Issue link: https://maltatoday.uberflip.com/i/829797
maltatoday, TUESDAY, 30 MAY 2017 News 9 THIS IS A PAID ADVERT what is Fancy Bear? the White House, receiving their orders from the highest echelons of the Russian gov- ernment. For the cybersecu- rity companies and academic researchers who have followed Fancy Bear's activities online for years, the hacking and sub- sequent leaking of Clinton's emails, as well as those of the DNC and DCCC, were the most ambitious in a long series of cyber-espionage and disin- formation campaigns. From its earliest-known activities, Fancy Bear has quickly gained a reputation for its high pro- file, political targets. Who does Fancy Bear target? Fancy Bear's targets have in- cluded Eastern European gov- ernments and militaries, the country of Georgia and the Caucasus, security-related or- ganisations such as NATO, as well as US defence contractors Academi (formerly known as Blackwater) and Science Ap- plications International Cor- poration (SAIC). Fancy Bear also seems to try to influence political events in order for friends or allies of the Russian government to gain power. 2014 – German Bundestag (2014) Fancy Bear is thought to have been responsible for a six- month-long cyber-attack on the German parliament that began in December 2014. The group is also suspected to be behind a spear phishing attack in August 2016 on members of the Bundestag. Authorities fear that sensitive information could be gathered by hackers to later manipulate the public ahead of elections such as Ger- many's next federal election due this September. April 2015 – French television On April 8, 2015, French tel- evision network TV5Monde was the victim of a cyber-at- tack by a hacker group calling itself "CyberCaliphate" and claiming to have ties to the terrorist organisation Islamic State of Iraq and the Levant (ISIL). French investigators later discounted the theory that militant Islamists were behind the cyber-attack, in- stead suspecting the involve- ment of Fancy Bear. Hackers breached the net- work's internal systems, possi- bly aided by passwords openly broadcast by TV5, overriding the broadcast programming of the company's 12 channels for over three hours. August 2015 – White House and NATO In August 2015, Fancy Bear used a zero-day exploit of Java, spoofing the Electronic Fron- tier Foundation and launching attacks on the White House and NATO. The hackers used a spear phishing attack, di- recting emails to the false url electronicfrontierfoundation. org. August 2016 – World Anti- Doping Agency (August 2016) In August 2016, the World Anti-Doping Agency revealed that their systems had been breached, explaining that hack- ers from Fancy Bear had used an International Olympic Com- mittee (IOC)-created account to gain access to their Anti-doping Administration and Manage- ment System (ADAMS) data- base. The hackers then used the website fancybear.net to leak what they said were the Olym- pic drug testing files of several athletes who had received ther- apeutic use exemptions, includ- ing gymnast Simone Biles, ten- nis players Venus and Serena Williams and basketball player Elena Delle Donne. The hack- ers honed in on athletes who had been granted exemptions by WADA for various reasons. Subsequent leaks included ath- letes from many other coun- tries. March 2016 – US Democratic National Committee In the US, nine days after Hillary Clinton had won big on Super Tuesday and all but clinched the Democratic nomi- nation, a series of emails were sent to the most senior mem- bers of her campaign. From the moment those emails were opened, senior members in Clinton's campaign were falling into a trap that also targeted the Democratic National Commit- tee and the Democratic Con- gressional Campaign Commit- tee. It was an orchestrated attack that – in the midst of one of the most surreal US presiden- tial races in recent memory – sought to influence and sow chaos on Election Day. On June 15, cybersecurity firm CrowdStrike claimed that it was Fancy Bears that had breached the email servers of the DNC. The ensuing mass leaking of emails that sought to embarrass and ultimately derail a nominee for president, had no precedent in the United States. Thousands of emails – some embarrassing, others punishing – were avail- able for public perusal. 2014 - 2016 – Ukrainian artillery From 2014 to 2016, Fancy Bear used Android malware to target the Ukrainian Army's Rocket Forces and Artillery. They dis- tributed an infected version of an Android app whose original purpose was to control target- ing data for the D-30 Howit- zer artillery. The app, used by Ukrainian officers, was loaded with the X-Agent spyware and posted online on military fo- rums. October 2016 – Windows zero- day On October 31, 2016, Google's Threat Analysis Group revealed a zero-day vulnerability in most Microsoft Windows versions that was the subject of active malware attacks. On Novem- ber 1, 2016, Microsoft executive vice president of the Windows and Devices Group, Terry My- erson, pointed to Fancy Bear as the threat actor, referring to the group by their in-house code name STRONTIUM. February 2017 – Dutch ministries In February 2017, the Gen- eral Intelligence and Secu- rity Service (AIVD) of the Netherlands revealed that Fancy Bear and Cozy Bear had made several attempts to hack into Dutch minis- tries, including the Minis- try of General Affairs, over the previous six months. In a briefing to parliament, Dutch Minister of the Inte- rior and Kingdom Relations Ronald Plasterk announced that votes for the Dutch gen- eral election in March 2017 would be counted by hand. February 2017 – IA AF Officials of the Interna- tional Association of Athlet- ics Federations (IAAF) stated in April 2017 that its servers had been hacked by the Fan- cy Bear group. IAAF stated that the hackers had accessed the Therapeutic Use Exemp- tion applications, needed to use medications prohibited by WADA. 2016 - 2017 – German and French elections Researchers from Trend Micro in 2017 released a re- port outlining attempts by Fancy Bear to target groups related to the election cam- paigns of Emmanuel Macron and Angela Merkel. Accord- ing to the report, they tar- geted the Macron campaign with phishing and attempt- ing to install malware on their site. French govern- ment cybersecurity agency ANSSI confirmed these at- tacks took place. They then targeted the Ger- man Konrad Adenauer Foun- dation and Friedrich Ebert Foundation, groups that are associated with Angela Mer- kel's Christian Democratic Union and opposition Social Democratic Party, respec- tively. Fancy Bear set up fake email servers in late 2016 to send phishing emails with links to malware. maltatoday, today, today TUESDAY, 30 MAY 2017 tributed an infected version of eral Intelligence and Secu- 2016 - 2017 – German and