• Contact Us
  • Login
No Result
View All Result
Thursday, February 2, 2023
National Tribune
SUBSCRIBE
  • World
  • Business
  • Politics
  • Science
  • Health
  • Opinion
  • World
  • Business
  • Politics
  • Science
  • Health
  • Opinion
No Result
View All Result
National Tribune
No Result
View All Result
Home Uncategorized

What We Know About Russia Hacking the Ukrainian Company at the Center of Trump’s Impeachment

by Associated News
January 14, 2020
in Uncategorized
0
What We Know About Russia Hacking the Ukrainian Company at the Center of Trump’s Impeachment
0
SHARES
2
VIEWS
Share on FacebookShare on Twitter

Want the best of VICE News straight to your inbox? Sign up here.

Ukrainian President Volodymyr Zelensky may not have listened when President Donald Trump asked him to dig up some dirt on his political rival Joe Biden in exchange for hundreds of millions of dollars in military aid — but the Kremlin was apparently all ears.

The same Russian government hackers who broke into the Democratic National Committee in 2016 successfully breached the network of Ukrainian gas company Burisma at the end of 2019, according to a bombshell new report from California cybersecurity company Area 1.

Burisma, which has yet to comment on the report, is the gas company where Hunter Biden, son of Democratic presidential nominee Joe Biden, sat on the board of directors for five years. Trump has repeatedly made allegations that the former vice president used his power to bury corruption investigations against his son in Ukraine. But all claims have been shown to be baseless.

The hacks took place in November and December, at the height of the impeachment scandal in Washington, and targeted subsidiaries of Burisma. The method and timing immediately drew comparisons with the breach of the DNC in the lead-up to the 2016 election, which led to the leak of sensitive emails by Wikileaks.

While some have questioned the quick attribution of the attack to Russia, Area 1 CEO Oren Falkowitz told VICE News he’s “100% sure” where the attack came from.

“If you think that some random schmo just magically put their finger on the internet to pick this company out of all companies, you’re not really using your brain,” Falkowitz said

Russian hackers used phishing campaigns to trick employees of Burisma and its subsidies into giving up their account credentials, according to Area 1’s report. And because all companies shared a central email server, gaining access to one meant a hacker would have had access to them all.

Area 1 doesn’t know what the hackers were looking for or if they accessed any data, but the breach raises the possibility that the Kremlin obtained personal communications related to Hunter Biden.

What happened?

On New Year’s Eve, Falkowitz, a former NSA hacker, got a call from one of his colleagues who had found a new Russian email phishing campaign.

A day later, Falkowitz realized that all the companies being targeted by the campaign were Ukrainian energy companies, and further investigations found they were all linked to Burisma.

Over the next couple of weeks, Falkowitz and his colleagues tracked a campaign that built fake websites designed to look almost identical to the real websites of the companies.

One site belonged to KUB-Gas LLC, whose website URL is kub-gas.com.ua. The hackers built an identical site using the URL kub-gas.com, a sleight of hand designed to trick victims into handing over their credentials. Such a small alteration to the URL would be spotted by very few people according to Falkowitz.

“If you’re an employee at a company, let’s be realistic, would you know that your company doesn’t own the dot com?” Falkowitz said. “That’s absurd.”

The hackers also mimicked the business tools their victims used, such as SharePoint, to trick them into sharing usernames and passwords and then leveraged those stolen details to conduct even more attacks.

These attacks are designed to circumvent any cyber security training companies like Burisma might get their employees to conduct.

“They went after all of the subsidiaries and partners simultaneously,” Falkowitz said. “So once you get someone’s username and password you can then use those accounts to launch even further phishing attacks and those become even more authentic, and so training is absolutely the opposite of what stops these types of campaigns.”

Who are the hackers?

Hackers linked to Russia’s Main Directorate of Military Intelligence, or GRU, conducted the attack, according to Area 1. The group, also known as Fancy Bear, is the same one that attacked the DNC andHilary Clinton’s campaign in 2016.

Along with the hackers, a number of factors link the 2016 attack with last year’s breach.

“It is fair to compare them in the sense that both were perpetrated by the same cyber actor, in this case, the Russian government,” Falkowitz said. “It is fair to compare them in the sense that both of them started with phishing campaigns. It’s fair to compare them in the sense that their timing, as related to U.S. elections, is certainly more than circumstantial.”

The attacks began in November when the House impeachment inquiry was underway, and the news of the breach comes as the House prepares about to send the articles to the Senate, where President Trump’s trial will start.

While some experts have urged caution about attributing the attack so quickly, others at cybersecurity companies FireEye and ThreatConnect have backed up Area 1’s claim about Russian involvement. But both have hedged their conclusions about whether Burisma’s email server was breached.

Area 1 co-founder Black Darche told Reuters that the company has unpublished information that links the attacks to a specific GRU officer in Moscow.

What data were compromised?

Area 1’s report claims only that the hackers breached the email server belonging to Burisma. It does not speculate on what information the hackers may have done once inside the system.

But if Russian hackers did successfully breached Burisma’s network, they could have obtained communications from, to, or about Hunter Biden, who served on Burisma’s board of directors between 2014 and 2019, sparking fears that they could use the information to disrupt the 2020 presidential election.

In 2016, the stolen DNC and Clinton emails were leaked to Wikileaks and the media via the online persona of Guccifer 2.0, who turned out to be a cutout of the GRU. But if the Burisma hackers are hoping to stage a repeat of what happened in 2016, it may be months before any information is leaked.

“There’s usually a big gap between when you see the attack initially become successful to then maybe what’s revealed as the damage” Falkowitz said.

What has the reaction been?

Burisma has yet to comment on the attack, though one source told Reuters that the company’s website had been subject to multiple break-in attempts over the past six months. The source did not provide further details.

Joe Biden’s campaign has not reacted to the hack on Burisma directly but used the opportunity to criticize the president for failing to stop Russian influence in U.S. elections.

“Any American president who had not repeatedly encouraged foreign interventions of this kind would immediately condemn this attack on the sovereignty of our elections,” a spokesman for his campaign told Reuters.

The Chairman of the House Intelligence Committee, Rep. Adam Schiff, who has led the impeachment inquiry into Trump, said on Monday night that he only learned of the breach of Burisma when he read it in the New York Times, adding that “it does not at all surprise me.”

“This is indeed what Bob Mueller warned of in his testimony that the Russians would be at this again,” Schiff told MSNBC. “FBI Director Wray said the same thing, and they appear, if this reporting is correct, to be in the middle of another hacking and potentially dumping operation.

Cover image: Fancy Bears website releases data on the USA and Canada’s plot against the International Olympic Committee (IOC). Alexey Malgavko/Sputnik via AP

Continue Reading…

Associated News

Associated News

Next Post
Someone Spray-Painted “White Power” and a Swastika on a Brand-New Sikh Center in Northern California

Someone Spray-Painted "White Power" and a Swastika on a Brand-New Sikh Center in Northern California

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Mining State Western Australia to Legislate Net-Zero by 2050

Mining State Western Australia to Legislate Net-Zero by 2050 | NationalTribune.com

1 week ago
Webb Space Telescope Spots Early Galaxies Hidden From Hubble

Webb Space Telescope Spots Early Galaxies Hidden From Hubble | NationalTribune.com

2 months ago

Popular News

    Connect with us

    NationalTribune Logo

    About Us

    National Tribune is an independent newspaper and publishing company owned by the National Tribune Company, formed in 1877 in Washington, D.C.

    • World
    • Business
    • Politics
    • Science
    • Health
    • Opinion
    • Help
    • About Us
    • Subscriptions
    • Privacy Policy
    • Corporate
    • Terms Of Service
    • GDPR

    Connect With us

    • Contact Us

    © 2022 NationalTribune.com

    No Result
    View All Result
    • About
    • About Us
    • Contact
    • Contact Us
    • Home
    • Home 1
    • Home 2
    • Home 3
    • Home 4
    • Home 5
    • Homepage
    • Homepage
    • Investor Relations
    • Log In
    • Member Directory
    • My Account
    • My Profile
    • News
    • Privacy Policy
    • Reset Password
    • Sign Up
    • We’re Hiring

    © 2022 NationalTribune.com

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In