Alleged Russian Security Breach on Republican GOP System

In a series of endless attacks on the U.S. and its allies’ infrastructures, a wave of Russian government-associated hacks and ransomware attacks have been reoccurring, and now another security breach has been identified on third-party provider Synnex.

Following their previous attack on SolarWinds, the Russian group known as Cozy Bear, backed by the Russian government has allegedly breached another IT company’s computer system, reaching a new level of cyber espionage.

According to Bloomberg, the Russian hacking group intruded the computer system of a Republican National Committee (RNC) contractor over the weekend. However, the GOP officials were quick to refute any report of stolen data and exclaimed that the actual victim is the third-party IT services provider Synnex. 

“We immediately blocked all access from Synnex accounts to our cloud environment,” Republican party chief of staff Richard Walters informed Bloomberg. “Our team worked with Microsoft to conduct a review of our systems and after a thorough investigation, no RNC data was accessed. We will continue to work with Microsoft, as well as federal law enforcement officials, on this matter,” he added to his statement.

Last week, the National Security Agency, alongside the FBI and the United Kingdom’s National Cyber Security Center released a collaborative report discussing the current cyberattacks. The report revealed that mischievous cyber actions by Russian military intelligence against the U.S. and global organizations have started from mid-2019 and while most likely keep happening.

From its part, Synnex, the multinational corporation that delivers B2B services, said in a statement that it was overseeing a comprehensive assessment of the attack from the minute it was discovered.

“We are a long-term distribution partner for Microsoft and along with them, responded with the requisite urgency to address the recent attacks and to limit the potential activities of these bad actors,” said Dennis Polk, President and CEO of Synnex.

“We will remain vigilant and focused on the security of our organization,” he added.

As a response to the rising criminal cyberattacks and government-backed hacks, U.S. President Joe Biden signed an executive order earlier in May to shine some light on the matter.

President Biden’s goal is to minimize security breaches and aim to enhance info-sharing between agencies, increase scrutiny of third-party software, and release an educational program for the public.

Moreover, there is a bundle of parallel conclusions to be drawn between the Synnex hack and the security breach on Hilary Clinton’s presidential campaign in 2016. The hack resulted in thousands of emails being leaked on WikiLeaks, ultimately leading to the indictment of 12 members of a Russian military intelligence agency.

The Russian-backed group believed to have committed the Synnex breach is considered one of the most disreputable hackers in the world.

APT 29 group, or as commonly referred to as Cozy Bear, was accused of breaching the Democratic National Committee and 2016, followed by the notorious SolarWinds cyberattack that took place last December.