Republican National Committee Denies Russian Hackers Stole Data

Russia spy - Shutterstock - © gubh83

Cozy Bear or APT29 hackers reportedly breached Republican computers, but Republican party denies its data has been compromised

The US Republican National Committee (RNC) has denied that Russian hackers known as Cozy Bear have accessed its data.

On Tuesday Bloomberg reported that RNC computers were breached last week by the same group that were accused of the Democratic National Committee (DNC) compromise in 2016.

Bloomberg reported that the Russia-linked criminal group unleashed a massive ransomware attack against a third party provider called Synnex, according to two people familiar with the matter.

RNC hack?

The Russian group in question is said to be part of APT29 or Cozy Bear, which is linked with Russia’s foreign intelligence service, the SVR.

Besides the DNC hack, APT29 was previously accused of carrying out the historic cybersecurity breach against SolarWinds last year, which affected about 100 US companies and nine federal agencies.

And now the same hacking group has apparently compromised the RNC.

That said, the Guardian reported the RNC as saying that an investigation by Microsoft found that no RNC data had been accessed as a result of a hack of Synnex Corp, a third-party provider.

“Over the weekend, we were informed that Synnex, a third party provider, had been breached,” the RNC chief of staff, Richard Walters, reportedly told the New York Times. “We immediately blocked all access from Synnex accounts to our cloud environment.”

“Our team worked with Microsoft to conduct a review of our systems and after a thorough investigation, no RNC data was accessed,” Walters reportedly said. “We will continue to work with Microsoft, as well as federal law enforcement officials on this matter.”

Supply chain hacks

It comes after a recent supply chain attack that targetted software from Miami-based Kaseya which impacted 800 to 1,500 business that used the software.

REvil hackers demanded a ransom of $70 million.

On Monday US President Joe Biden ordered US intelligence agencies to investigate the sophisticated attack, due to suspected Russian involvement.

REvil was the Russian gang blamed by the FBI last month for the ransomware attack on meat packer JBS.

Western patience

Western patience with Russia and its covert cyber activities is currently running very thin.

As is patience with criminal gangs operating within Russian borders waging cyber attacks against Western nations.

Last week American and British cyber and intelligence agencies warned that Russian military hackers are targetting both the United States and Europe.

It should be remembered that US President Joe Biden and Russia’s President Vladimir Putin held a three hour face to face meeting in Geneva last month.

Biden and Putin spent much of that face-to-face meeting talking about cybersecurity issues, with Biden warning Putin of ‘aggressive action’ and ‘retaliation’ if Russia continued to target American infrastructure.

He also gave Putin a list of 16 areas – mostly in critical infrastructure – that were “off limits” for cyber-attacks.

Soon after that, Russia’s Federal Security Service (FSB) head Alexander Bortnikov said that Russia would work together with the United States to locate cyber criminals.

It remains to be seen if there is any genuine Russian co-operation on the matter forthcoming.