US authorities provided technical details to back up their claims that Russian authorities were behind recent cyber attacks on American political targets.
US authorities on Thursday released technical details about the tools and infrastructure that Russian hackers used to compromise the computer systems of multiple American government and private entities.
A brief joint report from the Federal Bureau of Investigation and the Department of Homeland Security outlines what the agencies refer to as Russia’s “ongoing campaign of cyber-enabled operations directed at the US government and its citizens.”
The report bolsters the FBI’s earlier claim that hackers affiliated with Russian intelligence services (RIS) targeted computers at the headquarters of the Democratic National Committee during the final months of the 2016 US presidential election. Two separate Russian organizations gained access to the political party’s systems as early as summer 2015, according to the report. The first group used a “spearphishing” campaign that sent an email to more than 1,000 recipients, at least one of whom opened attachments containing malware.
The second Russian group targeted the same political party—the report does not identify the DNC by name—in spring 2016 using a similar phishing campaign, which tricked recipients into visiting a fake website that asked them to change their email passwords. The second attack likely resulted in the “exfiltration of information from multiple senior party members,” according to the report.
“Actors likely associated with RIS are continuing to engage in spearphishing campaigns, including one launched as recently as November 2016, just days after the U.S. election,” the report concluded.
US authorities did not announce further information about the two groups, nor the specifics of their links to Russian intelligence. The report simply states that “public attribution of these activities to RIS is supported by technical indicators from the US Intelligence Community, DHS, FBI, the private sector, and other entities.”
Along with the report, the Obama administration also announced sanctions against Russia for its hacking activities. Using an executive order, President Obama sanctioned the GRU and FSB, Russia’s military and civilian intelligence agencies, as well as three companies and four individual members of the GRU that he said provided support to its hacking operations.
“We will continue to take a variety of actions at a time and place of our choosing, some of which will not be publicized,” Obama said in a statement. “In addition to holding Russia accountable for what it has done, the United States and friends and allies around the world must work together to oppose Russia’s efforts to undermine established international norms of behavior, and interfere with democratic governance.”
The Russian response to the sanctions appeared scattered Thursday afternoon, with the Russian embassy in the UK offering a separate statement on Twitter from that of Konstantin Kosachev, the head of Russia’s Committee on Foreign Relations.
“The outgoing administration has no grounds, neither political nor moral rights for such harsh and destructive steps towards the bilateral relations with Russia,” he told Interfax, a Russian newswire, according to NBC News. “I am sorry for the harsh wording but I don’t have other words for it. This not just an agony of the ‘lame ducks,’ but of the ‘political corpses.'”
Although President-elect Donald Trump has downplayed the severity of Russia’s hacking efforts, private sector security experts in the US welcomed the sanctions.
“The administration, fellow lawmakers and general public must understand the potentially catastrophic consequences of a digital cyber conflict,” Intel Security CTO Steve Grobman said in a statement issued ahead of the sanctions. “We usually consider critical infrastructure to include life-sustaining services such as water, power, transportation, and first responder communications. But, given that election systems are the foundational organs of democracy, we must protect them accordingly.”