all roads lead to Russia
Russian hackers were able to get into a server belonging to Burisma, the Ukrainian company at the center of President Trump's impeachment, security experts told The New York Times.
The security firm Area 1, which first detected the hacking on New Year's Eve, told the Times that Russian efforts began in early November, when Trump's impeachment was all over the news. The hackers are from a Russian military intelligence unit formerly known as the GRU, and they used phishing emails that tricked users into entering their usernames and passwords, giving the hackers their login credentials. The tactics mirror the Russian hacking of the Democratic National Committee in 2016, Area 1 co-founder Oren Falkowitz told the Times. "The Burisma hack is a cookie-cutter GRU campaign," he said. "Russian hackers, as sophisticated as they are, also tend to be lazy. They use what works. And in this, they were successful."
It is unclear what the hackers were looking for, or what they found. Hunter Biden, the son of 2020 Democratic presidential candidate and former Vice President Joe Biden, once sat on the board of Burisma. During a July 25 phone call with Ukrainian President Volodymyr Zelensky, Trump asked him to investigate the Bidens and Burisma, a request that ultimately triggered the events that led to his impeachment. Experts told the Times the timing of the hacking could indicate the Russians wanted to find any information about the Bidens that could be incriminating.
Biden campaign spokesman Andrew Bates told the Times that Trump "tried to coerce Ukraine into lying" about Biden because "he recognized that he can't beat the vice president," and now it's clear Russian President Vladimir Putin "also sees Joe Biden as a threat." For more on Area 1's research, visit The New York Times.