DHS/FBI Issues Joint Analysis Report: GRIZZLY STEPPE – Russian Malicious Cyber Activity (Read Report)

Posted: 1:32 pm PT
[twitter-follow screen_name=’Diplopundit’ ]

 

Related to the declaration of 35 Russian officials persona non grata for malicious cyber activity and harassment (see USG Declares 35 Russian Officials Persona Non Grata, Imposes New Sanctions), DHS and FBI also released a Joint Analysis Report (JAR) which provide details of the tools and infrastructure used by Russian intelligence services to compromise and exploit networks and infrastructure associated with the recent U.S. election, as well as a range of U.S. government, political and private sector entities. Below via us-cert.gov: from the JAR: GRIZZLY STEPPE – Russian Malicious Cyber Activity. Click on image below to read the full Joint Analysis Report from DHS/FBI: JAR_16-20296. Original document is posted here.

In spring 2016, APT28 compromised the same political party, again via targeted spearphishing. This time, the spearphishing email tricked recipients into changing their passwords through a fake webmail domain hosted on APT28 operational infrastructure. Using the harvested credentials, APT28 was able to gain access and steal content, likely leading to the exfiltration of information from multiple senior party members. The U.S. Government assesses that information was leaked to the press and publicly disclosed.  

jar

#

Advertisements

USG Declares 35 Russian Officials Persona Non Grata, Imposes New Sanctions

Posted: 1:09 pm PT
[twitter-follow screen_name=’Diplopundit’ ]

 

On December 29, the State Department declared persona non grata 35 Russian officials operating in the United States “who were acting in a manner inconsistent with their diplomatic or consular status.”  The Treasury Department also announced that its Office of Foreign Assets Control (OFAC) imposed sanctions on two Russian individuals for engaging in malicious cyber-enabled activities pursuant to E.O. 13694.  Specifically, Evgeniy Mikhailovich Bogachev and Aleksey Alekseyevich Belan are being designated for their activities related to the significant misappropriation of funds or economic resources, trade secrets, personal identifiers, or financial information for private financial gain.  Meanwhile, DHS and FBI released a Joint Analysis Report (JAR) which provide details of the tools and infrastructure used by Russian intelligence services to compromise and exploit networks and infrastructure associated with the recent U.S. election, as well as a range of U.S. government, political and private sector entities. Below is the State Department statement:

The State Department today declared persona non grata 35 Russian officials operating in the United States who were acting in a manner inconsistent with their diplomatic or consular status. The Department also informed the Russian Government that it would deny Russian personnel access to two recreational compounds in the United States owned by the Russian Government.

The Department took these actions as part of a comprehensive response to Russia’s interference in the U.S. election and to a pattern of harassment of our diplomats overseas that has increased over the last four years, including a significant increase in the last 12 months. This harassment has involved arbitrary police stops, physical assault, and the broadcast on State TV of personal details about our personnel that put them at risk. In addition, the Russian Government has impeded our diplomatic operations by, among other actions: forcing the closure of 28 American corners which hosted cultural programs and English-language teaching; blocking our efforts to begin the construction of a new, safer facility for our Consulate General in St. Petersburg; and rejecting requests to improve perimeter security at the current, outdated facility in St. Petersburg.

Today’s actions send a clear message that such behavior is unacceptable and will have consequences.

 #

memers

 

#