Russian civilian and military intelligence Services (RIS) have operated under false identities to launch cyberattacks in the United States, including against a political party, according to a report by the FBI and Department of Homeland Security, informs news.ro. EurActiv’s partner Ouest France reports that according to the report the group Guccifer 2.0, which claimed to be a Romanian hacker and carried out the attack on the Democratic Party, was in fact a partnership of two Russian pirate groups.

"In some cases, RIS actors masqueraded as third parties, hiding behind false online personas designed to cause the victim to misattribute the source of the attack," is shown in the document.

"The U.S. Government confirms that two different RIS actors participated in the intrusion into a U.S. political party. The first actor group, known as Advanced Persistent Threat (APT) 29, entered into the party’s systems in summer 2015, while the second, known as APT28, entered in spring 2016."

"This activity by RIS is part of an ongoing campaign of cyber-enabled operations directed at the U.S. government and its citizens," mentioned the authors of the report.

"This Joint Analysis Report provides technical indicators related to many of these operations, recommended mitigations, suggested actions to take in response to the indicators provided, and information on how to report such incidents to the U.S. Government."

And finally, the report claimed that the group Guccifer 2.0, which claimed to be a Romanian hacker and carried out the attack on the Democratic Party, was in fact a partnership of two Russian pirate groups.

The operators, posing as Guccifer 2.0, dismissed CrowdStrike's attribution, insisting instead that the DNC had been "hacked by a lone hacker." 

A computer security expert at King's College London, Thomas Rid, said that "it is rather likely" that the attack against the entire Democratic Party, including the role of Guccifer 2.0, has been orchestrated by Russian spies.

The FBI and the US Department of Homeland Security have published details of the operation allegedly carried out by the Russian secret services to influence or disrupt last year’s American presidential election, nicknamed the Grizzly Steppe.

Beside expelling 35 Russian diplomats from Washington and San Francisco, announced on Thursday (29 December), and the closure of two Russian centres in New York and Maryland, President Obama also set a new precedent by approving the publication of the security services’ 13-page report.

According to one American civil servant quoted by the New York Times, this publication was designed to “embarrass the Russian government by revealing its tactics, techniques and procedures to the public at large”. That is, to internet users around the world.

But Moscow has denied any connection to the groups of hackers targeted by the report.

Source: Euractiv