On Thursday, the FBI and CISA issued a joint news release announcing their finding, claiming that “since at least September 2020, a Russian state-sponsored [advanced persistent threat] APT actor - known variously as Berserk Bear, Energetic Bear, TeamSpy, Dragonfly, Havex, Crouching Yeti, and Koala in open-source reporting - has conducted a campaign against a wide variety of US targets.”
According to the intelligence agencies, the hackers obtained user and administrator credentials, entered two networks and looked around, focusing on information about vendors used by the government entities and their security protocols.
“To date, the FBI and CISA have no information to indicate this APT actor has intentionally disrupted any aviation, education, elections, or government operations,” the news release states, adding the open speculation that “the actor may be seeking access to obtain future disruption options, to influence US policies and actions, or to delegitimize SLTT [state, local, territorial, and tribal] government entities.”
The report further adds that “the FBI and CISA have no evidence to date that integrity of elections data has been compromised.”
The report follows statements by Director of National Intelligence John Ratcliffe and FBI Director Christopher Ray on Wednesday evening claiming to have discovered Iran and Russia were attempting to influence the US election, which is less than two weeks away.
Ratcliffe said that Tehran and Moscow had separately obtained US voter registration information, and also that Iran had sent emails purporting to be from the Proud Boys, a far-right US gang that supports US President Donald Trump, to supporters of Democratic presidential nominee Joe Biden, attempting to threaten them into voting for Trump on November 3.
These actions, Ratcliffe claimed, would somehow hurt Trump’s chances of reelection, and the voter data could be used “to communicate false information to registered voters that they hope will cause confusion, sow chaos and undermine your confidence in American democracy.”
A report from the Washington Post on the threatening emails, however, noted that “metadata gathered from dozens of the emails pointed to the use of servers in Saudi Arabia, Estonia, Singapore and the United Arab Emirates,” not to Iran.
While Ratcliffe said he believed Iran posed the bigger threat than Russia on Wednesday night, the New York Times wrote on Thursday, citing anonymous “American officials briefed on the intelligence,” that Russia was the greater threat, referring to them as “major leaguers.” However, they, too, admitted there was no evidence any of the hacks had caused any damage.
On Thursday, Alireza Miryousefi, a spokesperson for Iran’s mission at the United Nations, told ABC News the accusations were “absurd,” noting, “Iran has no interest in interfering in the US election and no preference for the outcome.”
Dmitry Peskov, the Kremlin’s official spokesperson, called the accusations “regrettable” and “groundless” in Thursday comments to the press. He added that the claims are linked “to the internal political processes [in the US] that have to do with the fact that election is coming soon.”