DNC says Russian hackers hit it with phishing effort after midterms

The Democratic National Committee apparently hasn't lost its allure for Russia-linked hacking groups like Cozy Bear.

Edward Moyer Senior Editor
Edward Moyer is a senior editor at CNET and a many-year veteran of the writing and editing world. He enjoys taking sentences apart and putting them back together. He also likes making them from scratch. ¶ For nearly a quarter of a century, he's edited and written stories about various aspects of the technology world, from the US National Security Agency's controversial spying techniques to historic NASA space missions to 3D-printed works of fine art. Before that, he wrote about movies, musicians, artists and subcultures.
  • Ed was a member of the CNET crew that won a National Magazine Award from the American Society of Magazine Editors for general excellence online. He's also edited pieces that've nabbed prizes from the Society of Professional Journalists and others.
Edward Moyer
2 min read

It seems the hacks keep coming.

The Democratic National Committee said this week that following last year's midterm elections, Russian hackers again took aim at the organization.

"In November 2018, dozens of DNC email addresses were targeted in a spear-phishing campaign, although there is no evidence that the attack was successful," the DNC said in court documents filed Thursday.

Spear-phishing involves sending bogus emails disguised as legitimate ones to fool recipients into revealing passwords or other sensitive information, or to trick them into downloading malicious software.

The DNC said the content and timestamps of the November phishing emails were consistent with a separate spear-phishing effort, conducted around the same time, that specialists had tied to a Russian spy agency called Cozy Bear.

US officials say Cozy Bear and another Russia-linked agency, Fancy Bear, infiltrated DNC computers months before the US presidential election in 2016. Potentially damaging information from private DNC emails was later posted by WikiLeaks weeks before the vote.

Cozy Bear is believed to be either Russia's Federal Security Service, known as the FSB, or its Foreign Intelligence Service, the SVR. Fancy Bear is thought to be Russia's military intel agency, GRU. The Russian government has repeatedly denied hacking the DNC.

Computer security specialists say the November phishing campaign against the DNC was part of a larger effort with a number of targets, including government agencies, military personnel and defense contractors, The New York Times reported.

Among other things, hackers were reportedly trying to gather information on Democratic policy stances and on the platforms of Democratic hopefuls for the 2020 presidential campaign. The phishing scheme reportedly involved emails meant to look like they'd come from the US State Department.

Security:  Stay up-to-date on the latest in breaches, hacks, fixes and all those cybersecurity issues that keep you up at night.

Cambridge Analytica: Everything you need to know about Facebook's data mining scandal.