The Republican National Committee has already denied the news about a ransomware operation compromising its computer systems by Cozy Bear, a Russian hacking organization. RNC stated that a cyberattack did occur but only impacted one of its third-party vendors.
On Tuesday, Bloomberg posted an article saying, RNC’s computer systems were hacked through Synnex, a contractor located in California. The information is from unnamed sources familiar with the situation.
Richard Walters, RNC Chief of Staff, promptly refuted the news. He claimed that RNC data had not been hacked.
According to a statement received by Newsweek, Walters explained that they were alerted that Synnex, a third-party vendor had been hacked over the weekend. They instantly disabled all Synnex accounts’ access to their cloud system.
On Saturday, Mike Reed, RNC representative, said that Microsoft told RNC that Synnex systems may have been breached.
RNC team collaborated with Microsoft to assess the systems and found that no RNC data was obtained following a comprehensive investigation. Upon the issue, RNC will continue to cooperate with Microsoft and government law enforcement officers.
Reed stated, “There is no evidence that the RNC was infiltrated or that any RNC data was taken. We are checking into the situation and have notified DHS and the FBI.”
Microsoft refused to reveal any further information in a statement. A firm representative responded, “We can’t talk about the specifics of any particular case without customer permission.”
The company mentioned that it will continue to monitor malicious and harmful acts from cybercriminals and contact affected clients.
Cozy Bear is thought to be the same team that hacked the Democratic National Committee’s systems before the presidential election in 2016.
The organization has been identified as an “advanced persistent threat APT29” by the US government, which has linked its works to Russian intelligence services. Cozy Bear is also suspected of being behind the late-year SolarWinds hack.
On Tuesday, Synnex said in a statement that it was conducting a full investigation of the breach on its systems.
Dennis Polk, Synnex President, said that the company is a “long-term distribution partner for Microsoft.” Also, they have handled the issue with the required urgency to resolve the cyberattacks and to restrict the possible actions of the hackers.
The Synnex hacking occurred just right at the moment when the Kaseya software firm attack happened. The incident is thought to have been carried out by REvil, a hacker organization affiliated with Russia.