According to people familiar with the matter, the group of Russian hackers was accused of interfering in the 2016 US presidential election earlier this year, targeting the Democratic Party in California and Indiana, as well as the email accounts of influential think tanks in Washington and New York.
Many of the attempted intrusions were flagged internally by Microsoft in the summer and were usually carried out by an organization nicknamed “Fancy Bear.” The hacker’s activities provide insight into how Russian intelligence targeted the United States on the eve of the November 3 election.
The targets identified by Reuters include the Center for American Progress, the Committee on Foreign Relations and the Carnegie Foundation for International Peace in Washington. They did not see any evidence of successful hacking.
According to an indictment filed by the U.S. Department of Justice in 2018, Fancy Bear is controlled by the Russian military intelligence agency and is responsible for hacking the email accounts of Hillary Clinton employees before the 2016 election.
The news of the Russian hacking activity came after Microsoft announced last month that Fancy Bear was trying to invade more than 200 organizations, many of which software companies said it was related to the 2020 election. According to Reuters’ assessment of Microsoft, Microsoft was able to link this year’s cyber espionage activities with Russian hackers through an obvious programming error, which allowed the company to identify an attack method unique to Fancy Bear.
Microsoft declined to comment on the results of the Reuters investigation, citing customer privacy. However, Tom Burt, vice president of Customer Safety and Trust, said in a statement that the company-and the US government-“has been working hard to ensure the safety of this election.”
© Thomson Reuters 2020
Reuters was unable to determine the focus of espionage. The Office of the Director of the National Intelligence Agency stated in August that Russian operations were trying to disrupt the campaign of presidential candidate Joe Biden.
Chris Meagher, a spokesman for the Democratic National Committee, said that foreign actors’ attempts to interfere in the elections are “not surprising”.
The Russian Embassy in Washington stated that it does not interfere in the internal affairs of the United States and denied any connection with the “fancy bear”, calling the allegation “fake news.”
The Trump campaign did not return news.
According to six people familiar with the matter, during the summer, a dedicated cybersecurity agency from Microsoft and federal law enforcement agencies notified many targets targeted in the Fancy Bear’s crosshairs. The lobbying company SKDKnickerbocker, which Reuters confirmed last month to form an alliance with Biden, is one of them.
Don Smith of the cybersecurity company Secureworks said the attacks on Democrats in Indiana and California have been confirmed by four people familiar with the matter, indicating that the Russians are “expanding their network.”
The Indiana Democratic Party stated in a statement that it “was not aware of any successful invasion.” The chairman of the California Democratic Party, Rusty Hicks, admitted to being attacked, but did not stop when naming the “fantasy bear”. He said in an email that “the efforts of foreign entities were not successful.”
The FBI declined to comment.
Attacking influential non-profit organizations
Fancy Bear also targeted turbulent think tanks and foreign policy organizations in Washington that had provided staff for the presidential administration in the past.
According to a person with direct knowledge of the incident, this included a left-leaning organization, the Center for American Progress (CAP), whose founder, John Podesta, was the center of Russian hacking and leaks in 2016.
A CAP spokesperson said the organization has not been violated and declined to comment further. According to two people familiar with the situation, the Open Society Foundation was one of the first organizations to be leaked to its communications by Fancy Bear in 2016, and it became a Kremlin target earlier this year. The founder of the organization, George Soros, provided substantial funding to support the cause of democracy and is a regular target of Russian disinformation and domestic conspiracy theories.
The Open Society said in a statement: “Obviously, the tension in this election is very high, and we are taking many steps to ensure the safety of our staff.”
Other targets targeted by Fancy Bear in 2020 include the New York-based Committee on Foreign Relations (CFR), the Carnegie Foundation in Washington, and the Center for Strategic and International Studies (CSIS)-all of which are notified by Microsoft, according to familiar Organized people.
A CSIS spokesperson declined to comment on the hacking activity. A Carnegie spokeswoman confirmed this goal, but declined to provide further details. A spokeswoman for the Foreign Relations Committee said they were not violated.
© Thomson Reuters 2020