In February 2016, researchers from security company CrowdStrike, pointed out that the DNC attack wasn’t the result of the action of a lone wolf, instead, two sophisticated Russian espionage groups, COZY BEAR and FANCY BEAR were involved in the cyber espionage operation.
A portion of the intelligence community believes that the Russia-linked hacker Guccifer 2.0 is a Russian intelligence agent.
“Guccifer 2.0, the “lone hacker” who took credit for providing WikiLeaks with stolen emails from the Democratic National Committee, was in fact an officer of Russia’s military intelligence directorate (GRU), The Daily Beast has learned.” reads the analysis published by The Daily Beast.
“It’s an attribution that resulted from a fleeting but critical slip-up in GRU tradecraft.”
In January 2017, the US intelligence linked the the DNC hack and the cyber attacks against the Hillary Clinton’s campaign to Russian intelligence groups.
Guccifer 2.0 took credit for some of the attacks denying any link with the Kremlin, by US authorities believe the hacker is a product of a Russian disinformation campaign.
The experts at cybersecurity firm ThreatConnect also determined that Guccifer 2.0 was linked to Russian intelligence. According to ThreatConnect, Guccifer 2.0 had been using a Virtual Private Network service, Elite VPN, to remain anonymous, but on one occasion he failed to activate the VPN client before logging on.
According to a source familiar with the government’s Guccifer investigation, the hacker was using a system having a Moscow-based IP address that was logged by an American social media company.
“Almost immediately various cyber security companies and individuals were skeptical of Guccifer 2.0 and the backstory that he had generated for himself,” said Kyle Ehmke, an intelligence researcher at the cyber security firm ThreatConnect. “We started seeing these inconsistencies that led back to the idea that he was created hastily… by the individual or individuals that affected the DNC compromise.”
“Working off the IP address, U.S. investigators identified Guccifer 2.0 as a particular GRU officer working out of the agency’s headquarters on Grizodubovoy Street in Moscow. (The Daily Beast’s sources did not disclose which particular officer worked as Guccifer.)” continues the report.
The GRU military agency is believed to run the dreaded Fancy Bear APT, that is behind the DNC hack, cyber espionage campaign against NATO and Obama’s White House and cyber attacks against the World Anti-Doping Agency, and numerous militaries and government agencies in Europe, Central Asia, and the Caucasus.
The special counsel Robert Mueller determined that Russia intelligence interfered with US elections in the attempt to boost Trump’s candidacy.
On July 22, 2016, WikiLeaks began releasing the documents stolen by Guccifer 2.0, a huge trove of approximately 19,000 emails and 8,000 attachments stolen by the hacker. Trump promptly promoted the leak on Twitter, while his adviser Roger Stone in an article written for Breitbart (a name familiar with Cambridge Analytica case too), sustained that Guccifer 2.0 was a Romanian hacktivist.
“Sometime after its hasty launch, the Guccifer persona was handed off to a more experienced GRU officer, according to a source familiar with the matter. The timing of that handoff is unclear, but Guccifer 2.0’s last blog post, from Jan. 12, 2017, evinced a far greater command of English than the persona’s earlier efforts.” concluded The Daily Beast.
“It’s obvious that the intelligence agencies are deliberately falsifying evidence,” the post read. “In my opinion, they’re playing into the hands of the Democrats who are trying to blame foreign actors for their failure.”
(Security Affairs – Guccifer 2.0, Russia)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.