A “Joint Analysis Report” by the FBI and DHS has been released that formally points the finger at Russia for the alleged hacking of the Democratic Party. The 13 page report details the Russian operation, called “Grizzly Steppe,” and reveals the organizations and tools that were involved in the hacking.
From The Hill:
The report identifies two Russian intelligence groups already named by CrowdStrike and other private security firms.
The Federal Security Service, or FSB, is the main successor to the KGB — once headed by Russian President Vladimir Putin.
The FSB is thought to be behind the hacking group known as APT29. A more traditional, long-range intelligence agency, the FSB lurked on the DNC systems for over a year.
The GRU, Russia’s military intelligence service, is thought to be behind the second group that infiltrated the DNC, known as APT28. APT28 is also believed to have breached Podesta’s emails.
Despite their overlapping targets, the two agencies have different missions in the cyber realm.
APT28 is thought to be the group responsible for “doxxing” the DNC and Podesta by allegedly providing the stolen missives to WikiLeaks to publish.
Both organizations gained access to the DNC through targeted spearphishing campaigns, in which the hackers tricked targeted users into clicking bogus links that either deployed malware or directed them to a fake webmail domain hosted on Russian infrastructure.
The report also states that the Russians have continued spearphishing the Democrats even after the election, with the latest attempt occurring just one day after.
President Barack Obama has already taken action against the Russians by passing sanctions on their intelligence community, and ousting 35 operates from within the country. President-elect Donald Trump has also responded, saying it’s time to “move on to bigger and better things.”