PARIS: The same Russian government-aligned hackers who penetrated the Democratic Party have spent the past few months laying the groundwork for an espionage campaign against the US Senate, a cybersecurity firm said Friday.
The revelation suggests the group often nicknamed Fancy Bear, whose hacking campaign scrambled the 2016 US electoral contest, is still busy trying to gather the emails of America’s political elite.
“They’re still very active — in making preparations at least — to influence public opinion again,” said Feike Hacquebord, a security researcher at Trend Micro Inc., which published the report. “They are looking for information they might leak later.”
The Senate Sergeant at Arms office, which is responsible for the upper house’s security, declined to comment.
Hacquebord said he based his report on the discovery of a clutch of suspicious-looking websites dressed up to look like the US Senate’s internal email system. He then cross-referenced digital fingerprints associated with those sites to ones used almost exclusively by Fancy Bear, which his Tokyo-based firm dubs “Pawn Storm.”
Trend Micro previously drew international attention when it used an identical technique to uncover a set of decoy websites apparently set up to harvest emails from the French presidential candidate Emmanuel Macron’s campaign in April 2017. The sites’ discovery was followed two months later by a still-unexplained publication of private emails from several Macron staffers in the final days of the race.
Hacquebord said the rogue Senate sites — which were set up in June and September of 2017 — matched their French counterparts.
“That is exactly the way they attacked the Macron campaign in France,” he said.
Attribution is extremely tricky in the world of cybersecurity, where hackers routinely use misdirection and red herrings to fool their adversaries. But Tend Micro, which has followed Fancy Bear for years, said there could be no doubt.
“We are 100 percent sure that it can attributed to the Pawn Storm group,” said Rik Ferguson, one of the Hacquebord’s colleagues.
Like many cybersecurity companies, Trend Micro refuses to speculate publicly on who is behind such groups, referring to Pawn Storm only as having “Russia-related interests.” But the US intelligence community alleges that Russia’s military intelligence service pulls the hackers’ strings and a months-long Associated Press investigation into the group, drawing on a vast database of targets supplied by the cybersecurity firm Secureworks, has determined that the group is closely attuned to the Kremlin’s objectives.
If Fancy Bear has targeted the Senate over the past few months, it wouldn’t be the first time. An AP analysis of Secureworks’ list shows that several staffers there were targeted between 2015 and 2016.
Among them: Robert Zarate, now the national security adviser to Florida Senator Marco Rubio; Josh Holmes, a former chief of staff to Senate Majority Leader Mitch McConnell who now runs a Washington consultancy; and Jason Thielman, the chief of staff to Montana Senator Steve Daines. A Congressional researcher specializing in national security issues was also targeted.
Fancy Bear’s interests aren’t limited to US politics; the group also appears to have the Olympics in mind.
Trend Micro’s report said the group had set up infrastructure aimed at collecting emails from a series of Olympic winter sports federations, including the International Ski Federation, the International Ice Hockey Federation, the International Bobsleigh & Skeleton Federation, the International Luge Federation and the International Biathlon Union.
The targeting of Olympic groups comes as relations between Russia and the International Olympic Committee are particularly fraught. Russian athletes are being forced to compete under a neutral flag in the upcoming Pyeongchang Olympics following an extraordinary doping scandal that has seen 43 athletes and several Russian officials banned for life. Amid speculation that Russia could retaliate by orchestrating the leak of prominent Olympic officials’ emails, cybersecurity firms including McAfee and ThreatConnect have picked up on signs that state-backed hackers are making moves against winter sports staff and anti-doping officials.
On Wednesday, a group that has brazenly adopted the Fancy Bear nickname began publishing what appeared to be Olympics and doping-related emails from between September 2016 and March 2017. The contents were largely unremarkable but their publication was covered extensively by Russian state media and some read the leak as a warning to Olympic officials not to press Moscow too hard over the doping scandal.
Whether any Senate emails could be published in such a way isn’t clear. Previous warnings that German lawmakers’ correspondence might be leaked by Fancy Bear ahead of last year’s election there appear to have come to nothing.
On the other hand, the group has previously dumped at least one US legislator’s correspondence onto the web.
One of the targets on Secureworks’ list was Colorado State Senator Andy Kerr, who said thousands of his emails were posted to an obscure section of the website DCLeaks — a web portal better known for publishing emails belonging to retired Gen. Colin Powell and various members of Hillary Clinton’s campaign — in late 2016.
Kerr said he was still bewildered as to why he was targeted. He said that while he supported transparency, “there should be some process and some system to it.
“It shouldn’t be up to a foreign government or some hacker to say what gets released and what shouldn’t.”
Russian hackers laying groundwork to spy on US Senate: Cybersecurity firm
Russian hackers laying groundwork to spy on US Senate: Cybersecurity firm
Proposals on immigration enforcement flood into state legislatures, heightened by Minnesota action
- Oregon Democrats plan to introduce a bill to allow residents to sue federal officers for violating their Fourth Amendment rights against unlawful search and seizure
NASHVILLE, Tennessee: As Democrats across the country propose state law changes to restrict federal immigration officers after the shooting death of a protester in Minneapolis, Tennessee Republicans introduced a package of bills Thursday backed by the White House that would enlist the full force of the state to support President Donald Trump’s immigration crackdown.
Momentum in Democratic-led states for the measures, some of them proposed for years, is growing as legislatures return to work following the killing of Renee Good by an Immigration and Customs Enforcement officer. But Republicans are pushing back, blaming protesters for impeding the enforcement of immigration laws.
Democratic bills seek to limit ICE
Democratic Gov. Kathy Hochul wants New York to allow people to sue federal officers alleging violations of their constitutional rights. Another measure aims to keep immigration officers lacking judicial warrants out of schools, hospitals and houses of worship.
Oregon Democrats plan to introduce a bill to allow residents to sue federal officers for violating their Fourth Amendment rights against unlawful search and seizure.
New Jersey’s Democrat-led Legislature passed three bills Monday that immigrant rights groups have long pushed for, including a measure prohibiting state law enforcement officers from cooperating with federal immigration enforcement. Democratic Gov. Phil Murphy has until his last day in office Tuesday to sign or veto them.
California lawmakers are proposing to ban local and state law enforcement from taking second jobs with the Department of Homeland Security and make it a violation of state law when ICE officers make “indiscriminate” arrests around court appearances. Other measures are pending.
“Where you have government actions with no accountability, that is not true democracy,” Democratic state Sen. Scott Wiener of San Francisco said at a news conference.
Democrats also push bills in red states
Democrats in Georgia introduced four Senate bills designed to limit immigration enforcement — a package unlikely to become law because Georgia’s conservative upper chamber is led by Lt. Gov. Burt Jones, a close Trump ally. Democrats said it is still important to take a stand.
“Donald Trump has unleashed brutal aggression on our families and our communities across our country,” said state Sen. Sheikh Rahman, an immigrant from Bangladesh whose district in suburban Atlanta’s Gwinnett County is home to many immigrants.
Democrats in New Hampshire have proposed numerous measures seeking to limit federal immigration enforcement, but the state’s Republican majorities passed a new law taking effect this month that bans “sanctuary cities.”
Tennessee GOP works with White House on a response
The bills Tennessee Republicans are introducing appear to require government agencies to check the legal status of all residents before they can obtain public benefits; secure licenses for teaching, nursing and other professions; and get driver’s licenses or register their cars.
They also would include verifying K-12 students’ legal status, which appears to conflict with a US Supreme Court precedent. And they propose criminalizing illegal entry as a misdemeanor, a measure similar to several other states’ requirements, some of which are blocked in court.
“We’re going to do what we can to make sure that if you’re here illegally, we will have the data, we’ll have the transparency, and we’re not spending taxpayer dollars on you unless you’re in jail,” House Speaker Cameron Sexton said at a news conference Thursday.
Trump administration sues to stop laws
The Trump administration has opposed any effort to blunt ICE, including suing local governments whose “sanctuary” policies limit police interactions with federal officers.
States have broad power to regulate within their borders unless the US Constitution bars it, but many of these laws raise novel issues that courts will have to sort out, said Harrison Stark, senior counsel with the State Democracy Research Initiative at the University of Wisconsin Law School.
“There’s not a super clear, concrete legal answer to a lot of these questions,” he said. “It’s almost guaranteed there will be federal litigation over a lot of these policies.”
That is already happening.
California in September was the first to ban most law enforcement officers, including federal immigration officers, from covering their faces on duty. The Justice Department said its officers won’t comply and sued California, arguing that the laws threaten the safety of officers who are facing “unprecedented” harassment, doxing and violence.
The Justice Department also sued Illinois last month, challenging a law that bars federal civil arrests near courthouses, protects medical records and regulates how universities and day care centers manage information about immigration status. The Justice Department claims the law is unconstitutional and threatens federal officers’ safety.
Targeted states push back
Minnesota and Illinois, joined by their largest cities, sued the Trump administration this week. Minneapolis and Minnesota accuse the Republican administration of violating free speech rights by punishing a progressive state that favors Democrats and welcomes immigrants. Illinois and Chicago claim “Operation Midway Blitz” made residents afraid to leave their homes.
Homeland Security spokesperson Tricia McLaughlin accused Minnesota officials of ignoring public safety and called the Illinois lawsuit “baseless.”
