Russian government hackers breached the computer systems of the Republican National Committee amid an unrelated ransomware attack by a Russia-linked criminal gang, Bloomberg News reports.
Hackers with the group APT 29 or “Cozy Bear,” which has been linked to the Russian foreign intelligence service and was behind the hack on the Democratic National Committee in 2016, are believed to be behind the hack.
The same group is believed to be behind the sweeping Solar Winds cyberattack, which breached at least nine government agencies.
It is unclear if the hackers viewed or stole any information.
Kremlin spokesman Dmitry Peskov denied any government involvement.
“We can only repeat that whatever happened, and we don’t know specifically what took place here, this had no connection to official Moscow,” he said.
RNC denies:
The RNC denied it was hacked after the story was published.
“There is no indication the RNC was hacked or any RNC information was stolen,” spokesman Mike Reed said.
The RNC said in a later statement that they learned that a third-party provider called Synnex Corp. had been breached.
“We immediately blocked all access from Synnex accounts to our cloud environment,” said RNC Chief of Staff Richard Walters. “Our team worked with Microsoft to conduct a review of our systems and after a thorough investigation, no RNC data was accessed. We will continue to work with Microsoft, as well as federal law enforcement officials, on this matter.”
Did Russia exploit ransomware attack?
The hack took place during a ransomware attack on Miami-based software company Kaseya, which has impacted thousands of companies around the world.
The ransomware attack is believed to be the work of REvil, a Russia-linked cyber criminal group.
It’s unclear if the attacks are related or if Russia exploited the attack to mount its own elsewhere.
“As our review continues, we are unable to provide any specific details,” said Michael Urban, president of worldwide technology solutions distribution at Synnex, told Bloomberg. “As with any security issue, a full review of all companies, systems, third-party applications and related IT solutions must be completed before final determinations can be made.”
