Russian hackers breach DNC computers, steal data on Trump

Russian hackers managed to breach the computer network of the Democratic National Committee and stole opposition research on Republican presidential candidate Donald Trump.

The hackers had access to email and chat traffic as far back as last summer, the Washington Post reported on Tuesday. No financial data was stolen, however, suggesting that espionage was the motive.

The hackers belong to two separate groups that have been linked to the Russian government, according to security firm Crowdstrike, which was hired to mitigate the data breach.

Codenamed "Cozy Bear" and "Fancy Bear," the two groups are both notorious for hacking governments across the world, Crowdstrike said in a blog post. Cozy Bear, for instance, infiltrated networks used by the White House and U.S. State Department last year. It was the first group to breach the DNC network last summer, while Fancy Bear conducted its own attack in April.

"They were looking for information on policy, political campaigns and strategies, foreign policy plans, etc.," Crowdstrike added in an email.

It isn’t clear how the hacking groups managed to breach the DNC network. But both groups have used sophisticated phishing attacks to target their past victims, Crowdstrike said.

Both groups were also persistently working to clear their tracks and avoid detection from the DNC, but the hacking was stopped over this past weekend. The groups didn't appear to be working together.

The DNC, the coordinating body of the U.S. Democratic Party, confirmed the breach on Tuesday.

“When we discovered the intrusion, we treated this like the serious incident it is and reached out to CrowdStrike immediately," Representative Debbie Wasserman Schultz, a Florida Democrat and the DNC chairwoman, said by email. "Our team moved as quickly as possible to kick out the intruders and secure our network."

In May, U.S. intelligence chief James Clapper warned that cyber hackers were targeting presidential candidates for reasons including espionage. The attacks could intensify, he said.

Cozy Bear and Fancy Bear are among the best hacking groups in the world, according to Crowdstrike. In addition to the U.S., the groups have targeted victims in Europe, China, Japan and attacked a variety of sectors including defense, aerospace, and energy.

"Their tradecraft is superb, operational security second to none," Crowdstrike said.

This article was originally posted on Csoonline.com on the 14th June 2016.


Join the CSO newsletter!

Error: Please check your email address.

Tags hackersCrowdStrikecyber attacksTrumpdata theftdata breachhacking governmentwashington postcyber securityDNZcyber threatsCozy Bear

More about CrowdStrike

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Michael Kan

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts

Market Place