alperovitch added.

DNC leaders first learned that something was awry in April, when chief executive Amy Darcey was told that the organization's IT team had detected unusual activity. Darcey reached out to Henry for assistance.

CrowdStrike quickly identified that the hackers were two groups it had dealt with before. One group that CrowdStrike has named Cozy Bear first infiltrated the DNC's network last summer and was monitoring employees' chat and email communications, while the other, dubbed Fancy Bear, only gained access in April. It was this most recent intrusion that the DNC's IT team detected.

"The hackers stole two files," Henry told the Post. "And they had access to the computers of the entire research staff—an average of about several dozen on any given day."

In his blog post, Alperovitch described the groups' technical sophistication. "We've had lots of experience with both of these actors attempting to target our customers in the past and know them well," Alperovitch wrote. "In fact, our team considers them some of the best adversaries out of all the numerous nation-state, criminal and hacktivist/terrorist groups we encounter on a daily basis."

"Both adversaries engage in extensive political and economic espionage for the benefit of the government of the Russian Federation and are believed to be closely linked to the Russian government's powerful and highly capable intelligence services," Alperovitch added.

NPR reported that according to CrowdStrike, "the two Russian hacking groups have also 'previously infiltrated the unclassified networks of the White House, State Department, and U.S. Joint Chiefs of Staff,' as well as private companies in the energy, media, and aerospace sectors."

It didn't appear that the two groups had coordinated the attacks together, Alperovitch told the Post. "Fancy Bear is believed to work for the GRU, or Russia’s military intelligence service, he said. CrowdStrike is less sure of whom Cozy Bear works for but thinks it might be the Federal Security Service or FSB, the country’s powerful security agency, which was once headed by Putin," the newspaper noted.


Our work is licensed under Creative Commons (CC BY-NC-ND 3.0). Feel free to republish and share widely.
We need your help.

Support progressive journalism.

Common Dreams is not your average news site. We don't survive on clicks or advertising dollars. We rely entirely on your support. And without it, our independent progressive journalism simply wouldn’t exist. Every gift of every amount matters.

Join the fight and support our common dreams today.

Summit Participants Embrace 'Vaccine Internationalism' to End Pandemic

"Our goal is simple: to end the pandemic as quickly as possible by securing Covid-19 vaccines for all," says the coordinator of Progressive International's four-day virtual summit.

Brett Wilkins, staff writer ·


As Iran Elects New President, Experts Urge Biden to Rejoin Nuclear Deal, Lift Sanctions

"The Biden administration must remain resolute and seek a break from the disastrous conditions that helped contribute to this result."

Brett Wilkins, staff writer ·


UN General Assembly Condemns Myanmar Junta Violence, Urges Arms Embargo

Member nations voted 119-1 in favor of the resolution, which also calls for a return to the country's fragile democracy.

Brett Wilkins, staff writer ·


Dems Introduce Abolition Amendment to Scrap Constitution's 'Slavery Clause'

"The loophole in our Constitution's ban on slavery not only allowed slavery to continue, but launched an era of discrimination and mass incarceration that continues to this day," said Sen. Jeff Merkley.

Julia Conley, staff writer ·


'Surreal' and 'Distressing': Climate Experts' Predictions Come True With US Heatwave

"The current heatwave and drought leave no doubt, we are living the dangerous effects of the climate crisis."

Jessica Corbett, staff writer ·