The US Republican National Committee denied Russian hackers access to data last week during a third-party provider breach.
Bloomberg reports that the hackers were part APT29 or Cozy bear, citing two people who are familiar with the matter. This group is associated with Russia’s foreign intelligence agency, the SVR. They were previously accused of hacking into the Democratic National Committee in 2016.
RNC claims that Microsoft’s investigation has found no RNC data was accessed through a hack of Synnex Corp., the third-party provider.
Richard Walters, RNC chief-of-staff, stated to the New York Times that Synnex, an third party provider, was breached. We immediately blocked access to Synnex accounts from our cloud environment
“Our team collaborated with Microsoft to review our systems. After a thorough investigation, we were unable to access any RNC data. We will continue to collaborate with Microsoft and federal law enforcement officials in this matter.
The hack comes as the Biden administration scrambles to address the continuing fallout from a vast ransomware attack over the holiday weekend, centered on the software company Kaseya, that affected between 800 and 1,500 businesses.
That attack, which also originated from Russia, is being called the largest ransomware operation in history. The Russian hacker collective REvil has claimed responsibility for the Kaseya attack and demanded $70m to restore all the affected businesses’ data. That group was also behind a crippling ransomware attack on JBS, the world’s biggest meat producer, in June.
Joe Biden told Vladimir Putin in a meeting shortly after the JBS hack that the US would take aggressive action if Russia continued to target American infrastructure. He gave Putin a list of 16 areas – mostly in critical infrastructure – that were “off limits” for cyber-attacks.
In a press conference on Tuesday, the White House press secretary, Jen Psaki, condemned the attack on Kaseya, referencing the earlier meeting with Putin. She added that the Biden administration would convene an interagency group on Wednesday to discuss the major rise in ransomware attacks.