Russian hacking began with a simple trick: US

MR DONALD TRUMP, US President-elect.
MR DONALD TRUMP, US President-elect.
MR DMITRY PESKOV, spokesman for Russian President Vladimir Putin.
MR DMITRY PESKOV, spokesman for Russian President Vladimir Putin.

E-mails with hidden malware allegedly sent in operation to interfere with election

WASHINGTON • In the summer of last year, hackers working for Russia's civilian intelligence service sent e-mails with hidden malware to more than 1,000 people working for the US government and political groups.

The simple trick, US intelligence agencies say, marked the modest start of what they call "Grizzly Steppe", which developed into a far-reaching Russian operation to interfere with this year's American presidential election.

The initial hackers sent e-mails that appeared to come from legitimate websites and other Internet domains tied to US organisations and educational institutions, according to a report issued by the Federal Bureau of Investigation (FBI) and Department of Homeland Security (DHS).

Those who were fooled into clicking on the "spear- phishing" e-mails provided a foothold into the Democratic National Committee (DNC) - although the party organisation was not named in the report - and key e-mail accounts for material that would later be leaked to damage Mrs Hillary Clinton in her losing campaign against now President-elect Donald Trump.

"This activity by Russian intelligence services is part of a decade-long campaign of cyber-enabled operations directed at the US government and its citizens," according to a joint statement from the FBI, DHS and the Office of the Director of National Intelligence.


I have ordered a number of actions in response to the Russian government's aggressive harassment of US officials and cyber operations aimed at the US election.



It is time for our country to move on to bigger and better things. Nevertheless, in the interest of our country and its great people, I will meet with leaders of the intelligence community next week in order to be updated on the facts of this situation.

MR DONALD TRUMP, US President-elect.


Such steps of the US administration that has three weeks left to work are aimed at two things: to further harm Russian-American ties, which are at a low point as it is, as well as, obviously, deal a blow on the foreign policy plans of the incoming administration of the President-elect.

MR DMITRY PESKOV, spokesman for Russian President Vladimir Putin.

In addition to providing evidence, the report was intended to embarrass and stymie the Russian government by making public its tactics, techniques and procedures, according to a US official discussing internal deliberations who asked not to be identified.

Along with the report, the DHS released an extensive list of Internet protocol addresses, computer files, malware code and other "signatures" that it said the Russian hackers have used.

The initial hackers worked for Russia's FSB, the successor to the Soviet Union's KGB. Once inside the DNC, the group used stolen credentials to expand its access to directories and other data, and made off with e-mails from several accounts through encrypted communication channels, according to the report.

Then, a second wave came in the spring of this year. Hackers working for Russia's military intelligence service, the GRU, infiltrated the DNC's networks through more spear-phishing e-mails, which tricked recipients into changing their passwords through a fake Web mail domain.

This allowed the hackers "to gain access and steal content, likely leading to the exfiltration of information from multiple senior party members", said the report.

"The US government assesses that information was leaked to the press and publicly disclosed," it said.


A version of this article appeared in the print edition of The Straits Times on December 31, 2016, with the headline 'Russian hacking began with a simple trick: US'. Print Edition | Subscribe