In the United States published a joint report of the Department of homeland security and the FBI, which referred to two hacker attacks recorded in the United States in the summer of 2015 and spring of 2016. In the report they are marked as “advanced persistent threats network” (Advanced Persistent Threat, APT) APT28 and APT29, the document States that they made two groups of military and civilian intelligence services.
This campaign of the Ministry called GRIZZLY STEPPE. According to the report, both groups have repeatedly attacked information systems governmental and research organizations, universities and corporations around the world. Both groups behind the attacks, engaged in phishing, spreading links to fake websites that mimic the websites of targeted organizations, and the group who organized the attack APT29 also spread the virus through the distribution of files employees of the target organizations. During the attack APT29 in the summer of 2015 a group of hackers managed to infect the information systems of the American political party, when one of the target person opened an infected attachment to an email, and the virus infiltrated the system, the report said. After that, the hackers managed to gain control over email accounts and download from there a correspondence of several people.
Attack APT28, which was implemented in the spring of 2016, were held in respect of the same political party, the party the report is not called. The result of a phishing attack, the attackers got passwords from email accounts of a few key people and were able to download the contents of the mailbox of party leaders. The US government believes that this correspondence was provided to the media and published.
According to information presented in the report, employees of the Russian intelligence continues to conduct phishing attacks against us government. The last newsletter was launched in November 2016, after the elections in the United States, the document says.