RNC says Russian-linked hackers breached one of its contractors
A hacker group associated with the Russian government breached the computer systems of the Republican National Committee last week in a massive ransomware attack, Bloomberg first reported.
The big picture: The attack follows a separate Russia-based criminal group unleashing an attack that compromised the computer systems of at least 1,000 businesses. No connection has been established between the attacks.
What they're saying: It is unclear what, if any, information the Cozy Bear hackers found. Danielle Alvarez, the GOP communications director, released a statement saying that while it was informed by Microsoft that their systems may had been exposed, "no RNC data was accessed."
- Alvarez added that it "will continued to work with Microsoft, as well as federal law enforcement officials on this matter."
- An RNC spokesperson told Bloomberg it is investigating the situation and has already informed the FBI and the Department of Homeland Security.
- "Over the weekend, we were informed that Synnex, a third party provider, had been breached," RNC chief of staff Richard Walters said in a statement. "We immediately blocked all access from Synnex accounts to our cloud environment."
- "Our team worked with Microsoft to conduct a review of our systems and after a thorough investigation, no RNC data was accessed. We will continue to work with Microsoft, as well as federal law enforcement officials on the matter.
- The RNC said it was aware of "few instances where outside actors have attempted to gain access, through Synnex, to customer applications within the Microsoft cloud environment," per Bloomberg.
Zoom out: Cozy Bear, also known as APT 29, has been tied to the Russian foreign intelligence service and accused of breaching the Democratic National Committee in 2016 as well as carrying out a supply-chain cyberattack involving SolarWinds Corp., which infiltrated nine U.S. government agencies.
- United States and United Kingdom intelligence agencies said in a report Thursday that Russian military hackers over the last three years have tried to access the computer networks of "hundreds of government and private sector targets worldwide" and warned that those "efforts are almost certainly still ongoing."
Editor's note: This story's headline has been updated to clarify that hackers breached a Republican National Committee contractor.