Digital Directorship – Cybersecurity: Government
DNC says Russia tried to hack its servers again in November 2018
Democrats say the spear-phishing attack, which was attributed to Russian group Cozy Bear, was unsuccessful.
By Catalin Cimpanu for Zero Day | January 19, 2019
The Democratic National Committee (DNC) claimed today that Russian hackers tried to break into its servers in November 2018, shortly after the conclusion of the US midterm elections.
The claim was made in an updated complaint in a lawsuit the DNC filed in April 2018 against the Russian state, Russia’s military intelligence service GRU, the hacker known as Guccifer 2.0, WikiLeaks and its founder Julian Assange, and several members of the Trump campaign, such as Donald Trump, Jr., Paul Manafort, Roger Stone, Jared Kushner, and George Papadopoulos.
The DNC filed the original lawsuit in an attempt to prove collusion between the Trump campaign, Russia, and WikiLeaks.
“On November 14, 2018, dozens of DNC email addresses were targeted in a spear-phishing campaign, although here is no evidence that the attack was successful,” the DNC said in updated court documents.
“The content of these emails and their timestamps were consistent with a spearphishing campaign that leading cybersecurity experts have tied to Cozy Bear (APT 29),” the DNC said.
At the time, it wasn’t known that the emails also targeted the DNC.
The Cozy Bear group is one of the two Russian cyber-espionage groups which also hacked the DNC back in 2016, before the US Presidential election. The other group was Fancy Bear (APT28).
In the aftermath of the infamous DNC hack, CrowdStrike experts said Cozy Bear appeared to have affiliations to the FSB, Russia’s main intelligence service, a department previously led by Vladimir Putin a few years before becoming Russia’s president.
In November 2018, Russia tried to have the DNC lawsuit thrown out on the grounds that its hacking operations are considered military intelligence gathering and are outside the US courts’ jurisdiction.
In December 2018, the National Republican Congressional Committee (NRCC) disclosed that it was the victim of a cyber intrusion during the 2018 campaign season.