The FINANCIAL — Microsoft says it has uncovered new Russian hacking attempts to target U.S. political groups ahead of the U.S. midterm elections in November.
The company said a hacking group linked to Russia’s government had created fake Internet domains in order to mimic the websites of two conservative Washington-banked think tanks that have been critical of the Kremlin — the Hudson Institute and the International Republican Institute.
It said the Russian hackers also created three fake domains designed to look as if they belonged to the U.S. Senate, according to RFE/RL.
Microsoft calls the hacking group Strontium. Others call it Fancy Bear or APT28.
An indictment from U.S. special counsel Robert Mueller has tied the hackers to Russian’s main intelligence agency, known as the GRU, and to the 2016 e-mail hacking of both the Democratic National Committee and Hillary Clinton’s presidential election campaign.
Known as a “spear-phishing” attack, the fake websites created by the Russian hackers attempt to persuade target victims to click on links that expose them to computer infiltration, hidden surveillance, and data theft.
Microsoft’s president and chief legal officer, Brad Smith, said there was no sign the hackers successfully infiltrated either conservative think tank.
Both groups said they try to be vigilant about “spear-phishing” attacks because their global pro-democracy work often angers authoritarian governments.
The International Republican Institute is led by a board that includes six Republican senators, as well as prominent Russia critic, Mitt Romney, who is running for a U.S. Senate seat from Utah seat this autumn, according to RFE/RL.
Microsoft’s latest announcement on Russian hackers comes less than a month after a similar discovery by Microsoft led U.S. Senator Clair McCaskill, a Missouri Democrat running for reelection in November, to announce that Russian hackers tried unsuccessfully to break into her Senate computer network.
Microsoft has been waging a legal battle with Strontium since bringing a lawsuit in a U.S. federal court in the summer of 2016.
With court approval allowing it to seize certain fake domains, Microsoft has used the courts to shut down 84 fake websites created by the Russian hackers — including the most recently announced websites.
Microsoft has argued in court that by setting up fake but realistic-looking domains, the hackers misuse Microsoft trademarks and services to hack into targeted computer networks, install malware, and steal sensitive e-mails and other data.
Smith said on August 21 that Microsoft is now offering free cybersecurity protection to all U.S. political candidates, campaigns, and political organizations that use Microsoft software.
Discussion about this post