Democrats' emails came under attack right before the election: report

CrowdStrike, the firm hired by the DNC to protect its network, says a second attack happened days before the vote

Published December 12, 2016 10:32PM (EST)

This Wednesday, May 20, 2015 photo shows server banks inside a data center at AEP headquarters in Columbus, Ohio. Like most big utilities, AEP's power plants, substations and other vital equipment are managed by a network that is separated from the company's business software with layers of authentication, and is not accessible via the Internet. Creating that separation, and making sure that separation is maintained, is among the most important things utilities can do to protect the grid's physical assets. (AP Photo/John Minchillo) (AP)
This Wednesday, May 20, 2015 photo shows server banks inside a data center at AEP headquarters in Columbus, Ohio. Like most big utilities, AEP's power plants, substations and other vital equipment are managed by a network that is separated from the company's business software with layers of authentication, and is not accessible via the Internet. Creating that separation, and making sure that separation is maintained, is among the most important things utilities can do to protect the grid's physical assets. (AP Photo/John Minchillo) (AP)

An unreported cycberattack targeting the Clinton campaign and the Democratic National Committee days before the election was disclosed Monday, intensifying concerns that Russia deliberately tilted the election to President-elect Donald Trump.

The attacks, conducted in late October, used a "phishing" technique to procure login information to the secured networks, Yahoo News reported on Monday. CrowdStrike, the cybersecurity firm hired by the DNC to prevent attacks on its network, told Yahoo News that DNC staffers were able to reject the attack because they knew the unsolicited emails were suspicious.

CrowdStrike was the first group to conclude Russian intelligence perpetrated the DNC hack. CrowdStrike identified an individual known as "Fancy Bear" as the hacker who breached the DNC's network in April of this year. The hack resulted in the leak of thousands of internal DNC emails that were later published by WikiLeaks.

According to Dmitri Alperovitch, co-founder of CrowdStrike, the same technique applied in the April hack was used again in October, leading experts to believe the source of the attacks was done by the same group or individual. "Fancy Bear" is thought to be an associate of Russia's military intelligence service, the GRU.

"When we look at this over 10 years — literally hundreds of intrusions — [and] you look at the tradecraft, you look at the victims, it all points to Russian intelligence services," Alperovitch said to Yahoo News.

CrowdStrike told Yahoo News there was evidence that "Fancy Bear" was now targeting political organizations in Germany, as the European power gears up for its own election. The chief of German domestic intelligence said last week that a recent wave of "aggressive cyberespionage" had hit local politicians.


By Taylor Link

MORE FROM Taylor Link


Related Topics ------------------------------------------

Crowdstrike Democratic National Committee Donald Trump Hack Russia Wikileaks