Exclusive: Russian hackers targeted California, Indiana Democratic
parties
Send a link to a friend
 [October 30, 2020]
By Raphael Satter, Christopher Bing and Joel Schectman
WASHINGTON (Reuters) - The group of Russian
hackers accused of meddling in the 2016 U.S. presidential election
earlier this year targeted the email accounts of Democratic state
parties in California and Indiana, and influential think tanks in
Washington and New York, according to people with knowledge of the
matter.
The attempted intrusions, many of which were internally flagged by
Microsoft Corp <MSFT.O> over the summer, were carried out by a group
often nicknamed "Fancy Bear." The hackers' activity provides insight
into how Russian intelligence is targeting the United States in the
run-up to the Nov. 3 election.
The targets identified by Reuters, which include the Center for American
Progress, the Council on Foreign Relations and the Washington-based
Carnegie Endowment for International Peace, said they had not seen any
evidence of successful hacking attempts.
Fancy Bear is controlled by Russia's military intelligence agency and
was responsible for hacking the email accounts of Hillary Clinton's
staff in the run-up to the 2016 election, according to a Department of
Justice indictment filed in 2018.
News of the Russian hacking activity follows last month's announcement
https://www.reuters.com/article/us-usa-election-cyber-microsoft/microsoft-foreign-hackers-are-targeting-biden-and-trump-camps-idUSKBN26136Z
by Microsoft that Fancy Bear had attempted to hack more than 200
organizations, many of which the software company said were tied to the
2020 election. Microsoft was able to link this year's cyber espionage
campaign to the Russian hackers through an apparent programming error
that allowed the company to identify a pattern of attack unique to Fancy
Bear, according to a Microsoft assessment reviewed by Reuters.
Microsoft declined to comment on Reuters' findings.
The thrust of espionage operations could not be determined by Reuters.
The Office of the Director of National Intelligence said in August
https://www.reuters.com/article/us-usa-election-interference/u-s-counterspy-chief-warns-russia-china-iran-trying-to-meddle-in-2020-election-idUSKCN253304
that Russian operations were attempting to undermine the campaign of
presidential candidate Joe Biden.
Democratic National Committee spokesman Chris Meagher said it was “no
surprise” that foreign actors were attempting to interfere with the
election.
The Russian Embassy in Washington said it does not interfere in
America's internal affairs and denied any link to "Fancy Bear," calling
the allegation "fake news."
The Trump campaign did not return messages.
Over the summer, a specialized cybersecurity unit at Microsoft and
federal law enforcement agents notified many of the targets who were in
Fancy Bear's crosshairs, according to six people with knowledge of the
matter. Reuters identified SKDKnickerbocker, a lobbying firm allied with
Democratic presidential candidate Joe Biden, as one of them last month.
The targeting of Democrats in Indiana and California - confirmed by four
people familiar with the matter - suggests that the Russians are
"casting their net wide," said Don Smith of cybersecurity company
Secureworks.
[to top of second column]
|
Silhouettes of laptop users are seen next to a screen projection of
binary code are seen in this picture illustration taken March 28,
2018. REUTERS/Dado Ruvic/Illustration
The Indiana Democratic Party said in a statement it was “unaware of
any successful intrusions.” California Democratic Party Chair Rusty
Hicks acknowledged being targeted, but stopped short of naming Fancy
Bear, saying in an email that “the effort by the foreign entity was
unsuccessful.”
The FBI declined comment.
ATTACKS ON INFLUENTIAL NON-PROFITS
Fancy Bear also targeted think tanks and foreign policy
organizations that hold sway in Washington and have, in the past,
provided staff for presidential administrations.
Among them was the Center for American Progress (CAP), a
left-leaning group whose founder, John Podesta, was at the center of
the 2016 Russian hack and leak operation, according to a person with
direct knowledge of the incident.
A CAP spokesperson said the organization had not been breached and
declined further comment.
The Open Society Foundations, one of the first organizations to see
its correspondence leaked to the public by Fancy Bear in 2016, was
targeted by the Kremlin again earlier this year, according to two
people briefed on the matter. The group's founder, George Soros, has
provided substantial funding to pro-democracy causes and is a
regular target of Russian disinformation as well as domestic
conspiracy theories.
In a statement, the Open Society said "obviously tensions are
extraordinarily high heading into this election, and we are taking
many steps to ensure the safety of our staff."
Others targeted by Fancy Bear in 2020 included the New York-based
Council on Foreign Relations (CFR), the Washington-based Carnegie
Endowment, and the Center for Strategic and International Studies (CSIS)
- all of whom were notified by Microsoft, according to people
familiar with the respective organizations.
A CSIS spokesman declined comment on the hacking activity. A
Carnegie spokeswoman confirmed the targeting, but declined to
provide further detail. A spokeswoman with the Council on Foreign
Relations said they had not been breached.
(editing by Jonathan Weber, Chris Sanders and Edward Tobin)
[© 2020 Thomson Reuters. All rights
reserved.] Copyright 2020 Reuters. All rights reserved. This material may not be published,
broadcast, rewritten or redistributed.
Thompson Reuters is solely responsible for this content.
 |
