The Same Russian Hackers Hit the DNC and the DCCC, Security Firms Say

Cybersecurity companies studying the breach of the Democratic National Committee and the Democratic Congressional Campaign Committee have found evidence indicating that the same group of Russian hackers breached both groups’ computer systems.

According to ThreatConnect and Fidelis Cybersecurity, two security firms that have been studying the activities of a hacker group dubbed Cozy Bear, hackers from that organization used some of the same internet infrastructure to attack the two Democratic groups. Cozy Bear hackers utilized an email address identified by German intelligence as one used by the group to register an internet domain that was then used in the attack on the DCCC.

According to Justin Harvey, the chief security officer at Fidelis, the finding provides 90 percent certainty that hackers working on behalf of Russian intelligence carried out both the DNC and the DCCC attack.

In recent days, the alleged breach of DNC servers by Russian hackers — a charge vehemently denied by Moscow — and the publishing of Democratic Party emails by WikiLeaks has led Hillary Clinton’s lieutenants to accuse the Kremlin of intervening in the presidential election on behalf of her rival, Donald Trump. The real estate mogul has consistently taken a pro-Russia stance during the campaign — a jarring posture for the Republican nominee — most recently on Sunday, when he said Russia would not intervene in Ukraine, where it has had troops since 2014, when Moscow forcibly annexed the Crimean peninsula.

Private sector researchers have said they are confident that hackers working on behalf of Russian intelligence perpetrated the breach of DNC servers. The U.S. intelligence community has reportedly reached the same conclusion, but it remains unclear exactly how DNC emails ended up in the hands of WikiLeaks.

The White House, meanwhile, is reportedly considering just how to respond to the Russian hack of U.S. political organizations and the release of emails.

The hacker Guccifer 2.0 has claimed credit for the DNC hack — but not the DCCC breach — and said he would provide stolen files to WikiLeaks. But cybersecurity researchers believe he is a persona created by Moscow to deflect attention from its alleged responsibility in carrying out the hack.

Monday’s finding that the same Russian hackers may have also breached the DCCC points toward Moscow’s broader campaign against U.S. political targets, with the apparent effort to destabilize Clinton, whom Russian President Vladimir Putin blames personally for protests in Russia that nearly cost him his third term in 2011.

The release of DNC emails just ahead of the Democratic National Convention — which sparked the resignation of party chairwoman Debbie Wasserman Schultz — broke new ground in how purloined information may be used to affect an election. The communications posted by WikiLeaks showed Democratic Party staffers, who are supposed to remain neutral in the primary campaign, working to undermine the candidacy of Bernie Sanders, an independent senator from Vermont.

Photo credit: MICHAEL BOCCHIERI/Getty Images