Last week, the United States formally accused Russia for cyberattacks involving the Democratic Party. It looks like the hack was actually much deeper than that, involving Republicans as well, and targeting people whose work the Russian government considers strategically important, and it’s been going on for longer than initially suspected.
The hacking appears to mostly have come through spearphishing, where a person is tricked into clicking an email or link from what looks like a trusted source, but actually loads malware onto the device. The malware gives the hackers access to emails, databases and work files, then spreads to the initial victim’s contacts.
The cyberattacks appear to have started two years ago, but got underway more in 2015. Targets included people connected to elections and foreign policy, Capitol Hill staffers, and campaign and party organizers. There was also a lot of activity surrounding people with close ties to Hillary Clinton’s State Department, the Clinton Foundation and her election campaign.
According to briefings by the Department of Homeland Security and the Federal Bureau of Investigation, the Russian hackers were able to gather information mainly through emails of their targets. Hack victims were notified and told to assess the damage.