The Democratic National Committee claims that in the days after the 2018 midterm elections it was likely targeted by a group of Russian intelligence hackers, according to court documents filed overnight.
The hackers posed as a State Department official in the attempted hack, a senior Democratic Party source with direct knowledge of the attempt told CNN.
Dozens of DNC email addresses received spear-phishing emails that were ostensibly sent from a State Department official, the source said. The emails contained a PDF attachment that, if opened, was designed to gain access to systems through the recipient’s computer, the source explained.
The DNC said it did not believe the attempt was successful.
In a court filing that is part of an an ongoing civil lawsuit against the Russian government, President Donald Trump, WikiLeaks and others, the DNC explained it believed the spear-phishing campaign was likely orchestrated by a Russian hacking group known as “Cozy Bear.” The DNC said the timing and contents of the emails shared characteristics with a suspected Cozy Bear campaign that had been identified by the cybersecurity firm FireEye.
The DNC added, “it is probable that Russian intelligence again attempted to unlawfully infiltrate DNC computers in November 2018.”
FireEye said the campaign targeted multiple organizations, including think tanks, defense contractors, government and media.
Cozy Bear is one of two hacking groups linked to Russian intelligence that is believed to have accessed the DNC’s internal systems in the lead-up to the 2016 election.
Spear-phishing attempts normally involve hackers sending emails designed to look like they came from trusted sources in an attempt to induce potential victims to hand over confidential information. In 2016, the email account of Hillary Clinton’s campaign chair John Podesta was hacked after a successful spear-phishing attempt by another Russian hacking group.
Special counsel Robert Mueller indicted members of Russia’s military intelligence in July for the 2016 hacking of the DNC, the Democratic Congressional Campaign Committee, and Podesta.
The alleged Russian military intelligence hacking group that targeted the Democratic National Committee (DNC) after November’s midterms elections did so by posing as a State Department official, a senior Democratic Party official with direct knowledge of the hacking attempt tells CNN.