The FBI may have been overwhelmed by the number of hacks attempted by Russian APT group Fancy Bear.
The FBI may have been overwhelmed by the number of hacks attempted by Russian APT group Fancy Bear.

The FBI knew more than a year ago that Russian hackers Fancy Bear had targeted the personal gmail accounts of U.S. officials, politicians and organizations but didn't warn them, possibly in part because the number of attempted hacks was massive and the threat wasn't considered great at the time.

In a two-month probe of the 19,000 lines of targeting data provided by SecureWorks, the Associated Press reported that it discovered 500 U.S. persons who were in the Kremlin's sights and after interviewing 80 of them found only two who had received FBI warnings.

While the FBI gave the AP a statement that said it “routinely notifies individuals and organizations of potential threat information,” an unnamed agency source noted that “it's a matter of triaging to the best of our ability the volume of the targets who are out there.”

A comparative analysis by Fidelis Cybersecurity in June 2016 supported findings by CrowdStrike that a pair of intrusions at the Democratic National Committee (DNC) were the handiwork of the Cozy Bear and Fancy Bear APT groups with ties to Russian intelligence.

Malware samples examined by Fidelis, which was called in by the team managing the DNC intrusion, matched the description provided by CrowdStrike and “contained complex coding structures and utilized obfuscation techniques that we have seen advanced adversaries utilize in other investigations we have conducted,” Michael Buratowski, senior vice president, security consulting services at Fidelis, wrote in a Threatgeek blog post at the time.

After the hacks at the DNC, the Democratic Congressional Campaign Committee (DCCC) and other persons or groups associated with the Democrats and their presidential candidate former Secretary of State Hillary Clinton, a steady stream of emails and documents were leaked via WikiLeaks.

The hacks set off alarms among cybersecurity professionals that the U.S. and Russia may be sliding towards an increasingly aggressive cyberconflicts and prompted investigations by the FBI, Congress and Special Counsel Robert Mueller into Russian interference in the U.S. presidential election and potential collusion between Russian operatives and the Trump campaign.