Skip to main content

Sign up for our newsletter.

Quality journalism. Progressive values. Direct to your inbox.

"It's the job of every foreign intelligence service to collect intelligence against their adversaries," commented a former head of the FBI's cyber division. (Photo: Christiaan Colen/flickr/cc)

'Cozy Bear' & 'Fancy Bear' Attack: Russian Hackers Infiltrate DNC Computers

Two separate groups from Russia penetrated Democratic National Committee's computer network and spied on all communications

Nika Knight Beauchamp

Two separate groups associated with Russian intelligence agencies hacked into the Democratic National Committee (DNC) computer network, spying on communications and stealing research on Donald Trump, the Washington Post reported on Tuesday.

The Post described the extent of the intrusion:

The intruders so thoroughly compromised the DNC's system that they also were able to read all email and chat traffic, said DNC officials and the security experts.

The intrusion into the DNC was one of several targeting American political organizations. The networks of presidential candidates Hillary Clinton and Donald Trump were also targeted by Russian spies, as were the computers of some GOP political action committees, U.S. officials said. But details on those cases were not available.

"It's the job of every foreign intelligence service to collect intelligence against their adversaries," explained Shawn Henry, president of CrowdStrike, the cyber firm called in to handle the DNC breach and a former head of the FBI's cyber division, in an interview with the Post. "We're perceived as an adversary of Russia. Their job when they wake up every day is to gather intelligence against the policies, practices and strategies of the U.S. government."

Dmitri Alperovitch, CrowdStrike co-founder and chief technology officer, agreed, writing in a blog post: "the upcoming U.S. election, and the associated candidates and parties are of critical interest to both hostile and friendly nation states," he wrote. "The 2016 presidential election has the world's attention, and leaders of other states are anxiously watching and planning for possible outcomes."

No donor financial or contact information was breached, the Washington Post reported.

"Attacks against electoral candidates and the parties they represent are likely to continue up until the election in November," Alperovitch added.

DNC leaders first learned that something was awry in April, when chief executive Amy Darcey was told that the organization's IT team had detected unusual activity. Darcey reached out to Henry for assistance.

CrowdStrike quickly identified that the hackers were two groups it had dealt with before. One group that CrowdStrike has named Cozy Bear first infiltrated the DNC's network last summer and was monitoring employees' chat and email communications, while the other, dubbed Fancy Bear, only gained access in April. It was this most recent intrusion that the DNC's IT team detected.

"The hackers stole two files," Henry told the Post. "And they had access to the computers of the entire research staff—an average of about several dozen on any given day."

In his blog post, Alperovitch described the groups' technical sophistication. "We've had lots of experience with both of these actors attempting to target our customers in the past and know them well," Alperovitch wrote. "In fact, our team considers them some of the best adversaries out of all the numerous nation-state, criminal and hacktivist/terrorist groups we encounter on a daily basis."

"Both adversaries engage in extensive political and economic espionage for the benefit of the government of the Russian Federation and are believed to be closely linked to the Russian government's powerful and highly capable intelligence services," Alperovitch added.

NPR reported that according to CrowdStrike, "the two Russian hacking groups have also 'previously infiltrated the unclassified networks of the White House, State Department, and U.S. Joint Chiefs of Staff,' as well as private companies in the energy, media, and aerospace sectors."

It didn't appear that the two groups had coordinated the attacks together, Alperovitch told the Post. "Fancy Bear is believed to work for the GRU, or Russia’s military intelligence service, he said. CrowdStrike is less sure of whom Cozy Bear works for but thinks it might be the Federal Security Service or FSB, the country’s powerful security agency, which was once headed by Putin," the newspaper noted.


Our work is licensed under Creative Commons (CC BY-NC-ND 3.0). Feel free to republish and share widely.

We've had enough. The 1% own and operate the corporate media. They are doing everything they can to defend the status quo, squash dissent and protect the wealthy and the powerful. The Common Dreams media model is different. We cover the news that matters to the 99%. Our mission? To inform. To inspire. To ignite change for the common good. How? Nonprofit. Independent. Reader-supported. Free to read. Free to republish. Free to share. With no advertising. No paywalls. No selling of your data. Thousands of small donations fund our newsroom and allow us to continue publishing. Can you chip in? We can't do it without you. Thank you.

'Enough is Enough': Hundreds of Thousands March Across the UK

'As wages fall while profits soar, our message is clear... We are here to win.'

Common Dreams staff ·


California Gov. Newsom Proposes Windfall Profits Tax on Big Oil

Calls for windfall profits taxes have increased globally in recent weeks

Common Dreams staff ·


'Incredible': Omar and Khanna Staffers Join Levin's Office in Unionizing

"It is long past time the United States Congress became a unionized workplace, and that includes my own staff," said Rep. Ilhan Omar. "I am proud of all the people on my team who have played a leading role in the staff unionization effort. Solidarity forever."

Jessica Corbett ·


Destructive Hurricanes Fuel Calls for Biden to Declare Climate Emergency

"Mother Nature is not waiting for the president or Congress to declare a climate emergency. She's showing us in real-time here in the United States—with wildfires, floods, heatwaves, hurricanes, and drought."

Jessica Corbett ·


Spain Approves 'Solidarity' Tax to Make Nation's Top 0.1% Pay a Fairer Share

The country's finance minister said that looming changes are bound to make the tax code "more progressive, efficient, fair, and also enough to guarantee social justice and economic efficiency."

Kenny Stancil ·

Common Dreams Logo