by Membrane Domain Cybersecurity
Cozy Bear and Fancy Bear are two hacking organizations from Russia. Cozy Bear (classified as advanced persistent threat APT29) are believed to be associated with Russian intelligence. Fancy Bear (also known as APT28, Pawn Storm, Sofacy Group, Sednit and STRONTIUM) is a cyber espionage group believed to be sponsored by the Russian government.
According to the Christian Science Monitor: “Traditionally, Cozy Bear targets potential victims with phishing attacks – email messages that appear to be from a legitimate, trusted friend or associate. Those messages may contain malicious software that scans a machine for antivirus software, then plants malware on the target machine that make it possible for attackers to monitor keystrokes, communications, documents and other sensitive material on target computers. Fancy Bear is known for stealing targets’ usernames and passwords by setting up dummy websites that appear real enough to convince users to input their email and password information.”
In September of 2015, Special Agent Adrian Hawkins of the Federal Bureau of Investigation called the Democratic National Committee to inform them of a security breech. The FBI referred to Cozy and Fancy Bears as “The Dukes”. Since that time 17 U.S. intelligence agencies have implicated Russia in the hack of the DNC.
It is believed that Putin used the information to undermine the Democrats in the election process. It is also believed that the Russian hackers breached the Republicans. The stolen Republican data will be used to blackmail the new President.
“No one should really be surprised they’d go after the DNC,” said Jason Healey, a senior research scholar at Columbia University. “It’s not really that different from going after the political and military information we suspect the US is also going after.”