Microsoft: Russia attempted hack of Senate, conservative think tanks

Microsoft: Russia attempted hack of Senate, conservative think tanks
© Getty Images

Microsoft on Tuesday announced that it had shut down six websites created by hackers linked to Russia's military, the latest sign of potential foreign interference ahead of the 2018 midterm elections.

The websites targeted the conservative think tanks the Hudson Institute and the International Republican Institute as well as the U.S. Senate. Microsoft said the Senate domains targeted "are not specific to particular offices" or senators.

Microsoft said the false sites were created by "Fancy Bear," a group linked to the Russian Intelligence agency GRU that was also behind the hack of the Democratic National Committee (DNC) in 2016.

ADVERTISEMENT

The domains, Microsoft said, were altered to appear similar to its own services in an attempt to possibly trick U.S. users into providing their personal information to hackers.

The technique, known as spear-phishing, was used successfully by Russian agents during the 2016 election to illegally obtain emails from Hillary ClintonHillary Diane Rodham ClintonOvernight Defense: Government funding bill butts up against deadline | Pentagon reports eighth military COVID-19 death | Trump, Pentagon collide over anti-diversity training push Voters split on whether Trump, Biden will win first debate: poll New Monmouth poll finds Biden with 6-point lead MORE's campaign for president and the DNC. 

Microsoft said a judge in the Eastern District of Virginia last week granted it control of the websites, which could have been used to launch cyberattacks on candidates and other political groups ahead of the midterm elections.

Microsoft President Brad Smith wrote in a blog post that Microsoft currently has "no evidence" that the sites were used to successfully carry out a cyberattack, nor evidence as to who would be the ultimate targets of an attack. He noted that the activity “mirrors the type” that was seen prior to the 2016 election.

“Despite last week’s steps, we are concerned by the continued activity targeting these and other sites and directed toward elected officials, politicians, political groups and think tanks across the political spectrum in the United States,” Smith wrote. “Taken together, this pattern mirrors the type of activity we saw prior to the 2016 election in the United States and the 2017 election in France.”

Russian officials denied Microsoft's report in a statement to Interfax, accusing U.S. counterparts of ginning up controversy before the midterm elections.

“Microsoft is playing political games,” a Russian source told InterFax. “The [midterm U.S.] elections have not happened yet, but there are already allegations.”

Smith wrote in his blog post that the company has been in touch with the targeted think tanks and that Microsoft "will continue to work closely with them and other targeted organizations on countering cybersecurity threats to their systems."

The New York Times noted that both think tanks have done work challenging the Russian government: The International Republican Institute, which was chaired by Sen. John McCainJohn Sidney McCainCindy McCain joins board of Biden's presidential transition team Meet the first woman to run for president Jill Biden shuts down Jake Tapper's question about husband's 'occasional gaffe' MORE (R-Ariz.) until this year, promotes democracy across the world, while the Hudson Institute has been critical of the Kremlin.

Microsoft also announced that it would be offering a free cybersecurity program to candidates and campaign offices across all levels of government, as well as to “think tanks and political organizations we now believe are under attack.”

Microsoft's latest revelation comes just one month after the company first said that it identified and helped block hacking attempts on three congressional candidates earlier this year, the first publicly known cyberattacks on candidates in the 2018 midterm elections.

The Daily Beast reported shortly afterward that Sen. Claire McCaskillClaire Conner McCaskillMomentum growing among Republicans for Supreme Court vote before Election Day Democratic-linked group runs ads in Kansas GOP Senate primary Trump mocked for low attendance at rally MORE (Mo.), a vulnerable red-state Democrat, was unsuccessfully targeted by Russian hackers.

Two congressional Democratic candidates in California were also reportedly the target of cyberattacks during their unsuccessful primary bids; it's unclear who was behind those efforts.

Special counsel Robert MuellerRobert (Bob) MuellerCNN's Toobin warns McCabe is in 'perilous condition' with emboldened Trump CNN anchor rips Trump over Stone while evoking Clinton-Lynch tarmac meeting The Hill's 12:30 Report: New Hampshire fallout MORE last month indicted 12 Russian military officers in the 2016 hacking of the DNC.

John Bowden contributed to this report, which was updated at 8:20 a.m.