Fending off the first Russian hacks of the midterm elections
With the whole world watching, it’s unlikely that Russian government-backed computer hackers will be able to disrupt our country’s November midterm elections on the same scale they did in 2016.
But that doesn’t mean they’re not giving it the old Moscow University try.
Politico, among other news organizations, reported last Thursday from the Aspen Security Forum that Microsoft’s chief of security gave a talk saying his company had “detected and helped block hacking attempts” against three congressional candidates this year.
That would mark, so far as is known, the first cyber interference in the crucial midterms.
“Earlier this year, we did discover that a fake Microsoft domain had been established as the landing page for phishing attacks,” said Tom Burt, Microsoft’s vice president for security and trust. “And we saw metadata that suggested those phishing attacks were being directed at three candidates who are all standing for election in the midterm elections.”
At the time, the company declined to say whether the hackers had been identified as Russians or as associated with the Kremlin, although that must have been the suspicion of many.
But by last Friday, CNN was reporting that it was indeed “Russian intelligence operatives” who tried to hack “the online accounts of staffers on three congressional campaigns.”
Apparently the staffers didn’t bite on what looked to be a standard phishing attempt — didn’t, that is, click on any links in emails they were suspicious of, just as you’ve warned your grandmother not to do.
The Russian connection was spilled seemingly by accident by a top Department of Homeland Security official talking to a CNN reporter: “We haven’t seen a campaign on the scale of 2016 of concerted attacks against election infrastructure, concerted attacks against campaigns. Yes, Microsoft made an announcement yesterday about three Russian — about three campaigns being targeted. That is concerning and so we’re going to work with them, we’re going to get that information, the FBI’s worked with them to share information to shore up defenses,” said Christopher Krebs, a department undersecretary.
The operatives from the Russian intelligence agency known as the GRU, whose cyber operation aimed at disrupting the 2016 presidential election was known as Fancy Bear, are certainly tech-savvy — up to a point. Where they often slip up is in the language they use in attempts to feed American voters misinformation or simply sow confusion with social media postings. The word choices and syntax often sound straight from the Google translate application — understandable, but not crafted by a native speaker. So if you’re seeking to avoid foreign propaganda as you make your election choices, flagging bad writing can’t hurt.
But we should never believe that entirely new hacks aren’t being concocted by those who would interfere with our democracy. Propaganda is one thing, and it can be destabilizing. But the real worry continues to be actual cyber-manipulation of votes. Since hacking will always be possible, we will continue to demand old-fashioned paper ballots, probably forever.