January 11, 2017 by

U.S. Declassifies Technical Details of Russian Hacking

Following unprecedented sanctions against Russia for the cyberattacks and hacking endeavors in the run-up to the US presidential elections, the Obama administration has declassified technical information on the malicious cyber activities undertaken by Russian intelligence services.

Calling the sanctions a “necessary and appropriate response” the White House added that “all Americans should be alarmed by Russia’s actions.”

Meanwhile, the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have released a joint analysis report that reveals details of the computers targeted and co-opted by Russian intelligence services, without the knowledge of their owners. The DHS has labeled this activity as Grizzly Steppe.

Russian intelligence sources compromised a number of computers located around the world to launch cyberattacks in an effort to mask their activities from Russia. The joint report also points to newly declassified data that would enable cybersecurity firms and security researchers to identify malware strains used by Russian intelligence services. The Obama administration adds that it hopes researchers will be able to use the information to identify and then block the malware. This, in turn, would force Russian intelligence services to re-engineer the malware.

The following is a graphical representation of how Russia state-sponsored hackers targeted and compromised the DNC in 2015.

Image source: DHS

This chart further explains how Russian intelligence conducted phishing campaigns that were often successful.

Image source: DHS

The sanctions were described as “a manifestation of an unpredictable and even aggressive foreign policy,” by Kremlin Press Secretary Dmitry Peskov.

The official added:

Considering the current transition period in Washington, we still expect that we’ll be able to get rid of such clumsy actions…of behaving like a bull in a china shop, and that we’ll be able to make mutual joint steps to enter on the path of normalization of our bilateral relations

President-elect Trump will have the authority to reverse the sanctions, according to Obama administration officials. For his part, Trump has stated “It’s time for our country to move onto bigger and better things.”

He added, however:

Nevertheless, in the interest of our country and its great people, I will meet with leaders of the intelligence community next week in order to be updated on the facts of this situation.

Image credit: Wikimedia.

About the author

Image of Author

LIFARS is the global leader in Digital Forensics and Cyber Resiliency Services. Our experience spans two decades working on high profile events, often in concert with Law Enforcement Agencies around the world. Our proprietary methodology derives directly and indirectly from our experience working with and for U.S. Intelligence Agencies, Interpol, Europol, and NATO. We are solely dedicated to Cyber Resiliency and thus pay close attention to all aspects of our clients’ engagements experience while providing a strategic and integrated array of services to minimum risk and disruption while protecting your brand.

Related articles

Cyberattacks Cost Up to $109 Billion in 2016: White House Report

In a report on Friday, the White House Council of Economic Advisers estimated that malicious cyber...

Read more arrow_forward

Russian State-Sponsored Hackers Target the US Senate: Researchers

The suspected Russian hackers behind the breach of the Democratic National Committee (DNC) is now...

Read more arrow_forward

UK Cybersecurity Chief Blames Russia for Cyberattacks

The head of the UK GCHQ’s National Cyber Security Centre (NCSC) has accused Russia of staging...

Read more arrow_forward