Compliance Management, Threat Intelligence, Malware, Privacy

Clinton Foundation possibly breached by Russian hackers who targeted DNC

Russian hackers who broke into the Democratic National Committee (DNC) computer system likely hacked the Bill, Hillary and Chelsea Clinton Foundation, though the organization has not confirmed those assertions first reported by Bloomberg News.

The DNC, the Democratic and Republican parties and the political campaigns of Clinton, Bernie Sanders and Donald Trump had previously been warned that attackers were bent on breaking into their systems, attempting to glean information from about 4,000 political operatives over a seven-month period, the report said, citing persons familiar with the investigation. 

Last week, the DNC confirmed that hackers broke into the Democratic National Committee (DNC) computer system and accessed the party's entire database on Republican candidate Donald Trump.The infiltrations were attributed to two different Russian groups identified by CrowdStrike, which was called in to audit and mitigate the incident, as Cozy Bear (aka CozyDuke or APT 29) and Fancy Bear (aka Sofacy or APT 28), working separately. 

A day later a hacker with the moniker Guccifer 2.0 claimed credit for the DNC hack and released what was purportedly the contents of the DNC's opposition research files on Republican presidential candidate Donald Trump.

The files published by Guccifer 2.0 in a WordPress blog thus far reveal the narratives that the DNC could use to hammer the outspoken Trump in the presidential election, including his positions on immigration and climate change as well as his lack of foreign policy experience, and include a file on Clinton Foundation vulnerabilities.

An analysis of the DNC malware samples by Fidelis Cybersecurity supported findings by CrowdStrike that the pair of intrusions were the handiwork of the Cozy Bear and Fancy Bear APT.

Mark Kraynak. SVP & GM, Enterprise Solutions, Imperva:

“This situation demonstrates that all data has value to someone - even if it's not commercial data. The problem is that the value to an intruder may be higher than it is to the data owner, at least until it is compromised,” Mark Kraynak, senior vice president and general manager of enterprise solutions at Imperva, said in emailed comments to SCMagazine.com. “Situations like this are a great reminder of the need for all organizations to ensure the security of their data and that they have appropriate response mechanisms in place for the inevitable attack.”

The Clinton Foundation has not confirmed a breach but agreed the DNC hacks were likely the handiwork of Russian operatives. “We routinely communicate and cooperate with government agencies on security-related matters,” Glen Caplin, a Clinton spokesman, told Bloomberg. “What appears evident is that the Russian groups responsible for the DNC hack are intent on attempting to influence the outcome of this election.”

The Russian government has denied that groups affiliated with its intelligence operations were behind the intrusions. The incidents raise call into question how well political campaigns and organizations protect their systems and information.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds