According to a new investigation from Bloomberg, cyber spies connected to the Russian government recently hacked into the Republican National Committee — though the RNC has denied that their systems were breached in this way.
According to Bloomberg, the hacker group known as “Cosy Bear” — thought to be connected to Russia’s intelligence service, the SVR — conducted the intrusion, though it’s not clear what they viewed or whether they stole any data. The hackers are believed to have gained entry to the RNC’s networks through one of its IT providers, a company called Synnex Corp.
The intrusion is thought to have occurred this past weekend — around the same time that a cybercriminal group was allegedly launching a massive ransomware attack on American IT firm Kaseya, the damage from which is still being assessed. The Russia-based cybercriminal group REvil has since claimed responsibility for the attack.
A notorious threat actor, Cosy Bear is thought to have been responsible for large parts of the “SolarWinds” hack, the likes of which compromised close to a dozen federal agencies and droves of American businesses. The group, which also goes by its technical designation APT 29, has also been accused of hacking the Democratic National Committee in the past.
An RNC spokesman has admitted that Synnex was breached but maintained that there was no evidence the RNC’s networks had been breached or that data had been stolen.
“Microsoft informed us that one of our vendors, Synnex, systems may have been exposed,” said Mike Reed, a spokesman for the RNC. “There is no indication the RNC was hacked or any RNC information was stolen. We are investigating the matter and have informed DHS and the FBI.”
In a statement put out Tuesday, RNC Chief of Staff Richard Walters reiterated that no data had been stolen.
“Over the weekend, we were informed that Synnex, a third party provider, had been breached. We immediately blocked all access from Synnex accounts to our cloud environment. Our team worked with Microsoft to conduct a review of our systems and after a thorough investigation, no RNC data was accessed. We will continue to work with Microsoft, as well as federal law enforcement officials on this matter.”
The incident has occurred at a time of heightened tensions between the U.S. and Russia over cyber attacks — with many now chiding the Biden administration for not putting enough pressure on Vladimir Putin to deal with the cybercriminals operating in his country.