The Republican National Committee’s computer systems were breached by the Russian government hackers behind the SolarWinds campaign through Synnex, a Fremont, Calif., based distributor, according to a CRN article.
RNC spokesman Mike Reed told Bloomberg that they had been informed by Microsoft that Synnex’s system had been exposed, but that there is no evidence that the RNC was hacked or that any RNC information was stolen.
Related: Better AV Integration Cybersecurity: Episode 140 of AV+
Synnex later confirmed that the same SolarWinds hackers tried to use the distributor to get access to customer applications within the Microsoft cloud environment.
Two individuals close to the situation told Bloomberg that the Russian foreign intelligence service is thought to have attacked the RNC through Synnex.
Synnex confirmed that there were multiple attempts to access the Microsoft cloud customer apps through the distributor and that they are working with Microsoft and a third-party cybersecurity vendor to investigate the attack.
“As our review continues, we are unable to provide any specific details,” says Michael Urban, Synnex’s president of worldwide technology solutions distribution, in a statement to Bloomberg, reported in the CRN article. “As with any security issue, a full review of all companies, systems, third-party applications and related IT solutions must be completed before final determinations can be made.”
Microsoft told CRN in an emailed statement that they are unable to comment on specific cases without permission from customers but assured that they are continuing to track similar attacks from all over the world and to inform customers affected by such attacks through their nation-state notification process.
Sources close to the issue have told Bloomberg that the Russian foreign intelligence service (SVR), the group suspected of the RNC breach, is taking advantage of trouble caused by a REvil ransomware attack on Kaseya by going after intelligence targets.
The SolarWinds attack, which took place earlier this year, compromised 100 private sector organizations and nine government agencies and in June the SVR breached Microsoft’s support agent’s machine and began focused attacks against their customers, which led to three cases of compromise. They also targeted numerous other organizations across various sectors.
This is not the first time the SVR has attacked a U.S. political party committee. They attacked the Democratic Nation Committee servers in 2015 but did not leak any hacked information from the DNC. Synnex has provided IT products to political candidates and parties on numerous occasions in the past and continues to today.
