Russian-speaking hacker breached HUD, security firm says

A security company that claims to have identified a Russian-speaking hacker who sold access to the U.S. Electoral Assistance Commission says that hacker successfully targeted more than 60 organizations, including the Department of Housing and Urban Development (HUD) and other federal agencies.

In a report on Wednesday, Recorded Future says the hacker, whom the firm has named Rasputin, breached more than 60 organizations in December, including U.S. and U.K. universities, city and state governments, and federal government agencies.

The Electoral Assistance Commission, which helps states select voting systems, revealed in December that it might have been hacked. The development prompted a criminal investigation by the FBI. 

{mosads}Recorded Future, which has purportedly been working with law enforcement on the investigation, said the same day that the Russian-speaking hacker had breached the commission’s database and sold access to it. According to the latest research by the cyber threat intelligence company, the hacker has likewise been selling access to systems of the organizations newly identified as having been breached.

The hacker allegedly hit databases of more than two-dozen universities in the United States and several in the United Kingdom, including Cambridge and Oxford, systems used by six U.S. cities and 16 different states, and those of four federal agencies, including HUD.

Recorded Future says that it has notified all of the organizations of the breaches. A HUD representative told The Hill that the agency had not found evidence its systems were compromised but was conducting a security review out of caution. 

“HUD finds no evidence to support the suggestion that the Department’s IT systems were compromised. However, out of an abundance of caution, HUD is conducting a top-to-bottom security review to make certain its network remains secure,” the spokesman said.

The research comes as federal lawmakers probe the Russian government’s campaign to influence the U.S. presidential election, which involved cyberattacks on the Democratic National Committee and Hillary Clinton campaign chairman John Podesta. The intelligence community released an unclassified report accusing Russia of meddling in the election in January but found no evidence that vote-tallying systems were breached. Russia has denied the allegations. 

The Obama administration designated election infrastructure as critical following the hacks, subjecting them to federal protections.

According to Recorded Future, the Russian-speaking hacker who targeted the Electoral Assistance Commission and other organizations is unlikely sponsored by a foreign government.

The hacker is said to have used an SQL Injection to breach the commission’s database and employed the same tactic against the other systems.

This report was updated on Feb. 16 at 12:51 p.m.