WASHINGTON • In the summer of last year, hackers working for Russia's civilian intelligence service sent e-mails with hidden malware to more than 1,000 people working for the US government and political groups.
The simple trick, US intelligence agencies say, marked the modest start of what they call "Grizzly Steppe", which developed into a far-reaching Russian operation to interfere with this year's American presidential election.
The initial hackers sent e-mails that appeared to come from legitimate websites and other Internet domains tied to US organisations and educational institutions, according to a report issued by the Federal Bureau of Investigation (FBI) and Department of Homeland Security (DHS).
Those who were fooled into clicking on the "spear- phishing" e-mails provided a foothold into the Democratic National Committee (DNC) - although the party organisation was not named in the report - and key e-mail accounts for material that would later be leaked to damage Mrs Hillary Clinton in her losing campaign against now President-elect Donald Trump.
"This activity by Russian intelligence services is part of a decade-long campaign of cyber-enabled operations directed at the US government and its citizens," according to a joint statement from the FBI, DHS and the Office of the Director of National Intelligence.
In addition to providing evidence, the report was intended to embarrass and stymie the Russian government by making public its tactics, techniques and procedures, according to a US official discussing internal deliberations who asked not to be identified.
Along with the report, the DHS released an extensive list of Internet protocol addresses, computer files, malware code and other "signatures" that it said the Russian hackers have used.
The initial hackers worked for Russia's FSB, the successor to the Soviet Union's KGB. Once inside the DNC, the group used stolen credentials to expand its access to directories and other data, and made off with e-mails from several accounts through encrypted communication channels, according to the report.
Then, a second wave came in the spring of this year. Hackers working for Russia's military intelligence service, the GRU, infiltrated the DNC's networks through more spear-phishing e-mails, which tricked recipients into changing their passwords through a fake Web mail domain.
This allowed the hackers "to gain access and steal content, likely leading to the exfiltration of information from multiple senior party members", said the report.
"The US government assesses that information was leaked to the press and publicly disclosed," it said.
BLOOMBERG
