(Cartoon image is by Walt Handelsman for the Tribune Content Agency.)
Russian hackers are still trying to interfere in our political system. Their latest hacks are directed at progressive organizations in the United States. While they are asking for money from these groups (under threat of releasing sensitive information), I have to wonder why it is only progressive groups they are attacking (and not conservative groups). Is it a continuing effort to help Donald Trump?
The following article is by Michael Riley at Bloomberg News. Here are some excerpts:
Russian hackers are targeting U.S. progressive groups in a new wave of attacks, scouring the organizations’ emails for embarrassing details and attempting to extract hush money, according to two people familiar with probes being conducted by the FBI and private security firms.
At least a dozen groups have faced extortion attempts since the U.S. presidential election, said the people, who provided broad outlines of the campaign. The ransom demands are accompanied by samples of sensitive data in the hackers’ possession.
In one case, a non-profit group and a prominent liberal donor discussed how to use grant money to cover some costs for anti-Trump protesters. The identities were not disclosed, and it’s unclear if the protesters were paid.
At least some groups have paid the ransoms even though there is little guarantee the documents won’t be made public anyway. Demands have ranged from about $30,000 to $150,000, payable in untraceable bitcoins, according to one of the people familiar with the probe.
Attribution is notoriously difficult in a computer attack. The hackers have used some of the techniques that security experts consider hallmarks of Cozy Bear, one of the Russian government groups identified as behind last year’s attack on the Democratic National Committee during the presidential election and which is under continuing investigation. Cozy Bear has not been accused of using extortion in the past, though separating government and criminal actors in Russia can be murky as security experts say some people have a foot in both worlds. . . .
During the election Russian hackers heavily targeted the personal email accounts of staffers associated with the Clinton campaign. One of the people who described the current campaign said that in some cases, web-based email accounts are also being targeted because of their heavy use among non-profits.
Along with emails, the hackers are stealing documents from popular web-based applications like SharePoint, which lets people in different locations work on Microsoft Office files, one of the people said. . . .
The hackers’ targeting of left-leaning groups -- and the sifting of emails for sensitive or discrediting information -- has set off alarms that the attacks could constitute a fresh wave of Russian government meddling in the U.S. political system. The attacks could be designed to look like a criminal caper or they could have the tacit support of Russian intelligence agencies, the people said.
Russia’s intelligence agencies maintain close relationships with criminal hackers in the country, according to several U.S. government investigations.
None of the possible explanations for the attacks are particularly comforting to the victimized groups, few of which are household names but are part of the foundation of liberal politics in the U.S.
Some of the groups are associated with causes now under attack by the Trump administration.