January 10, 2018 by

Russian State-Sponsored Hackers Target the US Senate: Researchers

The suspected Russian hackers behind the breach of the Democratic National Committee (DNC) is now targeting the US Senate, according to new research from cybersecurity firm Trend Micro.

According to findings from Trend Micro, the Russian state-linked hacking group known as “Fancy Bear” has been establishing faux websites that purport to be the Senate’s login server in the hopes of tricking staffers into entering their Senate credentials. A common phishing scam, this particular attempt is notable, as the report suggests, for the Kremlin’s attempts in laying the groundwork toward a comprehensive compromise of the ADFS (Active Directory Federation Services) of the US Senate.

The fake websites are purporting to be the login page of the Senate’s email server, which runs on a Windows platform. While the real Senate login page isn’t accessible publicly, it can be accessed by Senate staffers using their internal network. However, the security researchers are in agreement that the Kremlin’s move makes sense as an early preparatory step.

“In case an actor already has a foothold in an organization after compromising one user account,” researchers wrote, adding that “credential phishing could help him get closer to high profile users of interest.”

The report also adds that Fancy Bear hackers have been targeting Olympic sports organizations, particularly after a ban on Russian athletes from participating in the upcoming winter Olympics. Several Russian Olympians have also been banned for life.

The targeted campaign against the US Senate was first noticed in June 2017 and the digital fingerprints inherent in the phishing sites are similar to “a couple of Pawn Storm incidents in 2016 and 2017” researchers added.

In a warning, they added:

Rogue political influence campaigns are not likely to go away in the near future. Political organizations have to be able to communicate openly with their voters, the press and the general public. This makes them vulnerable to hacking and spear phishing. 

Image credit: Pixabay.

About the author

Image of Author

LIFARS is the global leader in Digital Forensics and Cyber Resiliency Services. Our experience spans two decades working on high profile events, often in concert with Law Enforcement Agencies around the world. Our proprietary methodology derives directly and indirectly from our experience working with and for U.S. Intelligence Agencies, Interpol, Europol, and NATO. We are solely dedicated to Cyber Resiliency and thus pay close attention to all aspects of our clients’ engagements experience while providing a strategic and integrated array of services to minimum risk and disruption while protecting your brand.

Related articles

UK Cybersecurity Chief Blames Russia for Cyberattacks

The head of the UK GCHQ’s National Cyber Security Centre (NCSC) has accused Russia of staging...

Read more arrow_forward

Secret Obama-Initiated US Program Targets Cyberstrikes against Russia

 A new report has claimed that former President Barack Obama approved the use of cyber weaponry...

Read more arrow_forward

Putin Says ‘Patriotic” Russian Hackers Could Be Behind Cyberattacks

Russian President Vladimir Putin has claimed that Russians with “patriotic leanings” could be...

Read more arrow_forward