14 DAY TRIAL // Defense One, a news site dedicated to US military topics, reports that a Russian-linked cyber-espionage group known as APT29 has attempted to hack several Washington-based think tank organizations.
According to the Defense One report, the attacks took place last week and were successfully detected and stopped by CrowdStrike, the US security vendor that was called in to investigate the infamous DNC hack incident.
CrowdStrike says APT29 is behind the attacks
According to CrowdStrike founder Dmitri Alperovitch, the attacker fits the pattern found in attacks carried out by a cyber-espionage group called APT29, also known as COZY BEAR or CozyDuke.
Security vendors that have analyzed this group's activities in the past suspect it may have affiliations with the FSB, Russia's main intelligence services, a department previously led by Vladimir Putin himself before becoming Russia's President.
APT29 is one of the two cyber-espionage groups that are suspected of hacking the DNC earlier this year. APT29 compromised the DNC servers in the summer of 2015 but was never discovered, at least until APT28 hacked the same server in April 2016, drawing CrowdStrike's gaze.
Attacks targeted ten individuals working at think tanks
Alperovitch says APT29 targeted fewer than five organizations and ten staffers, all working on Russia-related topics.
"Think tank" is a term used predominantly in the US to describe organizations that perform research concerning topics such as social policy, political strategy, economics, military, technology, and culture.
In the US geo-political landscape, these organizations are usually tasked with exploring military and political scenarios and possible outcomes for upcoming government decisions and world events.
An attacker who has access to research carried out by think tank organizations will learn of the government's future plans or scenarios the government might be exploring. Think tanks often run fictive war games.
While CrowdStrike did not reveal the name of the attacked think tanks due to confidentiality clauses, Defense One reporter Patrick Tucker contacted the Center for Strategic and International Studies (CSIS), whose representative admitted to suffering a cyber-attack during the past week, which was repelled by its staff.