The same Russian hackers that broke into the Democratic National Convention in 2016 are also responsible for numerous cyberattacks against the U.S. Senate and other government groups, according to a new report released today by cybersecurity firm Trend Micro Inc.

Trend Micro attributed multiple attacks to Russian hacker group Pawn Storm, including a phishing site that mimicked the Active Directory Federation Services of the U.S. Senate, which manages access to internal secure systems. Trend Micro researcher Rik Ferguson told the Associated Press the company is “100 percent sure that [the attacks] can attributed to the Pawn Storm group.”

The report did not confirm if any of the phishing attempts have been successful, and Trend Micro noted that the Senate’s ADFS is normally not reachable on the open internet, so Pawn Storm would not be able to directly access the system using stolen credentials. However, the firm also said the compromised login information could still be used by any bad actors, such as Russian spies, who may have gained physical access to the Senate’s network.

Trend Micro expects politically motivated cyberattacks from groups such as Pawn Storm to continue to be a serious problem in 2018, especially during the upcoming Winter Olympics. “Rogue political influence campaigns are not likely to go away in the near future,” Feike Hacquebord, a senior threat researcher at Trend Micro, wrote in the report. “Political organizations have to be able to communicate openly with their voters, the press and the general public. This makes them vulnerable to hacking and spear phishing.”

Hacquebord added that secure government networks are not the only target, as social media has also become a key focus for state-sponsored hackers. “Social media platforms continue to form a substantial part of users’ online experience, and they let advertisers reach consumers with their message,” said Hacquebord. “This makes social media algorithms susceptible to abuse by various actors with bad intentions. Publishing stolen data together with spreading fake news and rumors on social media gives malicious actors powerful tools.”

Photo: Geoff Livingston The Dark Capitol via photopin (license)