WASHINGTON ― A cyber-espionage group that targeted political parties during U.S. and French elections also launched a phishing campaign against Academi, the private military firm formerly known as Blackwater, a new report says.
Pawn Storm, a hacking group also known as Fancy Bear, targeted Academi on April 24, 2014, according to a report released Tuesday by the cybersecurity firm Trend Micro. Crowdstrike, another security firm, has said Fancy Bear is believed to be "closely linked" to Russian intelligence services.
The Trend Micro report does not indicate whether Pawn Storm succeeded in stealing information from Academi during the phishing attack. Academi did not respond to multiple requests for comment for this story.
Academi is the latest incarnation of Blackwater, a private military contractor founded by Erik Prince in 1997. Blackwater gained notoriety in 2007 when its employees shot at and killed more than a dozen civilians in Baghdad while escorting a U.S. convoy. As part of an attempt to clean up its image, Blackwater was renamed “Xe Services” two years later. Prince sold the company in 2010 and the new owners gave it yet another name: “Academi.”
Prince, whose sister, Betsy DeVos, is President Donald Trump’s secretary of education, has been in the news lately because of his ties to the Trump campaign. Last July, he recommended to senior Trump adviser Steve Bannon that the Trump administration replicate a Vietnam War-era CIA assassination program to be used against the militant group known as the Islamic State. In January, Prince reportedly acted as a representative of Trump during a secret meeting organized by the United Arab Emirates in Seychelles with a Russian close to President Vladimir Putin. (A spokesman for Prince denied that he took part in the meeting.)
On a Frequently Asked Questions page on its website, Academi says Prince has not been associated with the company since he sold it in 2010.
In May 2014, weeks after Pawn Storm reportedly targeted Academi, the German tabloid Bild am Sonntag alleged that Academi had 400 fighters on the ground in Ukraine backing the interim government against pro-Russian separatists. The story echoed earlier rumors circulating in Russian state-owned media outlets that the U.S. had sent mercenaries to help the Ukrainian special police crush opposition fighters in Donetsk and Lugansk.
In a statement, Academi called the Bild am Sonntag report “completely false.” Then-U.S. national security spokeswoman Caitlin Hayden called the report “nonsense.”
At the time, Russia had recently annexed the Ukrainian territory of Crimea and was building up its military presence in and around Ukraine. McClatchy suggested that the German report could be part of a propaganda effort by Russia to diminish support for the government in Kiev.
“Russia has been waging a decade-long propaganda war to sour Ukrainians on the government in Kiev, and this report fits right in to Russia’s hopes to reduce international pressure on it,” McClatchy's Matthew Schofield noted. "To be able to show that the United States, even in the form of mercenaries and not official military personnel, are active on behalf of Kiev would to many further justify Russian actions."
The Trend Micro report released Tuesday does not indicate whether hackers obtained any information from Academi that they were later able to weaponize. But it does describe Pawn Storm’s practice of using the media “to publicize attacks and influence public opinion.”
Guccifer 2.0, the hacker who claimed responsibility for the cyberattack against the Democratic National Committee during the 2016 presidential campaign, approached reporters and offered them exclusive access to password-protected parts of the website dcleaks.com, where stolen emails were housed. According to Trend Micro, Guccifer 2.0 is “very likely” affiliated with Pawn Storm.
Last year, Fancy Bear hackers provided Der Spiegel, a respected German magazine, with internal emails from the U.S. Anti-Doping Agency and the World Anti-Doping Agency. The magazine used information from these emails in its feature about the effort to combat sports doping.
In its report, Trend Micro lists dozens of governments, political parties, international and private organizations, and news outlets that were targeted by Pawn Storm ― including the campaign of Emmanuel Macron, who is facing pro-Russian candidate Marine Le Pen in the French presidential election.