Ah, I think I found an answer: https://www.crowdstrike.com/blog/bears-midst-intr...

		larrymcp on July 25, 2016 \| parent \| context \| favorite \| on: Suspected Russian hack of DNC widens Ah, I think I found an answer: https://www.crowdstrike.com/blog/bears-midst-intrusion-democ... And yep it appears they started with primarily phishing.