Russian Hackers Trying To Infiltrate US Senate

Uploaded on 2018-01-18 in NEWS-Cybersecurity News, GOVERNMENT-National, FREE TO VIEW

The suspected Russian hackers accused of breaching the Democratic National Committee and meddling in France’s presidential election are now targeting the US Senate, according to new research.

Since last June, the hacking group known as “Fancy Bear” has been setting up fake websites mimicking the Senate’s login server, hoping to trick Senate staffers into entering their credentials there, according to findings recently released by the cybersecurity firm Trend Micro.

The tactic, known as “phishing,” suggests that the Kremlin is laying the groundwork for a widespread compromise of Senate employees.

The fake websites were designed to look like the login page for the Senate’s email server, which runs on a Windows platform. The real Senate login page is not publicly accessible and can be reached only when users are on an internal Senate network. But Trend Micro researchers said the phishing campaign makes sense as a preparatory step.

“In case an actor already has a foothold in an organisation after compromising one user account,” researchers wrote, “credential phishing could help him get closer to high profile users of interest.”

The Trend Micro report also described how Fancy Bear hackers have been targeting Olympic sports organisations, and how they targeted Iranians ahead of that country’s 2017 presidential election.

Fancy Bear was one of two groups, along with “Cozy Bear,” that U.S. officials and researchers have blamed for hacking the DNC, the Democratic Congressional Campaign Committee and other mostly liberal targets in the run-up to the 2016 election.

Some of those hacks were technically sophisticated intrusions into computer servers. In other cases, Russian spies used the same strategy they are now using against the Senate, tricking victims, like Hillary Clinton campaign manager John Podesta, into typing their passwords into fake Gmail login portals.

According to the US intelligence community, Moscow then published the stolen emails and documents through front personas like the self-styled independent hacker “Guccifer 2.0” and the website DC Leaks.

In March 2017, weeks before French voters picked their next president, Trend Micro discovered that Fancy Bear had similarly set up websites designed to trick staffers of the centrist candidate Emmanuel Macron, who was running against a far-right politician who had Kremlin support. Emails from Macron’s political party leaked the day before the election, but Macron won anyway.

Politico:

You Might Also Read: 

Guide to Russian Infrastructure Hacking:

Hackers Came, But the French Were Prepared:

Hillary Clinton’s Cyber Warfare Warning:

 

 

 

« Cyber Attacks Will Continue to Succeed
What You Need to Know About The General Data Protection Regulation »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Prolinx

Prolinx

Prolinx provide secure Data Centre hosting services and other fully managed security services for networks and information systems.

Jumpsec

Jumpsec

Jumpsec provides penetration testing, security assessments, social engineering testing, cyber incident response, training and consultancy services.

Secure Technology Alliance

Secure Technology Alliance

Secure Technology Alliance is a multi-industry association working to stimulate the adoption and widespread application of secure solutions.

AEI Cybersecurity

AEI Cybersecurity

AEI brings together companies, Research Centres, Universities, and other organizations interested in promoting new cybersecurity technologies.

CYE

CYE

Utilizing data, numbers, and facts, CYE helps security leaders know what business assets are at risk and execute cost-effective remediation projects for optimal risk prevention.

CS3STHLM

CS3STHLM

CS3STHLM is the Stockholm international summit on Cyber Security in SCADA and Industrial Control Systems.

Beyond Identity

Beyond Identity

Beyond Identity employs an elegantly simple concept, the personal certificate authority and self signed certificates, to replace passwords.

Kasm Technologies

Kasm Technologies

Kasm Browser Isolation - Protect your organization from malware, ransomware and phishing by using zero-trust containerized browsers.

Voodoo Security

Voodoo Security

Voodoo Security is a specialized information security consulting firm focused on security assessments, risk and compliance analysis, and cloud security.

KrCERT/CC

KrCERT/CC

KrCERT/CC is the National Computer Emergency Response Team in Korea.

Dynatrace

Dynatrace

Dynatrace provides software intelligence to simplify cloud complexity and accelerate digital transformation.

Pacific Cyber Security Operational Network (PaCSON)

Pacific Cyber Security Operational Network (PaCSON)

PaCSON is an operational cyber security network of regional working-level cyber security experts in the Pacific.

CrossCountry Consulting

CrossCountry Consulting

CrossCountry Consulting is a trusted business advisory firm that provides customized finance, accounting, human capital management, risk, operations and technology consulting services.

Zally

Zally

Using advanced behavioural biometrics and AI, Zally is the world's answer to next-generation security.

ELK Analytics

ELK Analytics

ELK Analytics is a specialized Managed Security Services Provider (MSSP) that focuses on endpoint security and monitoring & alerting for any type of structured or unstructured data.

Boo Consulting

Boo Consulting

Boo Consulting is a trusted privacy and risk consultancy firm. We are driven to help you find an appropriate solution that will suit your budget and requirements.