Meth Smokers Tried To Enter NSA HQ With Guns, Drugs And A Grenade, Government Claims
It looks like Russia, it smells like Russia, so it’s probably Russia. So goes the current line of thinking in the security community as it tries to figure out who leaked reams of files pilfered from the campaign staff of the incoming French President Emmanuel Macron.
Take, for instance, FireEye, the cybersecurity firm credited with first identifying Democratic National Committee hackers known as APT28 and Fancy Bear as a Russian operation; that crew is now the number one suspect in the Macron attack, which saw data leaked Friday, just two days before the second round of the French election.
FireEye, as others have surmised, said the links between APT28 and the Macron hit are largely based on “TTPs” – tactics, techniques and procedures. The Macron attackers – from their phishing attempts to the public dissemination of data partly aided by Wikileaks’ Twitter account – used many of the same TTPs associated with previous APT28 activity, said FireEye’s head of cyberespionage intelligence John Hultqvist.
There were also two IP addresses both hosted in Europe, which served up phishing sites targeted at Macron’s En Marche campaign: onedrive-en-marche.fr and mail-en-marche.
fr. Those sites, set up in March and April, were originally attributed by Trend Micro to Fancy Bear (which it dubbed Pawn Storm) before the leaks.But Hultqvist could only say the attack was “probably” carried out by APT28, a group the U.S. government claimed was run out of the Kremlin’s…
The post Did Russia Hack Macron? The Evidence Is Far From Conclusive appeared first on FeedBox.