Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Security Republicans Politics

Russian State Hackers Breached Republican National Committee (bloomberg.com) 80

Russian government hackers breached the computer systems of the Republican National Committee last week, around the time a Russia-linked criminal group unleashed a massive ransomware attack, Bloomberg News reported Tuesday, citing two people familiar with the matter. From the report: The government hackers were part of a group known as APT 29 or Cozy Bear, according to the people. That group has been tied to Russia's foreign intelligence service and has previously been accused of breaching the Democratic National Committee in 2016, and of carrying out a supply-chain cyberattack involving SolarWinds Corp., which infiltrated nine U.S. government agencies and was disclosed in December. It's not known what data the hackers viewed or stole, if anything. An RNC spokesman on Tuesday denied its systems were breached and referred to an earlier statement.

"Microsoft informed us that one of our vendors, Synnex, systems may have been exposed," Mike Reed, a spokesman for the RNC, said on Saturday. "There is no indication the RNC was hacked or any RNC information was stolen. We are investigating the matter and have informed DHS and the FBI." The attack on the RNC, coupled with the recent ransomware attack, is a major provocation to President Joe Biden, who warned Russian President Vladimir Putin about cyberattacks at a June 16 summit. It's not clear if the attack on the RNC is connected in any way to the ransomware attacks, which exploited multiple previously unknown vulnerabilities in software from Miami-based Kaseya Ltd.

This discussion has been archived. No new comments can be posted.

Russian State Hackers Breached Republican National Committee

Comments Filter:
  • I guess... (Score:5, Funny)

    by Anonymous Coward on Tuesday July 06, 2021 @03:57PM (#61556747)
    the RNC wasn't one of the "sixteen" things to stay away from... lol
    • they probably were part of the list which means Putin has stepped in it by thinking he wouldn't be caught.

    • Re: (Score:1, Offtopic)

      by Aubz ( 7986666 )
      The Russians are coming, maybe, possibly, potentially. Oh wait, didn't Snowden show that certain agencies, that can't be named, have the ability to pretend to be anyone, anywhere. Hmmm.
    • "the RNC wasn't one of the "sixteen" things to stay away from... lol"

      If they only had a private email-server in the basement.

  • by stephanruby ( 542433 ) on Tuesday July 06, 2021 @04:02PM (#61556769)

    An RNC spokesman on Tuesday denied its systems were breached

    Yeah, it's not a breach if you intentionally give them access to it.

    • Re:Not breached (Score:4, Interesting)

      by rtb61 ( 674572 ) on Tuesday July 06, 2021 @06:51PM (#61557299) Homepage

      "An error in software supplied by Kaseya allowed attackers to hit many targets at once." https://en.wikipedia.org/wiki/... [wikipedia.org]. I mean seriously, how many people buy that excuse. Trace the error to find the corrupt insider. As for Russia, if I was going to hack the USA, that is exactly where I would set up my server and run it remotely. I know the US government will not say anything to the Russia government until it is all over, giving time to wipe the server, evidence gone. Not that the Russia government can trust anything the US government says and will justly assume their claims are a lie and of course because the servers in Russia were use to attack servers in the USA and do ziltch in Russia, the Russia government would see nothing, so you can operate freely, investigation free.

      Just because the US government will SAY NOTHING to the Russia government whilst you are running the hack, fear of alerting the Russians they are on to them because they will catch them this time for sure. That is the window for free computer criminal network activity, to hack the USA from Russia. Russia wont notice anything and the USA will not say anything until it is over and the US government will publicly announce when it is time for you to erase your rented Russian server end the server rental and start a new one.

      Whose fault is this, quite clearly, entirely the US governments fault. They want no global cyber treaty because they want to continue to hack the planet, really, idiotic childish stuff. Those hacks all your fault US government, created a massive loop hole for crime against yourselves, MORONS.

  • The RNC misspelled "System Administrators" and "logged into" ... :-)

  • If Trump were in office, this might mean nuclear war.

    I'm thinking of the movie "Sneakers" where the RNC is bankrupt, after the use the "magic box" to steal all the RNC's money.

    JoshK.

  • by oldgraybeard ( 2939809 ) on Tuesday July 06, 2021 @04:15PM (#61556809)
    "Microsoft informed us that one of our vendors, Synnex, systems may have been exposed.
  • The attack on the RNC, coupled with the recent ransomware attack, is a major provocation to President Joe Biden, who warned Russian President Vladimir Putin about cyberattacks at a June 16 summit.

    Message received!

  • by Okian Warrior ( 537106 ) on Tuesday July 06, 2021 @04:18PM (#61556817) Homepage Journal

    In other news, a few days ago hundreds of companies in various countries were hacked.

    We're not taking this seriously, and we should.

    Putin can claim he doesn't know where they are, and that it's not his (ie: governmental) problem, but we should *make* it his problem.

    Also, a couple of articles down is one about China holding companies responsible for loss of user data. Can we get some of that?

    As much as having regulation stifles innovation, maybe the situation is sufficiently bad that we need to light a fire under US corporations to do something about this; like, encouraging them to secure their systems, but in ways that makes it painful for them when they don't. (Carrot and stick.)

    Maybe the federal government should concentrate on this issue more, and less on things that don't matter such as stoking racial tensions or political divisiveness.

    • Re: (Score:1, Troll)

      by iggymanz ( 596061 )

      it's a windows problem, people using microsoft's garbage deserve what they get. Why should those of us who use alternatives give a shit?

      • by Ostracus ( 1354233 ) on Tuesday July 06, 2021 @04:38PM (#61556881) Journal

        Ahem, SYNNEX. [synnexcorp.com]

      • it's a windows problem, people using microsoft's garbage deserve what they get. Why should those of us who use alternatives give a shit?

        Those people don't deserve what they get, being disrupted affects their customer base negatively (which might include you), it drives up prices, and the activity could touch a national infrastructure such as a gas pipeline.

        Saying "they deserve what they get" really isn't a defensible position.

        Also, if the alternatives are so secure, then any regulation aimed at security won't affect the alternatives, so you wouldn't be inconvenienced anyway.

        This is what your message was actually about, wasn't it? That you d

        • They get what they deserve, Cheap-Fast-Good pick only 2...

        • Very defensible position, they chose Microsoft's consumer grade crap instead of a real operating system and are paying the price for their utter stupidity. That's the good thing that will come out of this, better and more hardened alternatives to Microsoft's junk. If the stupid people get wiser it's all good.

          • Feel free to suggest a better and more functional email client than Outlook. Its fun to hate on it, but there really are very few alternatives. There are ones that handle email better, there are one that handle contacts better, but few that do it all and are extensive even further. Yeah it still sucks as it can go not responding when viewing mailboxes that it hasn't already downloaded.

            There is also Outlook's integration with ATP that is in my opinion far more intuitive for users. When you get a yellow bann

            • Oh, so this thing with whatever gee-wheez features you like, Outlook, not only propagates and installs malware regularly with its flaws, but runs on OS and connects to server on OS that regularly gets hit with malware and rasonware.

              No, I won't "feel free to suggest a better and more functional email client" because you're shilling a malfunctioning and badly designed piece of crap that shouldn't be used for business.

              You don't have an argument nor defense, your stupidity and stubbornness in insisting on a bro

              • It is enjoyable to see people spouting things they don't understand. I gave you an out to suggest a better and more functional product but you can't. I even stated Outlook has its problems but you are too blinded by your MS hate to see that it helps hundreds of millions of people do their work. Anything on that kind of scale is not going to be perfect for everybody. I've got users with 100gig mailboxes along with 100gig archives because they never learned an efficient way to file data away properly. Outlook

                • You are the one who hasn't suggested anything functional yet. I've seen Outlook again and again spread malware through companies over the decades, and recently ransomware. Yet you shill your bad solution to the problem of email, scheduling and groupware. It's not an option at all for any serious business.

                  Yes, there are groupware and email systems far superior that have never spread malware. You are ignorant of them but they exist.

                  • So hundreds of millions of people, probably even over a billion use Outlook every single day and you say it isn't functional? Good luck with that argument.

                    Malware, spam, ransomware isn't spread by Outlook, it is spread by bots and servers all over the world and running on all kinds of platforms from Linux, to Windows, to Mac, to Android, to iOS even. Outlook is usually the intended target for this malware.

                    If you look at all 500 of the fortune 500 companies you're going to find they all use Outlook almost e

    • by Anonymous Coward

      This is a problem in general; the West is under attack like no time before by countries that don't give a shit about playing by the rules.

      Whether it's Iran creating instability in the Middle East by giving Houthi's scud missiles to fire at Saudi Arabia's capital or funding, equipping, arming, and telling Hezbollah to attack Israel, or whether it's Russia carrying out these hack attacks and invading Crimea with soldiers without national patches; a breach of the Geneva convention because it puts civilians at

      • I always enjoy how people recite history meaning they aren't ignorant about our past activities while they ignore the cost that we paid for arming people all across the globe. Most of our problems geopolitically today are caused by the very activities you wish we would stoop to now. Arming people in South America is a direct cause of our border issues right now for instance.

        We also armed Osama Bin Laden and Saddam Hussein, no repercussions there naturally.

        Our best tool is economic sanctions. If Russia is

  • Trust no one (Score:5, Informative)

    by random_nb ( 2453280 ) on Tuesday July 06, 2021 @04:18PM (#61556819)
    from https://old.reddit.com/r/sysadmin/comments/oeye93/psa_revoke_delegated_admin_from_synnex_if_they [reddit.com]

    Dear Valued CSP Partner,

    We are sending you this message to inform you that we experienced a few instances in which outside actors attempted to gain access to Microsoft cloud customers’ environment, or CSP customers, through our external Office365 platform.

    As a customer that uses this provisioning platform, we want to inform you that you and your customers do not appear to be among those that have been impacted.

    We have been partnering with Microsoft and CrowdStrike to confirm our findings. We will provide updates to you as necessary.

    It is important to remain alert. Please call us if you see any sign of security intrusion. And please email questions about this cybersecurity attack to x.

    We value our relationships with you, and we appreciate the trust you place in us.

    The RNC, as a customer of Synnex who is reselling Office 365/Azure services, may have been attacked through a delegated administration authorization. The minimum required privileges for the CSP to provide licensing services is not full administration rights. CSPs want this access because it makes their job easier and allows them to do more for their customers (ie: this is the "added value" in "value added reseller").

    The customer may choose [microsoft.com], but Microsoft does not make it terribly clear to CSP customers that delegating tenant administration is effectively outsourcing their cloud security to the CSP, and represents significant risk. Indeed, some creative use of Intune/MEM policies [specterops.io] can direct custom scripting right down to desktops in a similar manner as the recent Kaseya attack. Protecting administration portals is crucial.

  • "connected"? (Score:5, Interesting)

    by superwiz ( 655733 ) on Tuesday July 06, 2021 @04:21PM (#61556827) Journal
    Everyone is connected to Kremlin. Including every single person reading slashdot. Saying that they are "connected" is the least informative way to describe things. Either describe the nature of the connection, or you are literally (and I am using "literally" correctly here) saying nothing.
  • Breached? (Score:1, Troll)

    by Rick Zeman ( 15628 )

    I thought they were sister organizations.

  • This event by Russian hackers gives new meaning to the loaded expression "stop the steal" ...

    "Too late!" :-)

    JoshK.

  • on your opposing parties origination, then talk to Putin

  • by Anonymous Coward

    An alternative explanation just occured to me. Why didn't I think of this -- it seems very obvious, in hindsight.

    The Russian were simply trying to upload copies of Hillary's emails.

  • Cyber Ninjas.... where are they now?

  • die by the sword.
  • .. and Bloomberg the biggest bullshitters ever.

    They're the modern equivalent of the old Soviet Era TASS but for the Elites in control of the U.S.

    This is just selling people the narrative that we all need to be spied upon for our own good, and computing should be centralised. Mark my words.

  • are dumb enough to use Microsoft products says a lot about those running the country.
  • Dear slashdot editors, this anti-Russian cyber bullshit is getting very very tedious!
  • on O365 users? I mean this is plowed ground. Why can I send an email to the security contractors, outside janitorial contractors management companies contact email and if that person clicks on my link I can infect all the security vendors clients. Wow! I would really have to work to create something else that effective.
  • Hacked? Why, did they forget their password?

"The following is not for the weak of heart or Fundamentalists." -- Dave Barry

Working...