Russian state hackers affiliated with the group Cozy Bear have been reportedly behind an assault final week on Synnex, a contractor that gives IT companies for the Republican Nationwide Committee (RNC), Bloomberg writes. The assault might have uncovered the group’s data.
When requested by Bloomberg, a spokesperson for the RNC denied the group’s methods had been hacked, however confirmed that one in every of its IT suppliers Synnex, had been uncovered. The RNC supplied the next assertion in reference to the assault:
Over the weekend, we have been knowledgeable that Synnex, a 3rd social gathering supplier, had been breached. We instantly blocked all entry from Synnex accounts to our cloud atmosphere. Our group labored with Microsoft to conduct a evaluate of our methods and after an intensive investigation, no RNC information was accessed. We’ll proceed to work with Microsoft, in addition to federal regulation enforcement officers on this matter.
In an announcement launched on July sixth, Synnex additional confirmed “it’s conscious of some situations the place exterior actors have tried to achieve entry, by means of Synnex, to buyer functions throughout the Microsoft cloud atmosphere.” The corporate claims it’s reviewing the assault alongside Microsoft and a third-party safety agency. Manipulating enterprise software program that interacts with Microsoft’s cloud relatively than going after Azure or Workplace merchandise immediately shares some similarities with the SolarWinds hack in 2020.
And that connection would make sense: members of Cozy Bear working with SVR, Russia’s international intelligence service, are largely suspected to be behind the manipulation of the SolarWinds software program for unlawful ends. The SolarWinds breach doubtlessly uncovered data from over 100 corporations and authorities organizations, and even compromised the instruments of cybersecurity corporations designed to forestall these sorts of assaults, like FireEye.
There’s additionally parallels to attract between a breach of the RNC and the hack of the Democratic Nationwide Committee and Hilary Clinton’s presidential marketing campaign in 2016. That breach, and the leak of 1000’s of emails on WikiLeaks, in the end led to the indictment of 12 members of GRU, a Russian navy intelligence company with connections to a different group of ursine-inspired Russian hackers known as Fancy Bear.
The RNC assault arrives amongst a flurry of ransomware assaults on essential infrastructure and corporations within the US. The listing is lengthy, however within the final yr, Colonial Pipeline, insurance coverage supplier CNA, and extra not too long ago, IT software program supplier Kaseya, have all been the victims of ransomware assaults. Bloomberg suggests Cozy Bear’s assault may have used these ransomware hacks as a type of cowl, and even when they didn’t, attacking political targets is an ongoing drawback that doesn’t at all times finish in a dramatic leak.