ADVERTISEMENT

Bloomberg: Russian State Hackers Breached Republican National Committee

Morrison71

HR Legend
Nov 10, 2006
15,728
12,983
113
Russian government hackers breached the computer systems of the Republican National Committee last week, around the time a Russia-linked criminal group unleashed a massive ransomware attack, according to two people familiar with the matter.

The government hackers were part of a group known as APT 29 or Cozy Bear, according to the people. That group has been tied to Russia’s foreign intelligence service and has previously been accused of breaching the Democratic National Committee in 2016, and of carrying out a supply-chain cyberattack involving SolarWinds Corp., which infiltrated nine U.S. government agencies and was disclosed in December.
Click to shrink...
It’s not known what data the hackers viewed or stole, if anything. An RNC spokesman on Tuesday denied its systems were breached and referred to an earlier statement.

“Microsoft informed us that one of our vendors, Synnex, systems may have been exposed,” said Mike Reed, a spokesman for the RNC said on Saturday. “There is no indication the RNC was hacked or any RNC information was stolen. We are investigating the matter and have informed DHS and the FBI.”

A spokesperson for the Russian Embassy in Washington didn’t immediately respond to a request for comment.
Click to shrink...
The attack on the RNC, coupled with the recent ransomware attack, is a major provocation to President Joe Biden, who warned Russian President Vladimir Putin about cyberattacks at a June 16 summit. It’s not clear if the attack on the RNC is connected in any way to the ransomware attacks, which exploited multiple previously unknown vulnerabilities in software from Miami-based Kaseya Ltd.

The hackers are suspected to have attacked the RNC though one of its IT providers, Synnex Corp., the people said. In a press release, Synnex said “it is aware of a few instances where outside actors have attempted to gain access, through Synnex, to customer applications within the Microsoft cloud environment.”
Click to shrink...
“As our review continues, we are unable to provide any specific details,” said Michael Urban, president of worldwide technology solutions distribution at Synnex in a statement to Bloomberg News. “As with any security issue, a full review of all companies, systems, third-party applications and related IT solutions must be completed before final determinations can be made.”

Russian intelligence hackers are taking advantage of the chaos created by the global ransomware campaign to attack valuable intelligence targets, one of the people familiar with the matter said. The ransomware attack -- which cybersecurity experts attributed to a Russia-linked group called REvil -- may have hit more than 1,000 victims. Kaseya provides software for managed service providers, who in turn offer IT services to small- and medium-sized businesses.
 
ADVERTISEMENT