Rus­sian mil­i­tary

The Washington Post - - FRONT PAGE - BY ELLEN NAKASHIMA [email protected]­ Greg Bensinger con­trib­uted to this re­port.

spies have hacked the Ukrainian gas com­pany that is at the heart of Pres­i­dent Trump’s im­peach­ment trial.

Rus­sian mil­i­tary spies have hacked a Ukrainian gas com­pany that is at the heart of an im­peach­ment trial of Pres­i­dent Trump, who sought last year to pres­sure Ukraine to in­ves­ti­gate the com­pany and its links to Joe Bi­den’s son, ac­cord­ing to a cy­ber­se­cu­rity firm.

Be­gin­ning in early Novem­ber, the Rus­sian spy agency known as the GRU launched a cy­ber “phish­ing” cam­paign against Burisma Hold­ings to trick un­sus­pect­ing em­ploy­ees into giv­ing up their email cre­den­tials so the hack­ers could gain ac­cess to their email ac­counts — once again en­tan­gling Moscow in do­mes­tic U.S. pol­i­tics, ac­cord­ing to Area 1 Se­cu­rity, a Red­wood City, Calif., com­pany.

The op­er­a­tion’s launch co­in­cided with a con­gres­sional im­peach­ment in­quiry into Trump and whether he abused his of­fice by seek­ing to press Ukrainian Pres­i­dent Volodymyr Ze­len­sky into an­nounc­ing a probe of Burisma and Hunter Bi­den — an ac­tion that con­ceiv­ably would aid Trump’s re­elec­tion bid.

The GRU was ac­tive in the 2016 pres­i­den­tial cam­paign, hack­ing the servers of the Demo­cratic Party and Hil­lary Clin­ton’s cam­paign chair­man and re­leas­ing their emails that sum­mer and fall. The dis­clo­sures dis­rupted the Demo­cratic con­ven­tion and un­der­mined Clin­ton’s cam­paign in the crit­i­cal fi­nal weeks, and the U.S. in­tel­li­gence com­mu­nity con­cluded that with such ac­tions Moscow aimed to help Trump and hurt Clin­ton.

Trump has pub­licly down­played the in­tel­li­gence agen­cies’ con­clu­sions and has sug­gested that it was Ukraine, not Rus­sia, that in­ter­fered in the 2016 elec­tion. He and his per­sonal at­tor­ney, Rudolph W. Gi­u­liani, have pro­moted an un­founded the­ory that Joe Bi­den, while vice pres­i­dent, tried to quash a cor­rup­tion in­ves­ti­ga­tion of Burisma to pro­tect his son. Hunter Bi­den is no longer on Burisma’s board.

The GRU suc­ceeded in breach­ing the servers of Burisma Hold­ings and sev­eral sub­sidiaries and part­ners, said Oren Falkowitz, Area 1 Se­cu­rity’s chief ex­ec­u­tive.

“The tim­ing of the GRU’S cam­paign in re­la­tion to the 2020 U.S. elec­tions raises the specter that this is an early warn­ing of what we have an­tic­i­pated since the suc­cess­ful cy­ber­at­tacks un­der­taken dur­ing the 2016 U.S. elec­tions,” Falkowitz said.

Area 1 dis­cov­ered the breach on New Year’s Eve, he said. It was not known what ma­te­rial the GRU gained ac­cess to, and if any of it will be re­leased.

Phish­ing is the most com­mon tech­nique used by hack­ers to gain ac­cess to vic­tims’ sys­tems. Hack­ers send emails im­per­son­at­ing em­ploy­ees or peo­ple trusted by the tar­gets, who are then tricked into click­ing on links that con­tain mal­ware or lead to mal­ware-laced sites, en­abling the hack­ers to ob­tain the vic­tim’s email cre­den­tials.

“The suc­cess of phish­ing re­lies on au­then­tic­ity,” Area 1 said in a re­port on the in­ci­dent re­leased Mon­day. “The GRU has ap­plied verisimil­i­tude in ex­ten­sive mas­querad­ing of com­mon busi­ness tools . . . to steal ac­count cre­den­tials, gain ac­cess to in­ter­nal sys­tems and data, im­per­son­ate em­ploy­ees through the unau­tho­rized use of their ac­counts.”

The Of­fice of the Di­rec­tor of Na­tional In­tel­li­gence in the fall pro­duced a clas­si­fied “na­tional in­tel­li­gence es­ti­mate” that as­sessed that the Rus­sians would seek to in­ter­fere in the 2020 elec­tion.

Newspapers in English

Newspapers from USA

© PressReader. All rights reserved.