It is a hack that is unsettling at the very least, as it hints of further connection between Russia and controversial Republican presidential candidate Donald Trump.
Recently, the Democratic National Committee (DNC) has admitted it has suffered a serious security breach. Its personal, donor, and financial information appears to remain secure; however, its files on Trump had been accessed. The DNC believes the hack came from or with the support of the Russian government itself.
The moment the hack was discovered, the DNC called a firm known as CrowdStrike to stop the hackers immediately. CrowdStrike Services, Inc. said that it immediately deployed its IR team as well as technology to identify the DNC’s “two sophisticated adversaries on the network.”
Upon learning more about the hackers, the firm decided to nickname them Cozy Bear and Fancy Bear. Apparently, this is not the first time the bears have struck in the U.S. cyber network. In fact, CrowdStrike considers them as “one of the best adversaries out of all the numerous nation-state, criminal and hacktivist/terrorist groups we encounter on a daily basis.” They are said to have “superb” tradecraft with operational security that is “second to none.”
Cozy Bear, referred to as CozyDuke or APT 29 by some industry reports, is said to be adversary group responsible for the successful infiltration of certain unclassified networks in the State Department, U.S. Joint Chiefs of Staff and the White House.
In the past, it has also targeted a host of other organizations, including think thanks, manufacturing media, pharmaceutical, extractive, financial, insurance, defense and energy companies. They have not only struck in the U.S., but also in China, Japan, Mexico, New Zealand, South Korea, Turkey, Central Asia and Western Europe.
Meanwhile, Fancy Bear, who also has the nickname Sofacy or APT 28, is referred to as “separate Russian-based threat actor.” The hacker is said to have been around since the mid 2000’s and has launched a number of targeted intrusion campaigns against defense, government, energy, aerospace and media sectors.
They haven’t targeted only the U.S.. They’ve launched their campaigns against Western Europe, Canada, Brazil, Georgia, Iran, Japan, Malaysia, South Korea and China as well. There is also an indication that Fancy Bear is affiliated with Russia’s Main Intelligence Department or Russia’s intelligence service GRU.
Vladimir Putin and Donald Trump Allegiance
According to a report from the Washington Post, it is believed that the purpose of the Trump hack is to gain a better understanding of Trump’s proclivities.
According to former senior Councillor to the CIA director and former general counsel at the National Security Agency Robert Deitz, “Trump’s foreign investments, for example, would be relevant to understanding how he would deal with countries where he has those investments.” However, others say that the reason for the hack goes beyond future planning. Rather, it is Russia’s way of helping Trump become the next U.S. president.
A report from the Sydney Morning Herald revealed that there is a network of Russian-supported anti-Western websites linked to a number of American white supremacists as well as conspiracy theory sites. The activists linked to such sites are now voicing out criticism against the U.S., NATO and the Western society, much like Moscow.
According to New America Foundation strategist Peter Singer, there seems to be “some kind of alignment” between extremist western groups and Russian groups.
“The key is how much of it is fandom and shared interests (both support Trump, for example) and how much of it is direct inspiration and coordination,” he explained.
When asked about the hack, the Trump campaign referred the questions to the Secret Service.