WASHINGTON – U.S. cybersecurity experts say hackers impersonating a State Department official have targeted U.S. government agencies, businesses and think tanks in an attack that bears similarity to past campaigns linked to Russia.
The “spear phishing” attempts began on Wednesday, sending email messages purported to come from a department public affairs official.
Cybersecurity companies CrowdStrike and FireEye both said they were still working to attribute the attack. But it was consistent with past hacking campaigns by Cozy Bear, or APT29, a Russian group believed to be associated with Russian intelligence and linked to hacking ahead of the 2016 U.S. presidential election.
WATCH: Meet the Canadian on the front-lines of a growing cyberwar
A State Department official said there was no intrusion into the agency’s servers or networks. The official was not authorized to comment publicly and requested anonymity.
The practice of “spear phishing” involves hackers sending emails to specific people or groups, which appear to come from a trusted source but are designed to help hackers procure sensitive information or secrets.
— With a file from Global News