Skip to content
Naked Security Naked Security

Russian snoops ‘stole Democrats’ dossier on Donald Trump’

Beyond the opposition data about Trump, intruders could read all email and chat traffic.

Russian cyberspies have stolen the Democratic National Committee’s (DNC’s) opposition research on Donald Trump, reports The Washington Post.

Beyond the Trump dossier, the breach of the DNC’s system was so thorough that the intruders could read all email and chat traffic, according to the newspaper’s sources – who the newspaper refers to as DNC officials and security experts who responded to the breach.

Those sources said that some of the intruders had access to the DNC network for about a year, but all were expelled “in a major computer cleanup campaign” over the weekend.

According to CrowdStrike, the security firm that the DNC called on for help, it identified two “sophisticated adversaries” on the network of the formal governing body for the US Democratic Party.

According to CTO and co-founder Dmitri Alperovitch, the two adversaries use the handles Cozy Bear and Fancy Bear – groups believed to be closely linked to Russia’s intelligence services.

While Cozy Bear and Fancy Bear are similar, they’re apparently not working together, according to Alperovitch.

Cozy Bear got to the DNC first, he said: CrowdStrike traced the intrusion back to the North American summer of 2015, almost a year ago:

At DNC, COZY BEAR intrusion has been identified going back to summer of 2015, while FANCY BEAR separately breached the network in April 2016. We have identified no collaboration between the two actors, or even an awareness of one by the other. Instead, we observed the two Russian espionage groups compromise the same systems and engage separately in the theft of identical credentials.

It was the April breach that raised a red flag at the DNC. According to CrowdStrike President Shawn Henry, the intruders stole two files during that breach. The files granted access to computers of the DNC’s entire research staff, or an average of about several dozen on any given day.

Why wouldn’t the two groups cooperate, in order to avoid compromising each other’s operations?

According to Alperovitch:

We have seen them steal assets from one another, refuse to collaborate. They’re all vying for power, to sell Putin on how good they are.

Why target Trump, besides the mutual admiration club that’s arisen between Putin and the Republican presidential candidate?

Because governments are playing catch-up on the flame-haired question mark, who’s never held political office before, analysts told the Washington Post.

Robert Deitz, former senior councillor to the CIA director and a former general counsel at the National Security Agency:

The purpose of such intelligence gathering is to understand the target’s proclivities.

Trump’s foreign investments, for example, would be relevant to understanding how he would deal with countries where he has those investments [should he be elected].

They may provide tips for understanding his style of negotiating. In short, this sort of intelligence could be used by Russia, for example, to indicate where it can get away with foreign adventurism.

Russia has denied any involvement in the hacking. Kremlin spokesman Dmitry Peskov told Reuters:

I completely rule out a possibility that the [Russian] government or the government bodies have been involved in this.

Image of Donald Trump courtesy of a katz / Shutterstock.com

3 Comments

Not exactly reassuring that the mechanism to detect breaches apparently was available ten months ago but was disregarded until this weekend.

Russia and China are like Bart Simpson. “I didn’t do, nobody saw me do it. You can’t prove anything”. Even when it can be proven, they just stick their fingers in their ears and shout “La La La” over and over

Comments are closed.

Subscribe to get the latest updates in your inbox.
Which categories are you interested in?