Russian military hackers have successfully infiltrated the Ukrainian gas company at the heart of the impeachment drama surrounding President Donald Trump, Vice President Joe Biden and his family, according to cybersecurity researchers.
Employees of the gas company, Burisma Holdings, were tricked into giving up their computer credentials by a sophisticated network of fake websites set up by Russian military intelligence, the GRU, said Area 1, an online security firm.
The websites were designed to look and feel like the same ordinary work products that Burisma employees would access on a daily basis, said Area 1 in its report.
The New York Times was the first to report the hack, and noted the attempts began in early November, as the Bidens, Ukraine and impeachment were dominating the news in the United States while the House impeachment hearings were underway.
It is unclear what information the hackers sought or how deeply Burisma may have been compromised. A cybersecurity expert speaking to this was likely not the first time Russian operators have hacked Burisma, adding that Russian hackers are very aggressive in their cyber efforts inside Ukraine.
But in light of Burisma’s role in the unfolding political saga — in which Trump pushed Ukrainian officials to investigate Biden and his son, Hunter, who had served on Burisma’s board — the probing of the company’s systems closely resembles Russian efforts in 2016 to destabilize the US election.
“The timing of the GRU’s campaign in relation to the 2020 U.S. elections raises the spectre that this is an early warning of what we have anticipated since the successful cyberattacks undertaken during the 2016 U.S. elections,” said the report.
Area 1 monitors the internet for so-called “phishing” attacks. It was founded in 2013 by two former National Security Agency officials and a computer scientist.
Oren Falkowitz, the company’s co-founder and CEO, told CNN in an interview that Area 1 has been tracking the GRU for some time.
“We’ve been able to definitively link it based on patterns consistent from this campaign with many others,” he said.
Asked whether he had notified Burisma of the Russian campaign, Falkowitz acknowledged that the company had made a “series of disclosures.” He declined to comment on “who we spoke with prior to releasing, but it was consistent with responsible standards.”