Two separate Russian intelligence agencies penetrated an American political party’s computer system in 2015 and 2016, according to a report released Thursday by the FBI and the Department of Homeland Security,
The 13-page report provides technical details regarding how Russians hacked into American servers.
The report served as the basis for sanctions and other steps taken Thursday by President Barack Obama to punish Russia for interfering with American elections.
The report, which refers to the Russian hacking activity as “GRIZZLY STEPPE,” discusses Russian attacks on one political party that is not named. This summer, the Democratic National Committee suffered serious embarrassment after emails were leaked to the public showing the DNC’s support for Hillary Clinton over Sen. Bernie Sanders, I-Vt.
The presidential campaign also including the publication by WikiLeaks of emails from the account of Clinton Campaign Chairman John Podesta. WikiLeaks founder Julian Assange has said the emails published by WikiLeaks did not come from the Russian government.
The report stated that malicious cyber activity by “Russian civilian and military intelligence services,” which it refers to with the acronym RIS, “is part of an ongoing campaign of cyber-enabled operations directed at the U.S. government and its citizens.”
“These cyber operations have included spearphishing campaigns targeting government organizations, critical infrastructure entities, think tanks, universities, political organizations, and corporations leading to the theft of information. In foreign countries, RIS actors conducted damaging and/or disruptive cyber-attacks, including attacks on critical infrastructure networks,” the report said.
“The U.S. Government confirms that two different RIS actors participated in the intrusion into a U.S. political party,” the report continued.
“The first actor group, known as Advanced Persistent Threat (APT) 29, entered into the party’s systems in summer 2015, while the second, known as APT28, entered in spring 2016,” the report added.
The first attack targeted “over 1,000 recipients, including multiple U.S. Government victims. … APT29 successfully compromised a U.S. political party. At least one targeted individual activated links to malware hosted on operational infrastructure of opened attachments containing malware,” the report said.
Russians then stole “email from several accounts through encrypted connections back through operational infrastructure.”
The 2016 attack “tricked recipients into changing their passwords through a fake webmail domain hosted on APT28 operational infrastructure. Using the harvested credentials, APT28 was able to gain access and steal content, likely leading to the exfiltration of information from multiple senior party members. The U.S. Government assesses that information was leaked to the press and publicly disclosed,” the report said.
The report also noted that Russian activity did not end with the Nov. 8 election.
“Actors likely associated with RIS are continuing to engage in spearphishing campaigns, including one launched as recently as November 2016, just days after the U.S. election,” the report said.
Like us on Facebook – USA Liberty News
What do you think? Scroll down to comment below.