The launch of the operation coincided with an investigation of Trump’s political trial and if he abused his position while trying to pressure Ukrainian President Volodymyr Zelensky to announce an investigation into Burisma and Hunter Biden, an action that could possibly help the re-election candidacy of Trump.
The GRU was active in the 2016 presidential campaign, hacking the servers of the Democratic Party and the Hillary Clinton campaign president and launching their emails that summer and fall. The revelations disrupted the Democratic convention and undermined Clinton’s campaign in recent critical weeks, and the US intelligence community concluded that with such actions, Moscow aimed to help Trump and harm Clinton.
Trump has publicly minimized the conclusions of the intelligence agencies and has suggested that it was Ukraine, not Russia, that interfered in the 2016 elections. He and his personal lawyer, Rudolph W. Giuliani, have promoted an unfounded theory that Joe Biden, While he was vice president, he attempted to cancel a corruption investigation in Burisma to protect his son. Hunter Biden is no longer on the board of Burisma.
The GRU managed to violate the servers of Burisma Holdings and several subsidiaries and partners, said Oren Falkowitz, chief executive officer of Area 1 Security.
“The timing of the GRU campaign in relation to the 2020 elections in the US. Increases the spectrum that this is an early warning of what we have anticipated since the successful cyber attacks made during the 2016 US elections. “, Said Falkowitz.
Area 1 discovered the gap on New Year’s Eve, he said. It was not known what material the GRU accessed, and if any of them will be released. The GRU also targeted a media organization founded by Zelensky, the firm said. The discovery of Area 1 was first reported by the New York Times.
Phishing is the most common technique used by hackers to gain access to victims’ systems. Hackers send emails that impersonate employees or people who trust the targets, which are then tricked into clicking on links that contain malware or lead to sites with malware, allowing hackers to obtain email credentials victim’s email
“The success of phishing depends on the authenticity,” Area 1 said in a report on the incident published Monday. “The GRU has applied plausibility in the extensive masking of common commercial tools. . . to steal account credentials, gain access to internal systems and data, impersonate employees through unauthorized use of their accounts. “
The Office of the Director of National Intelligence in the fall produced a classified “national intelligence estimate” that assessed that the Russians would seek to interfere in the 2020 elections, as he did in 2016.
The GRU campaign “demonstrates that there are many objectives that can be attacked by those who would interfere in our elections,” said Laura Rosenberger, director of the Alliance to Ensure Democracy, which tracks Russian disinformation efforts. “We should expect to see more of these reports.”
Moscow’s efforts aim to undermine our elections, said Rosenberger. “The goal is to undermine our institutions,” he said.
Cybersecurity firm FireEye said Monday night that the activity described in the report is consistent with that of the GRU, although the firm said it could not validate the claim in Area 1 that Burisma was violated.
Greg Bensinger contributed to this report.