Russian hackers managed to breach the Republican National Committee’s computer systems last week. They hit the organization at the same time as a massive ransomware attack. Like the RNC breach, experts say Russians also did this.
RNC Denies Report Of Infiltration By Russian Hackers
The Russian hackers that hit the RNC reportedly had ties with the country’s foreign intelligence service. Experts said that this particular group is part of the APT 29 or Cozy Bear.
Officials also say that this is the same group that breached the Democratic National Committee in 2016. In addition, Cozy Bear is allegedly the mastermind behind the SolarWinds Corp cyberattack. This attack hit at least nine US government agencies last December.
Meanwhile, the RNC denied that the cyberattack ever happened. RNC spokesman Mike Reed insisted that nothing of the sort occurred. He insisted that there is “no indication” of an RNC hack or any breach of RNC information.
Synnex Corp Breached
According to various sources, Russian hackers are behind the attacks on the RNC through a third-party provider. As a result, Synnex issued a press release regarding its role in the matter.
The company said that they are aware of attempts to access custom applications within the Microsoft cloud via Synnex. “As our review continues, we are unable to provide any specific details,” said Synnex’s Michael Urban, president of worldwide technology solutions distribution. “As with any security issue, a full review of all companies, systems, third-party applications, and related IT solutions must be completed before final determinations can be made,” he added.
Meanwhile, RNC Chief of Staff Richard Walters said the organization discovered over the weekend that Russian hackers managed to breach Synnex Corp, its third-party provider. “We immediately blocked all access from Synnex accounts to our cloud environment.
Our team worked with Microsoft to conduct a review of our systems and after a thorough investigation, no RNC data was accessed. We will continue to work with Microsoft, as well as federal law enforcement officials, on this matter,” he said.
When pressed to confirm, Microsoft declined to provide details. “We can’t talk about the specifics of any particular case without customer permission. We continue to track malicious activity from nation-state threat actors — as we do routinely — and notify impacted customers,” a company spokesman said.
Recent Wave Of Russian Cyberattacks
Experts point to Russian activity like the ones behind the alleged attacks on the RNC and the wave of ransomware attacks. Many think this is a direct response to President Joe Biden, who recently called out Russian President Vladimir Putin about cyberattacks during a June 16 summit.
Hiding under the shadow of a massive ransomware attack, Russian intelligence hackers resumed their campaign against valuable intelligence targets, which presumably include the RNC. Reports say that the ransomware attacks, attributed to the Russian group REvil, hit 1,000 companies worldwide. REvil asked for $70million in bitcoin to unlock the victim’s breached data.
Breaches By Russian Hackers
Meanwhile, Charles Carmakal, a senior VP at Mandiant, a part of FireEye Inc, noted heightened Russian activity the past few days. He said that his firm monitored instances of breaches the last few days. Carmakal, however, denies knowing about the RNC hack.
“No question, the Russian government is absolutely benefiting from security companies and intelligence organizations being so focused on ransomware right now.
But the question is, is the Russian government providing tacit approval for ransomware operators or are they providing instructions? I don’t know,” he posited.
“Is it just coincidental timing for the Russian government to do some of the other things they’re doing right now? Is this coordinated and planned? I have no idea. I know that both things are happening, that’s a fact, I just don’t know why,” he added.
Watch the MSNBC News video reporting that President Joe Biden thinks ‘I Think We’re Being Tested’ by Russian And Russia-Based Hacks:
What do you think is behind the recent activities by Russian hackers? Will this activity escalate into a cyberwar?
Let us know what you think about Russian hackers and the US response. Share your comments below.