Russian hackers managed to breach the computer network of the Democratic National Committee and stole opposition research on Republican presidential candidate Donald Trump.
The hackers had access to email and chat traffic as far back as last summer, the Washington Post reported on Tuesday. No financial data was stolen, however, suggesting that espionage was the motive.
The hackers belong to two separate groups that have been linked to the Russian government, according to security firm Crowdstrike, which was hired to mitigate the data breach.
Codenamed "Cozy Bear" and "Fancy Bear," the two groups are both notorious for hacking governments across the world, Crowdstrike said in a blog post. Cozy Bear, for instance, infiltrated networks used by the White House and U.S. State Department last year. It was the first group to breach the DNC network last summer, while Fancy Bear conducted its own attack in April.
"They were looking for information on policy, political campaigns and strategies, foreign policy plans, etc.," Crowdstrike added in an email.
It isn’t clear how the hacking groups managed to breach the DNC network. But both groups have used sophisticated phishing attacks to target their past victims, Crowdstrike said.
Both groups were also persistently working to clear their tracks and avoid detection from the DNC, but the hacking was stopped over this past weekend. The groups didn't appear to be working together.
The DNC, the coordinating body of the U.S. Democratic Party, confirmed the breach on Tuesday.
“When we discovered the intrusion, we treated this like the serious incident it is and reached out to CrowdStrike immediately," Representative Debbie Wasserman Schultz, a Florida Democrat and the DNC chairwoman, said by email. "Our team moved as quickly as possible to kick out the intruders and secure our network."
In May, U.S. intelligence chief James Clapper warned that cyber hackers were targeting presidential candidates for reasons including espionage. The attacks could intensify, he said.
Cozy Bear and Fancy Bear are among the best hacking groups in the world, according to Crowdstrike. In addition to the U.S., the groups have targeted victims in Europe, China, Japan and attacked a variety of sectors including defense, aerospace, and energy.
"Their tradecraft is superb, operational security second to none," Crowdstrike said.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.