Russian Hackers Trying To Infiltrate US Senate

Uploaded on 2018-01-18 in NEWS-Cybersecurity News, GOVERNMENT-National, FREE TO VIEW

The suspected Russian hackers accused of breaching the Democratic National Committee and meddling in France’s presidential election are now targeting the US Senate, according to new research.

Since last June, the hacking group known as “Fancy Bear” has been setting up fake websites mimicking the Senate’s login server, hoping to trick Senate staffers into entering their credentials there, according to findings recently released by the cybersecurity firm Trend Micro.

The tactic, known as “phishing,” suggests that the Kremlin is laying the groundwork for a widespread compromise of Senate employees.

The fake websites were designed to look like the login page for the Senate’s email server, which runs on a Windows platform. The real Senate login page is not publicly accessible and can be reached only when users are on an internal Senate network. But Trend Micro researchers said the phishing campaign makes sense as a preparatory step.

“In case an actor already has a foothold in an organisation after compromising one user account,” researchers wrote, “credential phishing could help him get closer to high profile users of interest.”

The Trend Micro report also described how Fancy Bear hackers have been targeting Olympic sports organisations, and how they targeted Iranians ahead of that country’s 2017 presidential election.

Fancy Bear was one of two groups, along with “Cozy Bear,” that U.S. officials and researchers have blamed for hacking the DNC, the Democratic Congressional Campaign Committee and other mostly liberal targets in the run-up to the 2016 election.

Some of those hacks were technically sophisticated intrusions into computer servers. In other cases, Russian spies used the same strategy they are now using against the Senate, tricking victims, like Hillary Clinton campaign manager John Podesta, into typing their passwords into fake Gmail login portals.

According to the US intelligence community, Moscow then published the stolen emails and documents through front personas like the self-styled independent hacker “Guccifer 2.0” and the website DC Leaks.

In March 2017, weeks before French voters picked their next president, Trend Micro discovered that Fancy Bear had similarly set up websites designed to trick staffers of the centrist candidate Emmanuel Macron, who was running against a far-right politician who had Kremlin support. Emails from Macron’s political party leaked the day before the election, but Macron won anyway.

Politico:

You Might Also Read: 

Guide to Russian Infrastructure Hacking:

Hackers Came, But the French Were Prepared:

Hillary Clinton’s Cyber Warfare Warning:

 

 

 

« Cyber Attacks Will Continue to Succeed
What You Need to Know About The General Data Protection Regulation »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

OIC-CERT

OIC-CERT

OIC-CERT is the Computer Emergency Response Team for Organisation of Islamic Cooperation (OIC) member countries.

National Cyber League (NCL)

National Cyber League (NCL)

The NCL provides a virtual training ground for participants to develop, practice, and validate their cybersecurity knowledge and skills.

Copenhagen FinTech

Copenhagen FinTech

Copenhagen FinTech is a centre for R&D and innovation in the Danish finance IT sector. Focus areas include cyber security and payments platforms.

HDI Global SE

HDI Global SE

HDI Global SE provides customised insurance solutions for industrial and commercial clients worldwide including Cyber Liability insurance.

Wireless Logic

Wireless Logic

Wireless Logic delivers a range of secure and resilient value-added M2M/IoT managed services that empower remote devices to communicate cost-effectively, two ways.

Reposify

Reposify

Reposify’s cybersecurity solution identifies, manages and defends companies’ global digital footprints.

Circadence

Circadence

Circadence offer the only fully immersive, AI-powered, patent-pending, proprietary cybersecurity training platform in the market today.

Crosser

Crosser

The Crosser Platform enables real-time processing of streaming or batch data for Industrial IoT, Data Transformation, Analytics, Automation and Integration.

Specops Software

Specops Software

Specops Software is a leading password management and authentication solution vendor.

Cobalt Iron

Cobalt Iron

Cobalt Iron is a global leader in SaaS-based enterprise backup and data protection technology.

Aristi Labs

Aristi Labs

Aristi Labs provides comprehensive security solutions to help businesses protect data and intellectual property, minimizing downtime and maximizing productivity.

Red Goat Cyber Security

Red Goat Cyber Security

Red Goat Cyber Security have created excellent, informative and interactive Social Engineering Awareness training which is suitable for all levels of staff.

Integris

Integris

Integris offers best-in-class services like dedicated vCIOs, specialized security and compliance advisory services, a 24/7 help desk, and more.

MIS Solutions

MIS Solutions

MIS Solutions is a managed cloud and IT security partner making technology work for you.

Kontra

Kontra

Kontra application security training is an interactive and intuitive learning experience that engages developers.

iConnect IT Business Solutions DMCC

iConnect IT Business Solutions DMCC

iConnect is a trusted IT Solutions and Technology Services company, proudly serving clients across the Middle East and Africa.