The group of Russian hackers accused of meddling in the 2016 US presidential election earlier this year targeted the e-mail accounts of Democratic state parties in California and Indiana, and influential think tanks in Washington and New York, people with knowledge of the matter said.
The attempted intrusions, many of which were internally flagged by Microsoft Corp over the summer, were carried out by a group often nicknamed “Fancy Bear.”
The hackers’ activity provides insight into how Russian intelligence is targeting the US in the run-up to Tuesday’s presidential election.
The targets identified by Reuters, including the Center for American Progress, the Council on Foreign Relations and the Washington-based Carnegie Endowment for International Peace, said that they had not seen any evidence of successful hacking attempts.
Fancy Bear is controlled by Russia’s military intelligence agency and was responsible for hacking the e-mail accounts of former US secretary of state Hillary Rodham Clinton’s staff in the run-up to the 2016 election, a US Department of Justice indictment filed in 2018 said.
News of the Russian hacking activity follows last month’s announcement by Microsoft that Fancy Bear had attempted to hack more than 200 organizations, many of which were tied to this year’s election.
Microsoft was able to link this year’s cyberespionage campaign to the Russian hackers through an apparent programming error that allowed the company to identify a pattern of attack unique to Fancy Bear, a Microsoft assessment reviewed by Reuters showed.
Microsoft declined to comment on Reuters’ findings, citing customer privacy.
However, Microsoft corporate vice president of customer security and trust Tom Burt said in a statement that the company — and the US government — “have been working hard to keep this election safe and secure.”
The thrust of espionage operations could not be determined by Reuters.
The Office of the Director of National Intelligence in August said that Russian operations were attempting to undermine the campaign of former US vice president Joe Biden, the Democratic presidential candidate.
Democratic National Committee spokesman Chris Meagher said it was “no surprise” that foreign actors were attempting to interfere with the election.
The Russian embassy in Washington said it does not interfere in the US’ internal affairs and denied any link to “Fancy Bear,” calling the allegation “fake news.”
US President Donald Trump’s campaign did not return messages.
Over the summer, a specialized cybersecurity unit at Microsoft and federal law enforcement agents notified many of the targets who were in Fancy Bear’s crosshairs, six people with knowledge of the matter said.
Reuters last month identified SKDKnickerbocker, a lobbying firm allied with Biden, as one of them.
The targeting of Democrats in Indiana and California — confirmed by four people familiar with the matter — suggests that the Russians are “casting their net wide,” said Don Smith, a senior director at cybersecurity company Secureworks.
The Indiana Democratic Party said in a statement that it was “unaware of any successful intrusions.” California Democratic Party Chairman Rusty Hicks acknowledged being targeted, but stopped short of naming Fancy Bear, saying in an e-mail that “the effort by the foreign entity was unsuccessful.”
The FBI declined comment.
Fancy Bear also targeted think tanks and foreign policy organizations that hold sway in Washington and have, in the past, provided staff for presidential administrations.
Among them was the Center for American Progress (CAP), a left-leaning group whose founder, John Podesta, was at the center of the 2016 Russian hack and leak operation, a person with direct knowledge of the incident said.
A CAP spokesperson said that the organization had not been breached and declined further comment.
The Open Society Foundations, one of the first organizations to see its correspondence leaked to the public by Fancy Bear in 2016, was targeted by the Kremlin again earlier this year, two people briefed on the matter said.
Open Society founder George Soros has provided substantial funding to pro-democracy causes and is a regular target of Russian disinformation.
BOMBARDMENT: Moscow sent more than 440 drones and 32 missiles, Volodymyr Zelenskiy said, in ‘one of the most terrifying strikes’ on the capital in recent months A nighttime Russian missile and drone bombardment of Ukraine killed at least 15 people and injured 116 while they slept in their homes, local officials said yesterday, with the main barrage centering on the capital, Kyiv. Kyiv City Military Administration head Tymur Tkachenko said 14 people were killed and 99 were injured as explosions echoed across the city for hours during the night. The bombardment demolished a nine-story residential building, destroying dozens of apartments. Emergency workers were at the scene to rescue people from under the rubble. Russia flung more than 440 drones and 32 missiles at Ukraine, Ukrainian President Volodymyr Zelenskiy
‘SHORTSIGHTED’: Using aid as leverage is punitive, would not be regarded well among Pacific Island nations and would further open the door for China, an academic said New Zealand has suspended millions of dollars in budget funding to the Cook Islands, it said yesterday, as the relationship between the two constitutionally linked countries continues to deteriorate amid the island group’s deepening ties with China. A spokesperson for New Zealand Minister of Foreign Affairs Winston Peters said in a statement that New Zealand early this month decided to suspend payment of NZ$18.2 million (US$11 million) in core sector support funding for this year and next year as it “relies on a high trust bilateral relationship.” New Zealand and Australia have become increasingly cautious about China’s growing presence in the Pacific
Indonesia’s Mount Lewotobi Laki-Laki yesterday erupted again with giant ash and smoke plumes after forcing evacuations of villages and flight cancelations, including to and from the resort island of Bali. Several eruptions sent ash up to 5km into the sky on Tuesday evening to yesterday afternoon. An eruption on Tuesday afternoon sent thick, gray clouds 10km into the sky that expanded into a mushroom-shaped ash cloud visible as much as 150km kilometers away. The eruption alert was raised on Tuesday to the highest level and the danger zone where people are recommended to leave was expanded to 8km from the crater. Officers also
ESPIONAGE: The British government’s decision on the proposed embassy hinges on the security of underground data cables, a former diplomat has said A US intervention over China’s proposed new embassy in London has thrown a potential resolution “up in the air,” campaigners have said, amid concerns over the site’s proximity to a sensitive hub of critical communication cables. The furor over a new “super-embassy” on the edge of London’s financial district was reignited last week when the White House said it was “deeply concerned” over potential Chinese access to “the sensitive communications of one of our closest allies.” The Dutch parliament has also raised concerns about Beijing’s ideal location of Royal Mint Court, on the edge of the City of London, which has so
RSS