Nation

Cybersecurity firm says Senate in crosshairs of Russian hackers

WASHINGTON — The Russian hackers who stole e-mails from the Democratic National Committee as part of a campaign to interfere with the 2016 election have been trying to steal information from the US Senate, according to a report published Friday by a computer security firm.

Beginning last June, the Russian hackers set up websites that were meant to look like an e-mail system available only to people using the Senate’s internal computer network, according to the report by Trend Micro Inc.

The sites were designed to trick people into divulging their personal credentials, such as usernames and passwords.

Advertisement

These ‘‘spear phishing’’ techniques are frequently used by the Russian group, which the company dubs Pawn Storm, to read or copy e-mails or other private documents.

Get Ground Game in your inbox:
Daily updates and analysis on national politics from James Pindell.
Thank you for signing up! Sign up for more newsletters here

Trend Micro has linked the group, better known as Fancy Bear, to campaigns targeting political organizations in France and Germany. Last year, US intelligence agencies concluded the hacker group, which is associated with Russian military intelligence, stole e-mails from the DNC that were subsequently provided to WikiLeaks.

The Trend Micro report didn’t say if the operation targeting the Senate had successfully stolen information.

Trend Micro concluded that hacking campaigns against political organizations were unlikely to dissipate.

‘‘Political organizations have to be able to communicate openly with their voters, the press, and the general public. This makes them vulnerable to hacking and spear phishing,’’ the company said in its report.

Advertisement

Feike Hacquebord, a security researcher at Trend Micro, told the Associated Press that Fancy Bear is still trying to gather the e-mails of various American political leaders.

‘‘They’re still very active — in making preparations at least — to influence public opinion again,’’ Hacquebord told the Associated Press. ‘‘They are looking for information they might leak later.’’

Hacquebord said he based his report on the discovery of the websites designed to look like the Senate’s e-mail system. He then cross-referenced digital fingerprints associated with those sites to ones used almost exclusively by Fancy Bear.

Tokyo-based Trend Micro previously drew international attention when it used an identical technique to uncover a set of decoy websites apparently set up to harvest e-mails from the French presidential candidate Emmanuel Macron’s campaign in April 2017.

The discovery of the sites was followed two months later by a still-unexplained publication of private e-mails from several Macron staffers in the final days of the race.

Advertisement

Hacquebord said the rogue Senate sites — which were set up in June and September of 2017 — matched their French counterparts.

Attribution is tricky because hackers routinely use misdirection and red herrings to fool their adversaries. But Trend Micro, which has followed Fancy Bear for years, said there could be no doubt.

Like many cybersecurity companies, Trend Micro refuses to speculate publicly on who is behind such groups, referring to Pawn Storm only as having ‘‘Russia-related interests.’’

But the US intelligence community alleges that Russia’s military intelligence service pulls the hackers’ strings, and a months-long AP investigation into the group, drawing on a vast database of targets supplied by the cybersecurity firm Secureworks, has determined that the group is closely attuned to the Kremlin’s objectives.

If Fancy Bear has targeted the Senate over the past few months, it wouldn’t be the first time. An AP analysis of Secureworks’ list shows that several staffers there were targeted between 2015 and 2016.

Fancy Bear also appears to have an interest in Olympics e-mails.

Its targeting of Olympic groups comes as relations between Russia and the International Olympic Committee are strained. Russian athletes are being forced to compete under a neutral flag in the upcoming Pyeongchang Olympics following an extraordinary doping scandal that has seen 43 athletes and several Russian officials banned for life.