Microsoft: Russia attempted hack of Senate, conservative think tanks

Microsoft: Russia attempted hack of Senate, conservative think tanks
© Getty Images

Microsoft on Tuesday announced that it had shut down six websites created by hackers linked to Russia's military, the latest sign of potential foreign interference ahead of the 2018 midterm elections.

The websites targeted the conservative think tanks the Hudson Institute and the International Republican Institute as well as the U.S. Senate. Microsoft said the Senate domains targeted "are not specific to particular offices" or senators.

Microsoft said the false sites were created by "Fancy Bear," a group linked to the Russian Intelligence agency GRU that was also behind the hack of the Democratic National Committee (DNC) in 2016.

ADVERTISEMENT

The domains, Microsoft said, were altered to appear similar to its own services in an attempt to possibly trick U.S. users into providing their personal information to hackers.

The technique, known as spear-phishing, was used successfully by Russian agents during the 2016 election to illegally obtain emails from Hillary ClintonHillary Diane Rodham ClintonFive landmark moments of testimony to Congress Top diplomat said request for specific probes in Ukraine was 'contrary' to US policy Feehery: What Republicans must do to adapt to political realignment MORE's campaign for president and the DNC. 

Microsoft said a judge in the Eastern District of Virginia last week granted it control of the websites, which could have been used to launch cyberattacks on candidates and other political groups ahead of the midterm elections.

Microsoft President Brad Smith wrote in a blog post that Microsoft currently has "no evidence" that the sites were used to successfully carry out a cyberattack, nor evidence as to who would be the ultimate targets of an attack. He noted that the activity “mirrors the type” that was seen prior to the 2016 election.

“Despite last week’s steps, we are concerned by the continued activity targeting these and other sites and directed toward elected officials, politicians, political groups and think tanks across the political spectrum in the United States,” Smith wrote. “Taken together, this pattern mirrors the type of activity we saw prior to the 2016 election in the United States and the 2017 election in France.”

Russian officials denied Microsoft's report in a statement to Interfax, accusing U.S. counterparts of ginning up controversy before the midterm elections.

“Microsoft is playing political games,” a Russian source told InterFax. “The [midterm U.S.] elections have not happened yet, but there are already allegations.”

Smith wrote in his blog post that the company has been in touch with the targeted think tanks and that Microsoft "will continue to work closely with them and other targeted organizations on countering cybersecurity threats to their systems."

The New York Times noted that both think tanks have done work challenging the Russian government: The International Republican Institute, which was chaired by Sen. John McCainJohn Sidney McCainLindsey Graham basks in the impeachment spotlight Sanders proposes expanded Veterans Affairs services, B to rebuild infrastructure Cindy McCain says husband John McCain would be 'disgusted' by state of GOP MORE (R-Ariz.) until this year, promotes democracy across the world, while the Hudson Institute has been critical of the Kremlin.

Microsoft also announced that it would be offering a free cybersecurity program to candidates and campaign offices across all levels of government, as well as to “think tanks and political organizations we now believe are under attack.”

Microsoft's latest revelation comes just one month after the company first said that it identified and helped block hacking attempts on three congressional candidates earlier this year, the first publicly known cyberattacks on candidates in the 2018 midterm elections.

The Daily Beast reported shortly afterward that Sen. Claire McCaskillClaire Conner McCaskillGOP senator rips into Pelosi at Trump rally: 'It must suck to be that dumb' Iranian attacks expose vulnerability of campaign email accounts Ex-CIA chief worries campaigns falling short on cybersecurity MORE (Mo.), a vulnerable red-state Democrat, was unsuccessfully targeted by Russian hackers.

Two congressional Democratic candidates in California were also reportedly the target of cyberattacks during their unsuccessful primary bids; it's unclear who was behind those efforts.

Special counsel Robert MuellerRobert (Bob) Swan MuellerSpeier says impeachment inquiry shows 'very strong case of bribery' by Trump Gowdy: I '100 percent' still believe public congressional hearings are 'a circus' Comey: Mueller 'didn't succeed in his mission because there was inadequate transparency' MORE last month indicted 12 Russian military officers in the 2016 hacking of the DNC.

John Bowden contributed to this report, which was updated at 8:20 a.m.