On Thursday, The Associated Press reported that Russian hackers targeted prominent U.S. politicians and defense contractors, Russian opposition leaders, and Ukrainian officials in addition to the Democratic National Committee. AP obtained what it called a "digital hit list" containing thousands of Kremlin targets from the cybersecurity firm Secureworks, which traced the data after a hacking group known as Fancy Bear tried to "phish" email accounts using a public profile on an email link management platform.
Of the 4,700 individual email addresses targeted by Fancy Bear, AP was able to connect roughly half to account holders. Among the notable targets were then-Secretary of State John Kerry, former Secretary of State Colin Powell, defense contractors for Boeing and Raytheon, Ukrainian President Petro Poroshenko, and the Russian punk band, Pussy Riot. Fancy Bear has long been accused of working on behalf of the Kremlin, and Secureworks' findings also show direct connections between these phishing efforts and the hacking of the DNC's emails during the 2016 presidential election.
Keir Giles, the director of the Conflict Studies Research Center in Cambridge, reviewed AP's findings and called the data "a master list of individuals whom Russia would like to spy on, embarrass, discredit, or silence." "It's a wish list of who you'd want to target to further Russian interests," Giles said.
The massive scope of the Secureworks' findings indicates that even if the Russian hackers succeeded in breaching but a small portion of their targeted accounts, the data drawn from could be multiple terabytes' worth — which would make Fancy Bear's effort one of the largest data leaks in history. Read more about the operation at The Associated Press.