' fill='%230E4F97'%3E%3Cg id='Group-5' transform='translate(370.000000, 11.000000)'%3E%3Cg id='avatar' transform='translate(6.000000, 4.000000)'%3E%3Ccircle id='Oval' cx='8' cy='4' r='4'%3E%3C/circle%3E%3Cpath d='M7.12864205,10 L8.87135795,10 C11.558649,10 14.0087196,11.5384024 15.1762205,13.958831 L16,15.6666667 L16,15.6666667 L15.3374858,17.5134983 C15.228016,17.8186575 14.9774027,18.051811 14.6651459,18.1389975 L8,20 L8,20 L1.33485405,18.1389975 C1.02259733,18.051811 0.771984007,17.8186575 0.662514216,17.5134983 L0,15.6666667 L0,15.6666667 L0.823779545,13.958831 C1.99128041,11.5384024 4.44135104,10 7.12864205,10 Z' id='Rectangle'%3E%3C/path%3E%3C/g%3E%3C/g%3E%3C/g%3E%3C/g%3E%3C/svg%3E)
US cybersecurity firms say Russia likely behind hacks
Fidelis Cybersecurity and ThreatConnect finger ‘Fancy Bear’ group, linked to Russian intelligence services, in breach
Two US cybersecurity firms said that their analysis of computer breaches at the Democratic Party’s funding group for congressional candidates shows detailed evidence that the intrusions were likely linked to Russian hackers.
The two US companies said in separate posts today that Internet domains and registrants used in the breach of computers used by the Democratic Congressional Campaign Committee, or DCCC, tie back to a Russian hacking group linked to that nation’s intelligence services. That same hacking group, known as “Fancy Bear,” was previously connected to the June cyber breach at the Democratic National Committee.
Both firms, Fidelis Cybersecurity and ThreatConnect, said the hackers created a fake Internet DCCC donation site. The registrant for the fake DCCC site was linked back to other web domains used by “Fancy Bear.”
The FBI is investigating a hack at the Democratic National Convention that resulted in the posting last week of embarrassing internal communications on WikiLeaks, and a similar intrusion of the House Democratic Congressional Campaign Committee. President Barack Obama has said Russia was almost certainly responsible for the DNC hack, an assertion with which cybersecurity experts have agreed.
The FBI said Friday it was aware of “media reporting on cyber intrusions involving multiple political entities, and is working to determine the accuracy, nature and scope of these matters.”
The intrusions have added another layer of mystery to the hacking of Democratic Party information that has been revealed in the heat of this year’s presidential and congressional elections.
The DNC breach led to the release by WikiLeaks on July 22, days before the Democratic national convention began, of 19,000 emails showing that supposedly neutral party officials were favoring Hillary Clinton over Sen. Bernie Sanders during their primary contest for the presidential nomination. As a result of that disclosure, party chairwoman Rep. Debbie Wasserman Schultz, D-Florida, announced her resignation this week.
On Friday, the DCCC, which raises money and provides other assistance for Democratic House candidates, acknowledged a digital break-in of its computers that it said resembled the DNC hack.
Spokeswoman Meredith Kelly said the committee was “the target of a cybersecurity incident” and was informed by investigators “that this is similar to other recent incidents, including the DNC breach.”
She said the congressional campaign committee is using CrowdStrike Inc., a computer security firm based in Irvine, California, and is “cooperating with the federal law enforcement with respect to their ongoing investigation.” She said her organization is “continuing to take steps to enhance the security of our network in the face of these recent events.”
CrowdStrike issued a statement confirming its work for the congressional campaign committee but provided no additional details.
