Cyber security firm CrowdStrike has found a strong evidence of Russia’s military intelligence arm links with the group that was behind the Democratic National Committee (DNC) hack.
DNC had hired CrowdStrike to investigate the hack and the firm linked malware used to hack and track an Android phone app used by the Ukrainian army in its battle against pro-Russia separatists in eastern Ukraine from late 2014 through 2016 with the malware used in the DNC intrusion.
The firm had always suspected Russia’s military intelligence agency, GRU, to be one of the two hacker groups that struck the DNC.
The FBI has privately concluded the same which CrowdStrike found but has not publicly drawn the link to the GRU.
CrowdStrike’s evidence pointing out GRU for the hack has revealed the how different arms of the Russian government are carrying out such types of cyber acts in the United States.
The Russian government was accused of interfering in the U.S. election by the director of national intelligence and the homeland security secretary in October.
The CIA and other intelligence agencies had revealed after the elections that Russia wanted President-elect Donald Trump to win the elections by influencing the 2016 elections through hacking and dumping of emails onto public websites.
The other group that hacked the DNC also works for Russian intelligence, CrowdStrike reported earlier this year. But the firm is not sure if it is the more internally focused FSB, or the foreign intelligence arm, the SVR. Both grew out of the KGB.
That group, which CrowdStrike has called Cozy Bear, has not apparently been deployed in the influence operation, Alperovitch said. Rather, it is focused on traditional espionage. It is the group that is believed to have hacked unclassified networks of the State Department, White House and the Joint Chiefs of Staff.