Russians Are Now Trying to Hack U.S. Senate Emails

The Russian hacking group that stole Democratic National Committee emails during the 2016 presidential campaign has also tried to break into the U.S. Senate email system, according to a cybersecurity company.

The hacking group, known by the nickname Fancy Bear, stepped up its political hacking efforts in the second half of 2017, including setting up fake websites designed to mimic a Senate email system.

“They were quite active, targeting at least five organizations, including two government organizations outside of the U.S.,” Feike Hacquebord, one of the researchers tracking the group for Trend Micro, told Newsweek.

Hacquebord said he couldn’t tell whether the fake websites worked, only that the Russian hackers had been attempting to hook Senate staffers. He said the hackers have also been busy internationally, trying to gain access to the accounts of Iranian email users the day before that country’s 2017 presidential elections, for example.

It is against Trend Micro's policy to claim that governments are behind any hacking group, but other cybersecurity experts have linked Fancy Bear to the GRU, the Russian military intelligence agency. U.S. intelligence agencies also made the connection as part of a public report on Russia’s meddling in recent U.S. elections.

GettyImages-655700386 National Security Agency Director Michael Rogers testifies on Russian election meddling before Congress on March 20, 2017. Drew Angerer/Getty Images

The attacks use what cybersecurity experts call “spear phishing,” a technique that attempts to fool victims into providing security information, downloading files or going to certain websites because of specific details in an email that make it appear to be coming from a legitimate source.

“You need a good preparation, so you have to know whom to target exactly, and they are quite precise in what they do,” Hacquebord said.

Earlier in the week, Fancy Bear appeared to be leaking information gained from attacks against the International Olympic Committee, in apparent response to Russia being banned from this year’s Olympic Games.

Hacquebord, who has been tracking the group since 2015, said it has used similar attack tactics for years and targeted several countries, including Germany and France. The group appears to be well funded, he said, and never seems to seek financial gain. Instead, it works with intermediaries like WikiLeaks to release embarrassing information.

“We think that this is just part of an attempt to influence public opinion about certain matters,” he said. “I’ve never seen evidence for any motivation to earn money—the only motivation seems to be information.”

The hackers' complicated attack techniques make it appear they are either very well funded or part of a large team, Hacquebord said. The development of such techniques requires a capable team, or they can be bought, often at cost of about $100,000 per software vulnerability.

Russian hackers have not slowed down their meddling since the presidential election, according to experts, who point to several social media campaigns in recent months that have tried to stir dissent in the U.S. political sphere. Special counsel Robert Mueller’s investigation into the Trump campaign’s possible collusion with Russia has been a favored target in recent months, with about 20 percent of social media traffic from accounts linked to Russian intelligence trying to undermine faith in the probe.

Democrats have been warning that Russia will try to meddle in the 2018 midterm elections and say President Donald Trump has done little to protect the U.S. against such efforts.