CLICK TO SHARE
The Kremlin likely hacked the oil giant. Their next play: Selectively release—and even forge—documents. Did the US learn enough from 2016 to ignore them?
The oil firm Burisma sits at the center of the Venn diagram of two of the Kremlin's hacking obsessions: It's in Ukraine, Russia's favorite playground for all manner of cyberattacks. And it's at the core of a political controversy that might further divide the US and help Donald Trump's presidential campaign. All of that makes Burisma an almost inevitable target for another hacking-and-leaking operation of the sort that Russia carried out against the Democratic National Committee and the Clinton campaign in 2016—once again with the goal of influencing a US election.
Now the first evidence has surfaced, in a report from security firm Area 1, that the very same team of Russian hackers who hit those election in targets may in fact have hacked Burisma. If so, the next step in the Kremlin playbook is very likely another round of selectively leaked documents aimed at swaying the 2020 election result. The possibility raises a tough question: Did the US learn anything from the last round? Or are voters—and the media—as susceptible as ever to a well-executed Russian influence operation?
On Monday evening, The New York Times reported, citing Area 1, that the hacking group known as Fancy Bear or APT28 targeted Burisma with a phishing campaign that began in November, just as the company found itself at the center of a political maelstrom. Democratic presidential hopeful Joe Biden's son Hunter served on its board until last year, and Trump's impeachment has centered around allegations that he pressured the Ukrainian government to open a corruption investigation into Burisma to harm the senior Biden's campaign.
For now, it's still not entirely proven that Russia did hack Burisma. Some cybersecurity analysts see Area 1's evidence tying the phishing campaign to the Fancy Bear—and determining that those phishing emails worked—as less than definitive. (Security firm ThreatConnect, for instance, looked at some of the same phishing domains used in the campaign late last year and concluded with only "moderate confidence" that Fancy Bear was behind them. Area 1, meanwhile, tells WIRED that its findings are "incontrovertible" and that it has more evidence that it declined to share publicly.)
If you don't see any comments yet, congrats! You get first comment. Be nice and have fun.
CLICK TO SHARE