russian-hacker

Cybersecurity firm Trend Micro recently published a report which alleged hacker groups aligned to the Russian government have been targeting the internal email system of the U.S. Senate for the past eight months.

The report entitled “Update on Pawn Storm: New Targets and Politically Motivated Campaigns”, disclosed that the espionage actor group Pawn Storm began its hacking operations in June 2017. The group set up phishing sites which used credentials on the U.S. Senate’s Active Directory Federation Services (ADFS).

Another approach is to send an email from the target’s Microsoft Exchange server advising of an expired password. Once the target attempts to login through the fake emails, his/her credentials will be stolen by the hacker.

In addition to Pawn Storm, another hacker group known as Fancy Bear has placed several Winter Olympics organizations it its crosshairs. According to Trend Micro, Fancy Bear’s hacking operations started after Russia was disqualified from the Games because of doping allegations.

Pawn Storm, Fancy Bear and a third hacker group, Cozy Bear were identified by a number of cybersecurity firms as responsible for hacking the internal email system of the Democratic National Committee (DNC) in 2017.

A separate investigation using a massive database of targets provided by cybersecurity firm Secureworks, determined the hacker groups are aligned with the objectives of the Russian government. The investigation was commissioned by the Associated Press.

Trend Micro has been tracking Pawn Storm’s activities the past four years where it was busy launching phishing attempts on political groups located in Iran, France, Germany, Montenegro, Turkey and Ukraine. The cybersecurity firm is convinced the group is directly linked with the Kremlin.

Feike Hacquebord, Senior Researcher at Trend Micro, said the Russian hacker groups set up fake Senate sites in June and September 2017. This was the same tactic they used to leak private emails from French presidential candidate Emmanuel Macron’s staff during the home stretch of the campaign.

Macron defeated nationalist candidate Marie Le Pen.

Hacquebord believes the hacking attempts will continue:

“With the Olympics and several significant global elections taking place in 2018, we can be sure Pawn Storm’s activities will continue.”

Republican Senator Ben Sasse from Nebraska challenged the Trump administration and Attorney General Jeff Sessions to take action and prevent further meddling from the Russian government:

“Russia is just getting started and the hacks, forgeries and influence campaigns are going to get more and more sophisticated. The Attorney General should come back to Congress and explain what steps he’s taken since last year.”

About The Author