According to a new investigation from Bloomberg, cyber spies connected to the Russian government recently hacked into the Republican National Committee—though the RNC has denied that their systems were breached in this way.
According to Bloomberg, the hacker group known as “Cozy Bear”—thought to be connected to Russia’s intelligence service, the SVR—conducted the intrusion, though it’s not clear what they viewed or whether they stole any data. The hackers are believed to have gained entry to the RNC’s networks through one of its IT providers, a company called Synnex Corp.
The incident occurred this past 4th of July weekend—around the same time that a cybercriminal group was launching a massive ransomware attack on American IT firm Kaseya, the damage from which is still being assessed. The Russian cybercriminal group REvil has claimed responsibility for that attack.
A notorious threat actor, Cozy Bear has been blamed for large parts of the “SolarWinds” hack, the likes of which compromised close to a dozen federal agencies and droves of American businesses. The group, which also goes by its technical designation APT 29, has also been accused of hacking the Democratic National Committee in the past.
RNC officials have admitted that Synnex was breached this weekend but maintain that there was no evidence the RNC’s networks had been breached or that data had been stolen.
“Microsoft informed us that one of our vendors, Synnex, systems may have been exposed,” said Mike Reed, a spokesman for the RNC. “There is no indication the RNC was hacked or any RNC information was stolen. We are investigating the matter and have informed DHS and the FBI.”
In a statement put out Tuesday, RNC Chief of Staff Richard Walters reiterated that no data had been stolen.
“Over the weekend, we were informed that Synnex, a third party provider, had been breached. We immediately blocked all access from Synnex accounts to our cloud environment. Our team worked with Microsoft to conduct a review of our systems and after a thorough investigation, no RNC data was accessed. We will continue to work with Microsoft, as well as federal law enforcement officials on this matter.”
The incident has occurred at a time of heightened tensions between the U.S. and Russia over cyber attacks—with many now chiding the Biden administration for not putting enough pressure on Vladimir Putin to deal with the cybercriminals operating in his country.