Microsoft: Russia attempted hack of Senate, conservative think tanks

Microsoft: Russia attempted hack of Senate, conservative think tanks
© Getty Images

Microsoft on Tuesday announced that it had shut down six websites created by hackers linked to Russia's military, the latest sign of potential foreign interference ahead of the 2018 midterm elections.

The websites targeted the conservative think tanks the Hudson Institute and the International Republican Institute as well as the U.S. Senate. Microsoft said the Senate domains targeted "are not specific to particular offices" or senators.

Microsoft said the false sites were created by "Fancy Bear," a group linked to the Russian Intelligence agency GRU that was also behind the hack of the Democratic National Committee (DNC) in 2016.

ADVERTISEMENT

The domains, Microsoft said, were altered to appear similar to its own services in an attempt to possibly trick U.S. users into providing their personal information to hackers.

The technique, known as spear-phishing, was used successfully by Russian agents during the 2016 election to illegally obtain emails from Hillary ClintonHillary Diane Rodham ClintonSanders expected to announce exploratory committee next week Bernie Sanders records announcement video ahead of possible 2020 bid Overnight Defense: Trump declares border emergency | .6B in military construction funds to be used for wall | Trump believes Obama would have started war with North Korea | Pentagon delivers aid for Venezuelan migrants MORE's campaign for president and the DNC. 

Microsoft said a judge in the Eastern District of Virginia last week granted it control of the websites, which could have been used to launch cyberattacks on candidates and other political groups ahead of the midterm elections.

Microsoft President Brad Smith wrote in a blog post that Microsoft currently has "no evidence" that the sites were used to successfully carry out a cyberattack, nor evidence as to who would be the ultimate targets of an attack. He noted that the activity “mirrors the type” that was seen prior to the 2016 election.

“Despite last week’s steps, we are concerned by the continued activity targeting these and other sites and directed toward elected officials, politicians, political groups and think tanks across the political spectrum in the United States,” Smith wrote. “Taken together, this pattern mirrors the type of activity we saw prior to the 2016 election in the United States and the 2017 election in France.”

Russian officials denied Microsoft's report in a statement to Interfax, accusing U.S. counterparts of ginning up controversy before the midterm elections.

“Microsoft is playing political games,” a Russian source told InterFax. “The [midterm U.S.] elections have not happened yet, but there are already allegations.”

Smith wrote in his blog post that the company has been in touch with the targeted think tanks and that Microsoft "will continue to work closely with them and other targeted organizations on countering cybersecurity threats to their systems."

The New York Times noted that both think tanks have done work challenging the Russian government: The International Republican Institute, which was chaired by Sen. John McCainJohn Sidney McCainPence met with silence after mentioning Trump in Munich speech Mark Kelly's campaign raises over M in days after launching Senate bid The Hill's 12:30 Report — Presented by Kidney Care Partners — Lawmakers wait for Trump's next move on border deal MORE (R-Ariz.) until this year, promotes democracy across the world, while the Hudson Institute has been critical of the Kremlin.

Microsoft also announced that it would be offering a free cybersecurity program to candidates and campaign offices across all levels of government, as well as to “think tanks and political organizations we now believe are under attack.”

Microsoft's latest revelation comes just one month after the company first said that it identified and helped block hacking attempts on three congressional candidates earlier this year, the first publicly known cyberattacks on candidates in the 2018 midterm elections.

The Daily Beast reported shortly afterward that Sen. Claire McCaskillClaire Conner McCaskillMcCaskill: Lindsey Graham 'has lost his mind' Trey Gowdy joins Fox News as a contributor The Hill’s 12:30 Report: Trump AG pick Barr grilled at hearing | Judge rules against census citizenship question | McConnell blocks second House bill to reopen government MORE (Mo.), a vulnerable red-state Democrat, was unsuccessfully targeted by Russian hackers.

Two congressional Democratic candidates in California were also reportedly the target of cyberattacks during their unsuccessful primary bids; it's unclear who was behind those efforts.

Special counsel Robert MuellerRobert Swan MuellerSasse: US should applaud choice of Mueller to lead Russia probe MORE last month indicted 12 Russian military officers in the 2016 hacking of the DNC.

John Bowden contributed to this report, which was updated at 8:20 a.m.