National: Cybersecurity firm finds evidence that Russian military unit was behind DNC hack | The Washington Post
A cybersecurity firm has uncovered strong proof of the tie between the group that hacked the Democratic National Committee and Russia’s military intelligence arm — the primary agency behind the Kremlin’s interference in the 2016 election. The firm CrowdStrike linked malware used in the DNC intrusion to malware used to hack and track an Android phone app used by the Ukrainian army in its battle against pro-Russia separatists in eastern Ukraine from late 2014 through 2016. While CrowdStrike, which was hired by the DNC to investigate the intrusions and whose findings are described in a new report, had always suspected that one of the two hacker groups that struck the DNC was the GRU, Russia’s military intelligence agency, it had only medium confidence. Now, said CrowdStrike co-founder Dmitri Alperovitch, “we have high confidence” it was a unit of the GRU. CrowdStrike had dubbed that unit “Fancy Bear.” The FBI, which has been investigating Russia’s hacks of political, government, academic and other organizations for several years, privately has concluded the same. But the bureau has not publicly drawn the link to the GRU. CrowdStrike’s fingering of the GRU helps to deepen the public’s understanding of how different arms of the Russian government are carrying out malicious and deeply troubling cyber acts in the United States.