It’s official: USA has formally accused Russia of malpractice during their Presidential Elections. And in the largest retaliation seen since the cold war, Obama has struck down and sent 35 Russian diplomats back home.
The final straw was drawn after Federal Bureau of Investigation (FBI) and the Department of Homeland Security (DHS) released a declassified report on Thursday (29 December), accusing Russia of hacking the US election.
The report has also triggered the closing down of two compounds in response to the cyber attacks. It writes that two different Russian civilian and military intelligence services (RIS), which were probably state sponsored, “participated in the intrusion into a US political party.”
The document clearly points towards the Democratic National Committee (DNC) and Hillary Clinton’s campaign chairman John Podesta, being the victims of data stealing, but does not name them specifically.
The report further claims that the first hacker, Advanced Persistent Threat (APT) 29, broke into the party’s systems in summer 2015, while the second, known as APT28, managed to gain access in spring 2016.
The report further adds that an ATP29 spearphishing campaign sent more than 1,000 emails containing a malicious link. At least one targeted recipient opened the link to the malware, enabling the hackers to gain access.
The hack attack has been given codename “Grizzly Steppe,” and FBI has released a detailed infographic on the mechanism employed to jeopardise the elections.
The document states that the APT29 delivered malware to the systems that
“established persistence, escalated privileges, enumerated active directory accounts, and exfiltrated email from several accounts through encrypted connections back through operational infrastructure.”
Using spearphishing, the ATP28 campaign managed to trick the targeted individuals into changing their passwords, and then stole content from multiple senior party members.
While the US government has publicly announced the leaks, they have not referred to WikiLeaks or Guccifer 2.0, who were the two outlets intelligence agencies previously claimed to be linked to the election-based leaks.
The FBI, DHS, and ODNI said in a joint statement.
“This activity by Russian intelligence services is part of a decade-long campaign of cyber-enabled operations directed at the US Government and its citizens,”
It added on,
“In other countries, Russian intelligence services have also undertaken damaging and disruptive cyberattacks, including on critical infrastructure, in some cases masquerading as third parties or hiding behind false online personas designed to cause victim to misattribute the source of the attack.”
The report also states that this is not over and RIS is likely to continue conduct spearphishing campaigns in the future.
Meanwhile, President-elect Donald Trump, who might be the biggest beneficiary of this attack, has continued to deny Russia’s involvement and instead has blamed computers for the confusion.
It is interesting to note that is in complete contrast with what his own party claim, who are avidly calling for action against Moscow and Russian President Vladimir Putin.
You can read the complete 13-page report here:
What are your thoughts on the leaks? Is USA’s reaction justified? Are we on the brink of another cold war, or even worse?
Share your views in the comments’ section below!