Cozy Bear returns? DNC says it faced targeted Russian phishing attack after 2018 midterms

Just after the 2018 midterm elections, the Democratic National Committee (DNC) saw dozens of its email addresses targeted in a spear-phishing attack, Politico reports the DNC said in a Thursday night court filing.

“The content of these emails and their time stamps were consistent with a spear-phishing campaign that leading cybersecurity experts have tied to Cozy Bear (APT 29),” according to the document. “Therefore, it is probable that Cozy Bear again attempted to unlawfully infiltrate DNC computers in November 2018.”

The document was filed in an ongoing federal lawsuit brought by the DNC against Russia, the Trump campaign, WikiLeaks, and various campaign figures, including Paul Manafort and Jared Kushner, over alleged Russian hacking and election tampering.

There’s no evidence the phishing attacks were successful, according to the court filing. Since the 2016 election, when DNC servers were allegedly compromised by Russian attackers, the Democrats have taken steps to shore up digital security. Bob Lord, hired as the DNC’s chief security officer, told Fast Company last year that the DNC subjects its employees to regular phishing drills to train them not to engage with fraudulent email messages.