On October 7, 2016, the Department Of Homeland Security (DHS) and the Office of the Director of National Intelligence (DNI) issued a joint statement on election security compromises. DHS has released a Joint Analysis Report (JAR) attributing those compromises to Russian malicious cyber activity, designated as GRIZZLY STEPPE.

The JAR package offers technical details regarding the tools and infrastructure used by Russian civilian and military intelligence services (RIS). Accompanying CSV and STIX format files of the indicators, and an enhanced analysis of GRIZZLY STEPPE activity is available:

GRIZZLY STEPPE Indicators (CSV)

GRIZZLY STEPPE Indicators (STIX xml)

AR-17-20045: Enhanced Analysis of GRIZZLY STEPPE Activity (PDF)

DHS recommends that network administrators review JAR-16-20296.pdf below for more information and implement the recommendations provided.

Revisions