Russian hackers belonging to the Cozy Bear group were reportedly behind the attack on Synnex, a provider of IT services to the Republican National Committee (RNC), last week. Bloomberg write. The attack may have revealed the organization’s information.
When you ask Bloomberg, An RNC spokesman banned the hacking of the organization’s systems, but confirmed that one of its IT suppliers, Synnex, had been exposed. The RNC issued the following statement on the attack:
Over the weekend, we were notified that a third-party service provider, Synnex, had been breached. We immediately blocked all access from the Synnex accounts to the cloud environment. Our team worked with Microsoft to review our system, and after a thorough investigation, RNC data was not available. We will continue to work with Microsoft and federal law enforcement agencies on this matter.
In an opinion issued on 6 JulySynnex further confirmed that “it is aware of a few instances where third parties have attempted to gain access to Microsoft’s cloud client applications through Synnex.” The company claims to be reviewing the attack alongside Microsoft and a third-party security company. By dealing with enterprise software that interacts with the Microsoft cloud instead of going directly after Azure or Office products directly similar SolarWinds hacking in 2020.
And in this context, it would make sense: Cozy Bear members working with the Russian Foreign Intelligence Service SVR, is suspected to be largely behind the manipulation of SolarWinds software for illegal purposes. SolarWinds violates potentially exposed data more than a hundred companies and government organizations, and even compromise the tools of cybersecurity companies designed to prevent such attacks as FireEye.
There are also similarities between the RNC breach and the hacking of the National Democratic Committee and Hilary Clinton’s presidential campaign in 2016. leak of thousands of emails on WikiLeaks, eventually led Prosecution of 12 members of the GRU, A Russian military intelligence service with links to another group of urine – inspired Russian hackers called Fancy Bear.
The RNC attack arrives in the midst of ransomware attacks on critical infrastructure and businesses in the United States. The list is long, but last year Colonial tube, insurance company CNAand recently IT software vendor Kaseya, have all been victims of ransomware attacks. Bloomberg suggests that the Cozy Bear attack could have used these ransomware hackers as a form of protection, and even if they did not, attacking political targets is an ongoing problem it doesn’t always end in a dramatic leak.