Russian state hackers affiliated with the group Cozy Bear have been reportedly behind an assault final week on Synnex, a contractor that gives IT companies for the Republican Nationwide Committee (RNC), Bloomberg writes. The assault might have uncovered the group’s info.
When requested by Bloomberg, a spokesperson for the RNC denied the group’s methods had been hacked, however confirmed that one in every of its IT suppliers Synnex, had been uncovered. The RNC offered the next assertion in reference to the assault:
Over the weekend, we have been knowledgeable that Synnex, a 3rd celebration supplier, had been breached. We instantly blocked all entry from Synnex accounts to our cloud setting. Our group labored with Microsoft to conduct a evaluate of our methods and after a radical investigation, no RNC information was accessed. We are going to proceed to work with Microsoft, in addition to federal legislation enforcement officers on this matter.
In a statement released on July 6th, Synnex additional confirmed “it’s conscious of some cases the place outdoors actors have tried to realize entry, by way of Synnex, to buyer functions inside the Microsoft cloud setting.” The corporate claims it’s reviewing the assault alongside Microsoft and a third-party safety agency. Manipulating enterprise software program that interacts with Microsoft’s cloud fairly than going after Azure or Workplace merchandise immediately shares some similarities with the SolarWinds hack in 2020.
And that connection would make sense: members of Cozy Bear working with SVR, Russia’s international intelligence service, are largely suspected to be behind the manipulation of the SolarWinds software for illegal ends. The SolarWinds breach doubtlessly uncovered info from over a hundred companies and government organizations, and even compromised the tools of cybersecurity companies designed to forestall these sorts of assaults, like FireEye.
There’s additionally parallels to attract between a breach of the RNC and the hack of the Democratic Nationwide Committee and Hilary Clinton’s presidential marketing campaign in 2016. That breach, and the leak of thousands of emails on WikiLeaks, finally led to the indictment of 12 members of GRU, a Russian navy intelligence company with connections to a different group of ursine-inspired Russian hackers referred to as Fancy Bear.
The RNC assault arrives amongst a flurry of ransomware assaults on crucial infrastructure and firms within the US. The checklist is lengthy, however within the final yr, Colonial Pipeline, insurance provider CNA, and extra lately, IT software provider Kaseya, have all been the victims of ransomware assaults. Bloomberg suggests Cozy Bear’s assault might have used these ransomware hacks as a type of cowl, and even when they didn’t, attacking political targets is an ongoing problem that doesn’t all the time finish in a dramatic leak.
