The launch of the operation coincided with a recall investigation by Congress about Trump and if he abused his office while trying to pressure the president of Ukraine, Volodymyr Zelensky, to announce an investigation into Burisma and Hunter Biden, an action that could possibly help Trump's re-election candidacy.
The GRU was active in the 2016 presidential campaign, hacking the servers of the Democratic Party and the Hillary Clinton campaign president and launching their emails that summer and fall. The revelations disrupted the Democratic convention and undermined Clinton's campaign in recent critical weeks, and the US intelligence community concluded that with such actions, Moscow aimed to help Trump and harm Clinton.
Trump has publicly minimized the conclusions of the intelligence agencies and has suggested that it was Ukraine, not Russia, that interfered in the 2016 elections. He and his personal lawyer, Rudolph W. Giuliani, have promoted an unfounded theory that Joe Biden, While he was vice president, he attempted to cancel a corruption investigation in Burisma to protect his son. Hunter Biden is no longer on the board of Burisma.
The GRU managed to violate the servers of Burisma Holdings and several subsidiaries and partners, said Oren Falkowitz, CEO of Area 1 Security.
"The timing of the GRU campaign in relation to the 2020 elections in the US. Increases the spectrum that this is an early warning of what we have anticipated since the successful cyber attacks made during the 2016 US elections. ", Said Falkowitz.
It was not known what material the GRU accessed, and if any of them will be released.
The GRU also targeted a media organization founded by Zelensky, the firm said.
Phishing is the most common technique used by hackers to gain access to victims' systems. Hackers send emails that impersonate employees or people who trust the targets, which are then tricked into clicking on links that contain malware or lead to sites with malware, allowing hackers to obtain email credentials victim's email
"The success of phishing depends on the authenticity," Area 1 said in a report on the incident published Monday. "The GRU has applied plausibility in a wide combination of common business tools … to steal account credentials, gain access to internal systems and data, impersonate employees through the unauthorized use of their accounts."
The GRU campaign "demonstrates that there are many objectives that can be attacked by those who would interfere in our elections," said Laura Rosenberger, director of the Alliance to Ensure Democracy, which tracks Russian disinformation efforts. "We should expect to see more of these reports."
Moscow's efforts aim to undermine our elections, said Rosenberger. "The goal is to undermine our institutions," he said.