In a report called Grizzly Steppe, the FBI and Department of Homeland Security have confirmed “Russian Malicious Cyber Activity.”
The report goes on to explain that, while the U.S. government previously wasn’t able to confirm Russian involvement in the U.S. election, this report can.
The report confirms that there were two cyber threats, dubbed Advanced Persistent Threat {APT) 29 and APT28. APT29 infiltrated “a U.S. political party” in summer 2015, while APT28 came on the scene in spring of 2016, according to the report.
The report only references one political party, not two, and never specifies which party it is referring to.
The report seems to have background information on APT28 and APT29, saying both groups have targeted government organizations, think tanks, universities and corporations around the world. APT28 and APT29 are also known for different hacking techniques, the report said. Both groups, however, will gather data and analyze it to gain useful information.
According to the official report, APT29 gained access to the emails of multiple U.S. government officials, allowing the group to successfully “compromise” a U.S. political party. The group gained access to “several accounts through encrypted connections.”
APT28 compromised the same political party, the report said. Using a slightly different plan of attack than APT29, APT28 gained access to many private and encrypted emails. The government assesed that those emails were, in fact, leaked to the press and the public.
The report also includes some direction on how to protect information from malware and hacking attempts.
Comments
DHS and FBI Confirm Russian Hacking Cyber Attack on Election in Report “Grizzly Steppe”