January 10, 2018 by

Russian State-Sponsored Hackers Target the US Senate: Researchers

The suspected Russian hackers behind the breach of the Democratic National Committee (DNC) is now targeting the US Senate, according to new research from cybersecurity firm Trend Micro.

According to findings from Trend Micro, the Russian state-linked hacking group known as “Fancy Bear” has been establishing faux websites that purport to be the Senate’s login server in the hopes of tricking staffers into entering their Senate credentials. A common phishing scam, this particular attempt is notable, as the report suggests, for the Kremlin’s attempts in laying the groundwork toward a comprehensive compromise of the ADFS (Active Directory Federation Services) of the US Senate.

The fake websites are purporting to be the login page of the Senate’s email server, which runs on a Windows platform. While the real Senate login page isn’t accessible publicly, it can be accessed by Senate staffers using their internal network. However, the security researchers are in agreement that the Kremlin’s move makes sense as an early preparatory step.

“In case an actor already has a foothold in an organization after compromising one user account,” researchers wrote, adding that “credential phishing could help him get closer to high profile users of interest.”

The report also adds that Fancy Bear hackers have been targeting Olympic sports organizations, particularly after a ban on Russian athletes from participating in the upcoming winter Olympics. Several Russian Olympians have also been banned for life.

The targeted campaign against the US Senate was first noticed in June 2017 and the digital fingerprints inherent in the phishing sites are similar to “a couple of Pawn Storm incidents in 2016 and 2017” researchers added.

In a warning, they added:

Rogue political influence campaigns are not likely to go away in the near future. Political organizations have to be able to communicate openly with their voters, the press and the general public. This makes them vulnerable to hacking and spear phishing. 

Image credit: Pixabay.

About the author

Image of Author

LIFARS is the global leader in Digital Forensics and Cyber Resiliency Services. Our experience spans two decades working on high profile events, often in concert with Law Enforcement Agencies around the world. Our proprietary methodology derives directly and indirectly from our experience working with and for U.S. Intelligence Agencies, Interpol, Europol, and NATO. We are solely dedicated to Cyber Resiliency and thus pay close attention to all aspects of our clients’ engagements experience while providing a strategic and integrated array of services to minimum risk and disruption while protecting your brand.

Related articles

Cyber Wars: UK Considers Retaliatory Cyberattack if Targeted by Russia

The British government is reportedly considering launching a cyber attack against Russia, in...

Read more arrow_forward

Hackers Stole $6 Million From Russian Bank via SWIFT System

Russia’s central bank has revealed a cyberheist wherein unknown hackers stole nearly 340 million...

Read more arrow_forward

UK Cybersecurity Chief Blames Russia for Cyberattacks

The head of the UK GCHQ’s National Cyber Security Centre (NCSC) has accused Russia of staging...

Read more arrow_forward