+

Cookies on the Business Insider India website

Business Insider India has updated its Privacy and Cookie policy. We use cookies to ensure that we give you the better experience on our website. If you continue without changing your settings, we\'ll assume that you are happy to receive all cookies on the Business Insider India website. However, you can change your cookie setting at any time by clicking on our Cookie Policy at any time. You can also see our Privacy Policy.

Close
HomeQuizzoneWhatsappShare Flash Reads
 

RESEARCHERS: Yes, Russia really did hack the Democratic National Congress

Jun 21, 2016, 13:53 IST

Reuters

It now seems all but certain: Russian government hackers broke into the systems of the US Democratic National Congress.

Advertisement

Multiple security firms are lining up to point the finger at known Russian groups, as The Washington Post previously reported, despite a hacker calling themselves "Guccifer 2.0" claiming they acted alone.

Earlier in June, the DNC announced that hackers had access to its systems for more than a year, first detecting unusual activity in April 2016, and expelling the infiltrators this month. The hackers stole opposition research on Donald Trump, with security research firm CrowdStrike laying the blame on "two separate Russian intelligence-affiliated adversaries."

(Remarkably, the two groups did not appear to be cooperating - and may not even have been aware of each others' operations.)

But complicating matters has been the emergence of a purported hacker who uses the handled "Guccifer 2.0." The pseudonymous individual (who has no known relationship with Guccifer, an older hacker) claims they were the one who really hacked the DNC, and has been leaking alleged internal files to "prove" it, including what appears to be information on Democratic Party donors and finances.

Advertisement

Describing themselves as a "lone hacker," Guccifer 2.0 wrote in a blog post: "Worldwide known cyber security company CrowdStrike announced that the Democratic National Committee (DNC) servers had been hacked by 'sophisticated' hacker groups. I'm very pleased the company appreciated my skills so highly))) But in fact, it was easy, very easy."

However, security firms aren't buying it. Some suggest this is a deliberate "disinformation campaign" to deflect blame away from Russian spy agencies.

Security researchers at Fidelis took a look at the DNC malware, and in a blog post published on Monday they say CrowdStike is correct. "Based on our comparative analysis we agree with CrowdStrike and believe that the COZY BEAR and FANCY BEAR APT groups were involved in successful intrusions at the DNC. The malware samples contain data and programming elements that are similar to malware that we have encountered in past incident response investigations and are linked to similar threat actors."

(Cozy Bear and Fancy Bear are alternate names for the Russian government-affiliated hacking groups.)

Likewise, a researcher at security firm Mandiant told The Washington Post "that the malware and associated servers are consistent with those" that have been used before by the groups.

Advertisement

In an update to its original blog post, Crowdstrike posits that Guccifer 2.0 could be "part of a Russian Intelligence disinformation campaign." Either way, the company says, "these claims do nothing to lessen our findings relating to the Russian government's involvement."

In short, Russian spooks may have created Guccifer 2.0 to try and deflect blame after their hack was discovered. ""There's a possibility that this was a mistake," Dave Aitel, CEO of Immunity, told Tech Insider. "The crime of trying to influence a Democratic election has massive blowback potential."

Alternately, Guccifer 2.0 might really be a lone hacker who just happened to break into the DNC's servers at the same time as Russian government attackers.

Either way, we may well be seeing more leaks very soon. Guccifer 2.0 has promised to release I found "something like a dossier on Hillary Clinton" on June 21 - today - at 10AM, although it's not clear what timezone the blog post is referring to.

"It's a heavy folder of docs that will attract your attention. You'll like it."

Advertisement

NOW WATCH: 4 things men can stop doing online that will automatically make them more attractive

Please enable Javascript to watch this video
You are subscribed to notifications!
Looks like you've blocked notifications!
Next Article