Russian government-backed hacking group Cozy Bear reportedly breached the computer systems of the Republican party.
While the GOP denies any data was stolen, Bloomberg, citing two people familiar with the matter, reports that the attack was thought to come from the same APT29 group that was blamed for a 2016 hack of the Democratic party.
The same hackers are thought to be behind the recent SolarWinds campaign and cyber espionage targeting those involved in COVID-19 vaccine development.
Republican party chief of staff Richard Walters told Bloomberg that the Republican National Committee learned over the weekend that third-party provider Synnex had been breached.
“We immediately blocked all access from Synnex accounts to our cloud environment,” he said. “Our team worked with Microsoft to conduct a review of our systems and after a thorough investigation, no RNC data was accessed. We will continue to work with Microsoft, as well as federal law enforcement officials, on this matter.”
In a separate statement, Synnex said it was conducting a thorough review of the attack since identified.
"We are a long-term distribution partner for Microsoft and along with them, responded with the requisite urgency to address the recent attacks and to limit the potential activities of these bad actors," said Dennis Polk, President, and CEO of Synnex. "We will remain vigilant and focused on the security of our organization."
The secure cloud configuration imperative
The central role of cloud security posture management
The incident is another in a string of attacks by Russia-based threat actors on US companies and infrastructure. Last month, President Biden brought up the problem with Russian president Vladimir Putin, warning the US would launch offensive cyber operations in the future unless the Kremlin cracked down on cyber attacks against the US.
Biden said to Putin that the US has “significant cyber capability”.
"He knows it. He doesn't know exactly what it is, but he knows it’s significant. If in fact they violate these basic norms, we will respond,” Biden told reporters after the meeting in Geneva, Switzerland. Biden told reporters that he had given Putin a list of 16 areas of the US economy that are off-limits to attack and would provoke a response.
The Kremlin has denied all previous attacks, including the ones on the 2016 presidential election that US intelligence officials concluded involved Russian interference.
Last week, the National Security Agency, the FBI, and the United Kingdom's National Cyber Security Centre released a joint report that discovered "malicious cyber activities by Russian military intelligence against the US and global organizations, starting from mid-2019 and likely ongoing."
