Microsoft finds more Russian hacking
Company president says ‘this activity is most fundamentally focused on disrupting democracy’
Microsoft has uncovered new Russian hacking efforts targeting U.S. political groups ahead of the midterm elections.
The company said Tuesday that a group tied to the Russian government created fake websites that appeared to spoof two American conservative organizations: the Hudson Institute and the International Republican Institute. Three other fake sites were designed to look as if they belonged to the U.S. Senate.
Microsoft didn’t offer any further description of the fake sites, although it has previously outlined in court filings how this hacking group operated a network of fake sites designed to trick victims into installing malicious software.
The Russian Foreign Ministry said that Microsoft’s report reflects a “witch hunt” in the U.S. The ministry said Tuesday that Microsoft’s statement lacked any proof of Russian involvement because “there can’t be any.”
The revelation of new hacking efforts arrives just weeks after a similar Microsoft discovery led Sen. Claire McCaskill, a Missouri Democrat who is running for re-election, to reveal that Russian hackers tried unsuccessfully to infiltrate her Senate computer network.
The hacking mirrors similar Russian attacks ahead of the 2016 election, which U.S. intelligence officials have said were focused on helping to elect Republican Donald Trump to the presidency by hurting his Democratic opponent, Hillary Clinton.
This time, more than helping one political party over another, “this activity is most fundamentally focused on disrupting democracy,” Brad Smith, Microsoft’s president and chief legal officer, said in an interview this week. The FBI said Tuesday it’s aware of Microsoft’s actions to disrupt the sites but the agency wouldn’t provide details about whether it’s working with the company to combat the hacking group.
Microsoft’s court filing last week said the hackers “registered or used” the fake domains at some point after April 20.
Smith said there is no sign the hackers were successful in persuading anyone to click on the fake websites, which could have exposed a target victim to computer infiltration, hidden surveillance and data theft. Both conservative think tanks said they have tried to be vigilant about “spear-phishing” email attacks because their global pro-democracy work has frequently drawn the ire of authoritarian governments.
“We’re glad that our work is attracting the attention of bad actors,” said Hudson Institute spokesman David Tell. “It means we’re having an effect, presumably.”