Russian hackers (fl. 2008- ) break into computers for a living. They have stolen billions from banks, disabled power plants in Ukraine, shut down the Internet in Estonia, and likely helped Donald Trump get elected president in the US – among other things. Some are plain old criminals or thrill seekers, others are spies working for the Russian government.
Tricks of the trade:
- malware – programs that get into a computer to do the hacker’s bidding, like recording keystrokes or copying files.
- spear-phishing: sending emails to users of interest, like John Podesta, to get them to enter their password, credit card information, etc, or to infect their computer with malware. This is done by getting them to open an email attachment or go to a waterhole:
- waterhole: looks just like a trusted website but has been set up by hackers to get your password, get malware onto your computer, etc. In most cases the only way an ordinary person can tell it is fake is from its URL:
- typosquatting – using a URL that looks like the right one, but is off in some way. For example, the website to give money to the Democratic Party was ActBlue.com – so hackers set up a website that looked just like it but was at ActBlues.com. Spot the difference! Not everyone does.
Note that “computer” can mean your mobile phone, not just a laptop or desktop computer.
- CrowdStrike – the US cybersecurity firm that looked into the computer break-in at the Democratic National Committee (DNC).
- Cozy Bear – the name given by CrowdStrike to the hackers who broke into the DNC computers in 2015. Called “Bear” because they believe them to be Russian.
- Fancy Bear – broke into the DNC computers a year later, in 2016. Did not seem to know about the Cozy Bear hack, copying some of the same files. CrowdStrike believes Cozy Bear and Fancy Bear work for different branches of Russian intelligence.
- Guccifer 2.0 – a WordPress blogger who claims to be Cozy Bear, but says he is not a “bear” (Russian) but Romanian. Says CrowdStrike blamed the Russians to cover their own incompetence.
- Julian Assange – the Australian hacker who runs WikiLeaks, the website that made files from DNC computers public. He denies they came from Russians.
Are Cozy Bear and Fancy Bear Russian spies? Most likely:
- The hacks were extremely professional, among the best in the business.
- Most of the malware was written on a Russian keyboard in Russian time zones.
- Much of the same malware was used to hack the US and Ukrainian militaries – only Russian intelligence would have the means and motive to hack both.
- The DNC material was used to benefit Russia and not, say, China or Iran.
CrowdStrike thinks it was Russian intelligence and has made its findings public.
But, even if all this is true, so far there is no solid proof, no smoking gun, that shows that Donald Trump had anything to do with it. In terms of Watergate, it is still 1972.
– Abagond, 2017.
Source: mainly “The Plot to Hack America” (2016) by Malcolm Nance.