The Ukrainian gas consortium Burisma, directly involved in the procedure for the removal of Donald Trump in the United States, paid the price for hackers. In a report made public on Monday January 13 and relayed by the New york times, the US computer company Area 1, which specializes in computer security, says it spotted the activities of hackers determined to enter Burisma’s networks by stealing user IDs and passwords.
The specter of Russian intelligence
According to Area 1, these hackers belong to the GRU, the intelligence service of the Russian army, well known by computer security experts to be among the most active groups in cyberspace.
Started in November 2019, the operation is, in the words of Area 1, “Technically nondescript, but very effective”. It consists of setting up sites visually very close to those of Burisma and some of its subsidiaries controlled by pirates. They then sent numerous e-mails intended to lead employees to the booby-trapped sites and to enter their usernames and passwords there. A basic technique of hacking called phishing.
For Area 1, the pirates' membership in the GRU is beyond doubt. The company says it relies on how hackers created the booby traps, including the companies from which they purchased their web addresses. Far from definitive evidence. Some experts are therefore more cautious: the company ThreatConnect had, as of December 2019, discovered the same trapped sites. His conclusions as to the origin of the pirates were more nuanced and still are today. The similarities between the operation against Burisma and the operating mode of the GRU “Are not enough” to conclude with certainty that Russian intelligence is maneuvering she wrote then. Most experts believe, however, that the GRU's involvement is very plausible given the nature of the target.
Area 1 is unclear as to whether or not hackers were able to gain access to the corporate network through this. The company only says that the operation was 'Successful'. It is also unclear whether the hackers attacked the company for espionage or whether they had another objective in mind, including the subsequent publication or even the addition of stolen information company networks, fake documents.
Because in this story, neither the victim nor the alleged culprits are harmless. In the context of the investigation by special prosecutor Robert Mueller, responsible for shedding light on the attempts of Russian interference in the 2016 presidential election, the GRU was accused by name of having entered the Democratic Party network and of the Clinton campaign, and then of having forwarded the theft of his theft to WikiLeaks for publication. Burisma, meanwhile, is at the heart of the impeachment process against Donald Trump in the United States.
Between 2014 and 2019, Hunter Biden, the son of former Vice President and current White House contender Joe Biden, was on the board of directors of Burisma. Donald Trump and his family are convinced that he weighed in on the dismissal of a Ukrainian prosecutor to put an end to the prosecutions targeting the conglomerate. During the famous telephone interview with the Ukrainian president, Volodymyr Zelinsky, who started the dismissal procedure, Donald Trump claims precisely to his counterpart that he inquires about this affair, even if he could confront Joe Biden during the November 2020 election.
Were the hackers, if they did come from the ranks of the GRU, as good spies, simply trying to provide their guardianship with more information on the case? Or are they planning, as they did in 2016, a disinformation campaign to weaken Joe Biden if he were to be nominated?
A Joe Biden campaign spokesperson tried to look on the bright side, in the New york times : “Now we see that Vladimir Putin sees Joe Biden as a threat”, did he declare.