Russian Hackers Trying To Infiltrate US Senate

The suspected Russian hackers accused of breaching the Democratic National Committee and meddling in France’s presidential election are now targeting the US Senate, according to new research.

Since last June, the hacking group known as “Fancy Bear” has been setting up fake websites mimicking the Senate’s login server, hoping to trick Senate staffers into entering their credentials there, according to findings recently released by the cybersecurity firm Trend Micro.

The tactic, known as “phishing,” suggests that the Kremlin is laying the groundwork for a widespread compromise of Senate employees.

The fake websites were designed to look like the login page for the Senate’s email server, which runs on a Windows platform. The real Senate login page is not publicly accessible and can be reached only when users are on an internal Senate network. But Trend Micro researchers said the phishing campaign makes sense as a preparatory step.

“In case an actor already has a foothold in an organisation after compromising one user account,” researchers wrote, “credential phishing could help him get closer to high profile users of interest.”

The Trend Micro report also described how Fancy Bear hackers have been targeting Olympic sports organisations, and how they targeted Iranians ahead of that country’s 2017 presidential election.

Fancy Bear was one of two groups, along with “Cozy Bear,” that U.S. officials and researchers have blamed for hacking the DNC, the Democratic Congressional Campaign Committee and other mostly liberal targets in the run-up to the 2016 election.

Some of those hacks were technically sophisticated intrusions into computer servers. In other cases, Russian spies used the same strategy they are now using against the Senate, tricking victims, like Hillary Clinton campaign manager John Podesta, into typing their passwords into fake Gmail login portals.

According to the US intelligence community, Moscow then published the stolen emails and documents through front personas like the self-styled independent hacker “Guccifer 2.0” and the website DC Leaks.

In March 2017, weeks before French voters picked their next president, Trend Micro discovered that Fancy Bear had similarly set up websites designed to trick staffers of the centrist candidate Emmanuel Macron, who was running against a far-right politician who had Kremlin support. Emails from Macron’s political party leaked the day before the election, but Macron won anyway.

Politico:

You Might Also Read: 

Guide to Russian Infrastructure Hacking:

Hackers Came, But the French Were Prepared:

Hillary Clinton’s Cyber Warfare Warning:

 

 

 

« Cyber Attacks Will Continue to Succeed
What You Need to Know About The General Data Protection Regulation »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

DTEX Systems

DTEX Systems

DTEX Systems is the global leader for insider risk management. We empower organizations to prevent data loss by proactively stopping insider risks from becoming insider threats.

Kualitatem

Kualitatem

Kualitatem Inc. is an independent software testing and information systems auditing company

Integrity360

Integrity360

Integrity360 provide fully managed IT security services as well as security testing, integration, GRC and incident handling services.

Insta Group

Insta Group

Insta are a trusted cyber security partner for security-critical companies and organizations.

Innotec Security

Innotec Security

Innotec Security is a Spanish company specializing in cybersecurity-as-a-service, cyber resilience and cyber risk management.

Unitrends

Unitrends

Unitrends helps IT pros do more with less by providing an all-in-one enterprise backup and continuity solution.

Altaro Software

Altaro Software

Altaro provide backup solutions that are intuitive, easy to use, well-priced and backed by outstanding 24/7 support as part of the package.

ACROS Security

ACROS Security

ACROS Security is a leading provider of security research, real penetration testing and code review for customers with the highest security requirements.

IdentityIQ

IdentityIQ

IdentityIQ is a US-based identity theft and credit protection company designed to help users stay on top identity thieves and data breaches.

Tugboat Logic

Tugboat Logic

Tugboat Logic was created to address the skills and expertise gap in the security and compliance industry. Our goal is to simplify and automate information security management for every enterprise.

Mosaic Insurance

Mosaic Insurance

Mosaic is a next-generation global specialty insurer distinguished by an exceptional team, agile technology, and a structure that combines Lloyd’s of London strength with a global distribution network

InfusionPoints

InfusionPoints

InfusionPoints is your independent trusted partner dedicated to assisting you in building your secure and compliant business solutions.

Private Client Cyber Security (PCCS)

Private Client Cyber Security (PCCS)

PCCS provides enterprise-grade cybersecurity consulting and services to professional practices, executives, athletes, and high net worth families.

Castlepoint Systems

Castlepoint Systems

Castlepoint Systems is a pioneer in information governance, risk and compliance as a service. An all-in-one solution offering powerful risk management, built in compliance, cybersecurity and audit.

Salus Cyber

Salus Cyber

Salus is a provider of world-class cyber security services, enabling our clients to identify and manage their cyber risks proactively and effectively.

Coalition for Secure AI (CoSAI)

Coalition for Secure AI (CoSAI)

CoSAI is an open ecosystem of AI and security experts from industry leading organizations dedicated to sharing best practices for secure AI deployment and collaborating on AI security research.