A hacking group tied to the incursion on the Democratic National Committee has been linked to Russian military intelligence, according to a new report by the cybersecurity firm CrowdStrike.
This finding is just the latest indication the Russian government was directly involved in the hack, which led to the release of thousands of emails among Democratic officials. That assessment has been echoed by the US intelligence community.
Last week, a US official told CNN the intelligence community assessed the hack could only have been carried out with the involvement of the “highest levels of government, including (President Vladimir Putin) himself.”
The US official said there are two entities in Russia capable of doing this kind of work, but would not name either of them. The tools the Russians used are understood by the US and have a unique “signature.”
CrowdStrike, which previously conducted a review of the hack for the DNC, now concludes that the hacking group responsible — called FANCY BEAR — was also behind malware used to facilitate reconnaissance against Ukrainian troops, allowing “Russia-based actors” to better target tactical artillery.
“The collection of such tactical artillery force positioning intelligence by FANCY BEAR further supports CrowdStrike’s previous assessments that FANCY BEAR is likely affiliated with the Russian military intelligence (GRU), and works closely with Russian military forces operating in Eastern Ukraine and its border regions in Russia,” CrowdStrike notes in their report.
CrowdStrike co-founder and chief technical officer Dmitri Alperovitch further confirmed to CNN it has a high degree of confidence, based in part on this new link, that a unit in the GRU was behind the DNC hack.