pcloudy.png
Saturday June 6th, 2020 4:36AM

Russians hacked company key to Ukraine scandal: researchers

By The Associated Press
Related Articles
  Contact Editor

BOSTON (AP) — A U.S. cybersecurity company says Russian military agents have successfully hacked the Ukrainian gas company at the center of the scandal that led to President Donald Trump's impeachment.

Russian agents launched a phishing campaign in early November to steal the login credentials of employees of Burisma Holdings, the gas company, according to Area 1 Security, a Silicon Valley company that specializes in email security.

Hunter Biden, son of former U.S. vice president and Democratic presidential hopeful Joe Biden, previously served on Burisma's board.

It was not clear what the hackers were looking for or may have obtained, said Area 1's CEO, Oren Falkowitz, who called the findings “incontrovertible” and posted an eight-page report. The timing of the operation raises the possibility that Russian agents could be searching for material damaging to the Bidens or scheming to plant forged data and sow misinformation online.

The House of Representatives impeached Trump in December for abusing the power of his office by enlisting the Ukrainian government to investigate Biden, a political rival, ahead of the 2020 election. A second charge accused Trump of obstructing a congressional investigation into the matter.

“Our report doesn't make any claims as to what the intent of the hackers were, what they might have been looking for, what they are going to do with their success. We just point out that this is a campaign that's going on,” said Falkowitz, a former National Security Agency offensive hacker whose company's clients include candidates for U.S. federal elected offices.

In an earlier interview, he told The Associated Press that the campaigns of top candidates for the U.S. presidency and House and Senate races in 2020 have in the past few months each been targeted by about a thousand phishing emails. Falkowitz did not name the candidates. Nor would he name any of his company's clients.

Burisma did not immediately respond to a request for comment. A spokesman for Biden said in a statement that the incident shows that not just Trump but also Russian President Vladimir Putin "sees Joe Biden as a threat.”

Some cybersecurity experts cautioned against blaming Russian military agents without more evidence, however, saying the report indicates Area 1 investigators didn't have access to Burisma's internal logs and compromised email accounts in making the determination.

“That's problematic,” tweeted Thomas Rid of Johns Hopkins. “Caution advised based on what we currently know.”

And while many experts said it's a good bet the phishing amounts to a Kremlin attempt to smear the Bidens, there are other possibilities. Michael Connell, a former Army intelligence officer and researcher at the government-funded Center for Naval Analyses, notes that Russian agents have previously attacked energy-related computer systems in other countries, most notably Germany.

“The goal of the hackers was probably information gathering, but it also likely included creating backdoors to allow future access (for intel or destructive cyberattacks),” he wrote in an email.

Russian hackers from the GRU, the same military intelligence unit that Area 1 said was behind the operation targeting Burisma, have been indicted for hacking emails from the Democratic National Committee and the chairman of Hillary Clinton's campaign during the 2016 presidential race.

Stolen emails were released online at the time by Russian agents and WikiLeaks in an effort to favor Trump, special counsel Robert Mueller determined in his investigation.

Area 1 discovered the phishing campaign by the Russian military intelligence unit on New Year's Eve, said Falkowitz, who would not discuss whom he notified prior to going public or whether Burisma shared information with his company. He said he followed the industry standard process of responsible disclosure, which would include notifying Burisma.

Joan Donovan, a Harvard University disinformation expert, said one of the most dangerous possibilities would be data theft spiced with forgeries — and subsequently leaked. That reportedly happened in 2017 when emails related to the campaign of President Emanuel Macron of France were stolen and published online — with some fakes included— just ahead of his election.

She called the Burisma incident “testament to the fact that we have not paid enough attention to email security” when the consequences of a leak are so high for businesses, politicians and journalists in particular.

“Email is unfortunately the way that we've come to do business but email has become a serious, serious vulnerability,” she said.

In phishing, an attacker uses a targeted email to lure a target to a fake site that resembles a familiar one. There, unwitting victims enter their usernames and passwords, which the hackers then harvest. Phished credentials allow attackers both to rifle through a victim's stored email and masquerade as that person.

In the report, Falkowitz said the GRU agents used fake, lookalike domains that were designed to mimic the sites of real Burisma subsidiaries.

Falkowitz said the operation targeting Burisma involved tactics, techniques and procedures that GRU agents had used repeatedly in other phishing operations, matching “several patterns that lots of independent researchers agree mimic this particular Russian actor.” Area 1 says it has been tracking the Russian agents for several years.

The discovery's timing — just weeks before presidential primaries begin in the United States — highlights the need to protect political campaigns from targeted phishing attacks, which are behind 95% of all information breaches, said Falkowitz.

Area 1 said its researchers connected the phishing campaign targeting Burisma to an effort earlier last year that targeted Kvartal 95, a media organization founded by Ukrainian President Volodymyr Zelenskiy.

In this case, the Russian military agents, from a group security researchers call "Fancy Bear," peppered Burisma employees with emails designed to look like internal messages, the company said.

In order to detect phishing attacks, Area 1 maintains a global network of sensors designed to sniff out and block them before they reach their targets.

In July, the U.S. Federal Elections Commission gave Area 1 permission to offer its services to candidates for federal elected office and political committees at the same low rates it charges non-profits.

___

AP writer Yuras Karmanau in Kiev, Ukraine, contributed to this story.

  • Associated Categories: Associated Press (AP), AP National News, AP Online National News, Top General short headlines, AP Online Headlines - Washington, AP Elections, General Election News, General Presidential Election News, AP Business, AP Business - Corporate News, AP Elections - Political Conventions, AP Elections - Campaigns, AP Business - Industries, AP Business - Utilities, AP Technology News
© Copyright 2020 AccessWDUN.com
All rights reserved. This material may not be published, broadcast, rewritten, or redistributed without permission.
Philippine volcano spews lava, ash for 3rd day, 30,000 flee
A volcano near the Philippine capital is spewing lava, ash and steam and trembling constantly on the third day of an eruption that could portend a much bigger and dangerous eruption
10:12PM ( 14 minutes ago )
GOP senators reject plans to dismiss Trump impeachment
Senate Republicans are signaling they will reject the idea of simply voting to dismiss the articles of impeachment against President Donald Trump
10:08PM ( 18 minutes ago )
Trump cheered loudly at college football title game
President Donald Trump turned sports fan for an evening as he attended the College Football Playoff championship game Monday between No. 1 Louisiana State University and No. 3 Clemson
9:59PM ( 27 minutes ago )
Associated Press (AP)
Trump's fate rests with McConnell in impeachment trial
President Donald Trump, finally facing his impeachment trial, needs Mitch McConnell more than ever
9:01PM ( 1 hour ago )
McConnell on US-Iran strategy: 'Let's not screw it up'
A bipartisan resolution asserting that President Donald Trump must seek approval from Congress before engaging in further military action against Iran is drawing opposition from the Senate’s Republican leader, Mitch McConnell
9:00PM ( 1 hour ago )
Trump to become fan in chief at college football title game
President Donald Trump will turn sports fan for an evening as he attends the College Football Playoff Championship game on Monday between No. 1 Louisiana State University and No. 3 Clemson
7:57PM ( 2 hours ago )
AP Online Headlines - Washington
Federal government blasts PG&E's deal with fire victims
Tensions between the U.S. government and Pacific Gas & Electric are boiling over as they battle over whether a taxpayer-funded agency should be allowed to stake a claim on a $13.5 billion settlement covering most of the losses from catastrophic wildfires blamed on the bankrupt utility
8:59PM ( 1 hour ago )
Anger in Iran over jet's downing; gunfire disperses protests
Popular anger is swelling in Iran over the accidental shootdown of a Ukrainian jetliner and the government's attempt to conceal its role in the tragedy
8:31PM ( 1 hour ago )
New Boeing CEO inherits crisis created under his predecessor
Boeing's new CEO is in place, and he is laying out goals for this year, starting with the safe return to flight of the grounded 737 Max
7:56PM ( 2 hours ago )
AP Business
Delaware court refuses to revive Uber shareholder lawsuit
Delaware's Supreme Court has upheld a judge's dismissal of a shareholder lawsuit against ride-hailing company Uber and its former CEO
3:44PM ( 6 hours ago )
NHL extends Buffalo's agreement to host combine through 2022
The NHL's top prospects will continue making their pre-draft stops in Buffalo for at least another three years
12:39PM ( 9 hours ago )
Stocks open a bit higher on Wall Street ahead of busy week
Stocks are opening slightly higher on Wall Street ahead of a busy week for investors
9:45AM ( 12 hours ago )
AP Business - Corporate News
Lebanese protesters block road outside central bank
Lebanese protesters have returned to the streets after weeks of calm, impatient with politicians failing to tackle a deepening economic crisis
5:23PM ( 5 hours ago )
Trump to promote trade deals in Sunday speech to US farmers
The White House says President Donald Trump will highlight his policies on trade and domestic energy when he addresses the American Farm Bureau Federation's annual convention Sunday in Austin, Texas
1:23PM ( 9 hours ago )
Canadian officials accidentally push nuke alert to millions
People throughout the Canadian  province of Ontario awoke to an emergency alert warning of an “incident” at a nuclear plant near Toronto _ only to be told later that the message was a mistake
7:46PM ( 1 day ago )
AP Business - Industries
Firefighter dies as Australia works on long-term battle plan
A firefighter has been killed by a falling tree while battling the Australian wildfire crisis and the prime minister says his government is adapting and building resilience to the fire danger posed by climate change
9:15PM ( 2 days ago )
New Oman ruler vows to uphold late sultan's peaceful policy
Oman's new ruler, Sultan Haitham bin Tariq Al Said, vowed Saturday to uphold his predecessor Sultan Qaboos bin Said's foreign policy approach that steered the Arab country through choppy Persian Gulf waters by balancing close relations with both the United States and Iran
1:37PM ( 2 days ago )
Oman's new ruler vows to uphold peaceful policy of Qaboos
Oman's new ruler, Sultan Haitham bin Tariq Al Said, vowed Saturday to uphold his predecessor Sultan Qaboos bin Said's foreign policy approach that steered the Arab country through choppy Persian Gulf waters by balancing close relations with both the United States and Iran
10:13AM ( 2 days ago )
AP Business - Utilities
Philippine volcano spews lava, ash for 3rd day, 30,000 flee
A volcano near the Philippine capital is spewing lava, ash and steam and trembling constantly on the third day of an eruption that could portend a much bigger and dangerous eruption
10:12PM ( 14 minutes ago )
GOP senators reject plans to dismiss Trump impeachment
Senate Republicans are signaling they will reject the idea of simply voting to dismiss the articles of impeachment against President Donald Trump
10:08PM ( 18 minutes ago )
Trump cheered loudly at college football title game
President Donald Trump turned sports fan for an evening as he attended the College Football Playoff championship game Monday between No. 1 Louisiana State University and No. 3 Clemson
9:59PM ( 27 minutes ago )
The Latest: Offenses heating up in championship showdown
The national championship game between No. 1 LSU and No. 3 Clemson is turning into the shootout that many expected
9:45PM ( 41 minutes ago )
Sanders didn't think a woman could be president, Warren says
Elizabeth Warren says fellow Democratic presidential candidate Bernie Sanders told her during a private meeting two years ago that he didn’t think a woman could win the White House
9:34PM ( 51 minutes ago )