Microsoft uncovers Russian hacking ahead of midterms
Group tied to Moscow responsible for creating fake sites, company says
Microsoft has uncovered new Russian hacking efforts targeting U.S. political groups ahead of the midterm elections.
The company said Tuesday that a group tied to the Russian government created fake websites that appeared to spoof two American conservative organizations: the Hudson Institute and the International Republi- can Institute. Three other fake sites were designed to look as if they belonged to the Senate.
Microsoft didn’t offer any further description of the fake sites, although it has previously outlined in court filings how this hacking group operated a network of fake sites designed to trick victims into installing malicious software.
Russian officials dismissed the company’s claims as unfounded. Kremlin spokesman Dmitry Peskov cited the lack of detail on the hack, and said it wasn’t clear “who the hackers in question are” and how they could distort the U.S. electoral system.
The revelation of new hacking efforts arrives just weeks after a similar Microsoft discovery led Sen. Claire McCaskill, a Missouri Democrat who is running for re-election, to reveal that Russian hackers tried unsuccessfully to infiltrate her Senate computer network.
The hacking attempts mirror similar Russian attacks ahead of the 2016 election, which U.S. intelligence officials have said were focused on helping to elect Republican Donald Trump to the presidency by hurting his opponent, Hillary Clinton.
This time, more than helping one political party over another, “this activity is most fundamentally focused on disrupting democracy,” Brad Smith, Microsoft’s president and chief legal officer, said this week.
Smith said there is no sign the hackers were successful in persuading anyone to click on the fake websites, which could have exposed a target victim to computer infiltration, hidden surveillance and data theft.
Microsoft calls the hacking group Strontium; others call it Fancy Bear or APT28. An indictment from U.S. special counsel Robert Mueller has tied it to Russian’s main intelligence agency, known as the GRU, and to the 2016 email hacking of the Democratic National Committee and the Clinton campaign. “We have no doubt in our minds” who is responsible, Smith said.
Smith also announced Tuesday the company is offering free cybersecurity protection to all U.S. political candidates, campaigns and other political organizations, at least so long as they’re already using Microsoft’s Office 365 productivity software.