The world got a fresh reminder Tuesday of the difficulties associated with assigning blame for hacking – and of the consequences when a case of mistaken identity takes hold. New evidence reinforces the notion that a group dubbed the CyberCaliphate, which sent death threats to the wives of U.S. military personnel in 2015 under the banner of the Islamic State, is actually an infamous Russian-government-linked hacking group accused of meddling in the 2016 U.S. presidential election, the Associated Press reported. Activity from the CyberCaliphate coincided with attempts by the Russian group, known as APT28 or Fancy Bear, to breach the womens’ email accounts, according to the Associated Press. The episode brings to life established links between the CyberCaliphate and APT28 in a way that no cybersecurity research did. The hacking victims were led to believe that jihadists, and not state-backed Russians, were breaching their accounts and leaving threatening messages.
Amy Bushatz, a journalist and one of the women allegedly targeted by APT28 in this case, took issue with the U.S. government’s response to the hacking.
Over the course of a month during which the attack took place, Army officials sent personal data for at least 500 Army family members to her personal email address, Bushatz said. “If I was compromised, so were they,” she wrote Tuesday. “And they likely have no idea. The U.S. government knew this happened and did virtually nothing.”
Told of APT28’s alleged use of a false-flag operation against U.S. military families, American lawmakers said the United States had much more to do to keep Russia in check in cyberspace. (Moscow has repeatedly denied orchestrating such hacking operations against the United States.)
“We need to continue to do more until [the Russian government feels] the pain…and they understand that their actions – and acting irresponsibly in cyberspace – are not going to be tolerated,” Rep. Jim Langevin, D-R.I., co-founder of the Congressional Cybersecurity Caucus, told CyberScoop.