Russian-linked hackers targeting U.S. Senate, cyber firm says

Posted at 9:48 PM, Jan 12, 2018
and last updated 2018-01-12 21:48:37-05

(CNN) - There's a disturbing new warning that Russian hackers who stole Democratic party emails now have their sights on the U.S Senate.

It's an alarming warning from a cybersecurity firm that's been tracking Russian-government aligned hackers for years.

The hacking group, often nicknamed "Fancy Bear," has honed in on the Senate's internal email system, according to a new report from Trend Micro Inc.

Fancy Bear is the same russian-linked entity that hacked the Democratic National Committee computer network during the election. 

Security researchers discovered suspicious websites designed to resemble those used by the Senate, and when they cross-referenced those sites with the digital fingerprints associated with Fancy Bear, they matched.

Trend Micro used the same technique when it discovered decoy websites apparently set up to harvest emails from now-French President Emmanuel Macron's campaign in April.

"Because we've been tracking them for so long, it gives us a very high level of confidence because they've left a little bit of evidence after every attack," said Mark Nunnikhoven, vice president of cloud research at Trend Micro.

The company said the hackers are attempting to get into the Senate system by sending highly sophisticated phishing emails.

"They can pick a current issue, something like immigration or a statement by the president, and use that as a hook to try to trick employees into clicking on this link that takes them to this fake log-in server," Nunnikhoven said.

CNN has learned Senate staff have been briefed by U.S. Senate security on this looming threat.

Senate Democrats on the Foreign Relations Committee released a report this week claiming Russian-linked hackers have set their targets on the 2018 midterms and 2020 presidential elections.

"If the United States fails to work with urgency to address this complex and growing threat, the regime in Moscow will become further emboldened. It will continue to develop and refine its arsenal to use on democracies around the world, including against U.S. elections in 2018 and 2020," said Sen. Ben Cardin, D - MD. 

"The president is not doing what he needs to. He still hasn't even acknowledged Russia's engagement in our elections," he added. "He's failed to convene an interagency group to counter this attack. He has not announced a U.S. policy against Russia-aligned influences."

Cardin acknowledged that federal agencies have stepped forward to fight the threat, but said it starts with the president.

"Our first recommendation is for President Trump to exercise executive leadership, presidential leadership, announce a policy and how that policy is going to be implemented," he said.

President Trump has refused to unequivocally acknowledge that Russia interfered in the 2016 election, despite that exact conclusion from the U.S. intelligence community one year ago.

Democratic Sen. Ron Wyden recognized the threat in an April letter to the Rules Committee, when he urged two-step verification for Senate email sign-in, and Republican Sen. Ben Sasse is now calling on the attorney general to come back to Congress to explain what the Department of Justice has done over the past year to combat Russian-linked cyber threats.

"Russia is just getting started and the hacks, forgeries, and influence campaigns are going to get more and more sophisticated," Sasse said.

Copyright 2018 CNN. All rights reserved.