Meet Cozy Bear — the Russian cyber espionage group allegedly behind US government data breach
- The US government’s Treasury and Commerce department are reportedly warding off a hacking attempt by the Russian hacker group known as
- This is only the latest in the long line of hacks that the state-sponsored group of cybercriminals have been linked to with respect to the US government.
- Over the past six years, Cozy Bear has been behind at least five data breaches against the US government.
Reuters initially reported the incident with sources claiming that the breach led to an emergency meeting of the National Security Council at the White House on December 12. A ‘foreign government’ had been able to break through and steal sensitive information.
But, according to The Washington Post, it wasn’t just any foreign government — it was the Russians. And, it was the same group of hackers who were able to breach through FireEye’s defences less than a week ago.
AdvertisementIn fact, the attack on the US government is only the latest in what is a long line of data theft campaigns led by a group of state-sponsored
Who is Cozy Bear?
According to cybersecurity firm Kaspersky Lab, Cozy Bear is a ‘precise attacker’. In addition to the US, the hacker group's targets also include government organisations and commercial entities in Germany, South Korea and Uzbekistan.
During their past exploits, they have also been referred to as the Office Monkeys, CozyCar, The Dukes and CozyDuke.
Russian hackers breach US defences thrice in two years
This isn’t the first time that Cozy Bear has come after the US government. The first time they were caught was back in 2014, when the group launched a campaign targetting the White House and the Department of State.
At the time the breach was dubbed the ‘ worst ever’ hack on the US government. And, it took over three months for the authorities to clean out the system even though it was only the ‘unclassified’ email system that was breached.
But, that was only the first many attacks that were to come. In another attack in 2015, Cozy Bear targetted the Pengaton’s email system. It affected some 4,000 military and civilian personnel who worked for the highest-ranking officials — the Joints Chiefs of Staff — within the organisation.
The same year, unknown to the public at the time, Cozy Bear was also hacking the Democratic National Committee ( DNC), stealing passwords and other sensitive information.
The post-2016 election phishing campaign
Within hours of
And, again, Cozy Bear was allegedly at the centre of it. A blast of emails was sent to people of important posts within national security, defence, international affairs, public policy and European and Asian studies.
Cozy Bear’s second attack against the US government this year
The year 2020 has seen an explosion in cybercriminal activity. And, Cozy Bear is no exception.
Earlier this year in July, the Russian hackers’ group was accused by the National Security Agency (NSA), National Counterintelligence and Security Centre (NCSC) and the Canadian Centre for Cyber Security ( CSE) of trying to steal data on COVID-19 vaccine and treatments that were being developed in the US, the UK, and Canda.
Geminid meteor shower will be visible over parts of India tonight
Indian users among the most affected by a new threat that is affecting three of the most popular web browsers in the world
Carbon emissions in India show third-highest drop after US and Europe in 2020 — thanks to COVID-19 lockdowns
- GST exemption on domestic supplies, commercial imports of COVID drugs to make them costlier, says Finance Minister Nirmala Sitharaman
- Uttar Pradesh government extends statewide lockdown till May 17
- Marriage functions to be held at home or court with maximum gathering of 20 people, says Delhi DDMA
- PM Modi speaks to Chief Minsters of Punjab, Karnataka, Bihar and Uttarakhand regarding COVID-19 situation in their respective states
- If you are feeling anxious and overwhelmed by the pandemic and the news around it, here are a few ways to calm yourself down