A state-sponsored Russian hacking group infiltrated the computer systems of a Republican National Committee (RNC) contractor over the weekend. Bloomberg originally revealed that the RNC suffered a breach at the hands of prolific hackers APT29, aka Cozy Bear, who are believed to be behind a spate of high-profile cyberattacks on the US and its allies.
However, GOP officials were quick to refute that report, interjecting that the actual victim was a third-party IT services provider known as Synnex. The hack was orchestrated amid the backdrop of a larger supply chain cyberattack and increasing hostilities between the US and Russia over cyber-espionage campaigns.
In a statement, chief of staff Richard Walters said the RNC learned of the attack over the weekend and "immediately blocked all access from Synnex accounts to our cloud environment." After conducting a review of its systems with Microsoft, Walters said no RNC data had been accessed. Spokesman Mike Reed also told Bloomberg that “there is no indication the RNC was hacked or any RNC information was stolen.” Officials are currently working with law enforcement on the matter, Walters added.
With the focus on its services, GOP contractor Synnex also addressed the incident. The company confirmed it was aware of "a few instances where outside actors have attempted to gain access" to its customers "through the Microsoft cloud environment."
Cyberattacks are on the rise as criminal and government-backed hackers take advantage of the disruption to working patterns caused by the pandemic to extort and cause havoc. Just days ago, over 200 managed service providers were compromised after hackers breached the systems of management software giant Kaseya. Before that, leading US fuel supplier Colonial was forced to shut down one of its main pipelines after it suffered a ransomware attack.
To protect government networks, President Biden signed an executive order in May aimed at bolstering cybersecurity through improved info sharing between agencies, increased scrutiny of third-party software and an education program for the public. In addition, Biden called for the establishment of a formal set of rules for responding to a breach that would be reviewed by the head of CISA. Biden's retaliation against Russia, meanwhile, has included sanctions on dozens of entities and officials.
The Russian government-backed group believed to have perpetrated the Synnex breach is among the most notorious in the world. APT 29 was accused of breaching the Democratic National Committee in 2016 and for carrying out the wide scale SolarWinds cyberattack last December, which impacted nine US government agencies. It was also accused of brazenly attempting to steal COVID-19 vaccines research last July.