WASHINGTON – Three of the nation’s intelligence agencies have issued a report confirming allegations that Russian intelligence services have conducted a “decade-long campaign of cyber-enabled operations directed at the U.S. government and its citizens.”
The report was issued late Thursday as the Obama Administration announced widespread sanctions against the Russian government as punishment for the hacking, including hacks that related to the recent presidential election.
The Department of Homeland Security, the Office of the Director of National Security, and the FBI released a Joint Analysis Report (JAR) which “details the tools and infrastructure used by Russian intelligence services to compromise and exploit networks and infrastructure associated with the recent U.S. election, as well as a range of U.S. government, political and private sector entities.”
The latest report follows an Oct. 7 joint statement by Secretary of Homeland Security Jeh Johnson and Director of National Security James Clapper saying that the intelligence community is “confident the Russian government directed the recent compromises of e-mails from U.S. persons and institutions, including from U.S. political organizations, and that the disclosures of alleged hacked e-mails on sites like DCLeaks.com and WikiLeaks are consistent with the Russian-directed efforts.”
In the most recent report, the U.S. intelligence agencies said: “These cyber operations have included spearphishing, campaigns targeting government organizations, critical infrastructure, think tanks, universities, political organizations, and corporations; theft of information from these organizations; and the recent public release of some of this stolen information.”
The report also said that “in other countries, Russian intelligence services have also undertaken damaging and disruptive cyber-attacks, including on critical infrastructure, in some cases masquerading as third parties or hiding behind false online personas designed to cause victim to misattribute the source of the attack. The Joint Analysis Report provides technical indicators related to many of these operations, recommended mitigations, and information on how to report such incidents to the U.S. government.”
The report adds: “The U.S. government can confirm that the Russian government, including Russia’s civilian and military intelligence services, conducted many of the activities generally described by a number of these security companies. The Joint Analysis Report recognizes the excellent work undertaken by security companies and private sector network owners and operators, and provides new indicators of compromise and malicious infrastructure identified during the course of investigations and incident response.”
The reported added that U.S. government seeks to arm network defenders with the tools they need to identify, detect, and disrupt Russian malicious cyber activity that is targeting our country’s and our allies’ networks.