THE STORIES BEHIND THE HEADLINES

Abu Dhabi

London

New York

Sat, 25 Jan 2020 19:55 GMT

Microsoft Uncovers More ‘Phishy’ Russian Websites

Politics

7Dnews London

Tue, 21 Aug 2018 09:20 GMT

Microsoft has revealed the discovery of more Russian hacking attempts, which have targeted US political groups.

In a statement on Tuesday, the software giant revealed that this time the hacking appeared to focus more on two American conservative organisations in the run up to the midterm elections due to take place in the US. 

A hacking group, with alleged ties to the Russian government, apparently created fake internet domains that spoofed the Hudson Institute and the International Republican Institute. Microsoft also found three additional websites that were designed to look like they belonged to the US Senate. 

Microsoft has not provided any further description of the fake websites. 

The latest discovery comes just weeks after Microsoft made a similar discovery. In this instance, the revelation led to Senator Claire McCaskill revealing that Russian hackers apparently tried, unsuccessfully, to infiltrate her Senate computer network. McCaskill is a Missouri Democrat running for re-election. 

The hacking attempts mirror similar Russian attacks that took place ahead of the 2016 election. Some US intelligence officials are of the opinion that these hacking attempts were focused on helping to get Republican Donald Trump elected to the presidency. The attacks centred on producing potentially harmful information on his Democratic opponent, Hillary Clinton. 

This time, it would seem the attacks were not focussed on assisting any particular political party. "This activity is most fundamentally focused on disrupting democracy," said Brad Smith, Microsoft's president and chief legal officer. 

Smith said there is no evidence to suggest the hackers were successful in persuading anyone to click on the fake websites. The websites were designed to expose a target to computer infiltration, hidden surveillance, and data theft.  

In response, both conservative think-tanks said they have tried to be vigilant with regards to "spear-phishing" email attacks. The organisations said they have increased their vigilance because their global pro-democracy work has often drawn the ire of authoritarian governments.

"We're glad that our work is attracting the attention of bad actors," said Hudson Institute spokesman David Tell. "It means we're having an effect, presumably." 

The International Republican Institute is led by a board of six Republican senators. Included in this group is one prominent Russia critic and Senate hopeful, Mitt Romney, who is running for a Utah seat this autumn. 

Microsoft has named the hacking group Strontium, while others call the group Fancy Bear or APT28.  

An indictment from US special counsel Robert Mueller has revealed that the group has ties to Russian's main intelligence agency, known as the GRU. The group has also been linked to the 2016 email hacking of both the Democratic National Committee and the Clinton campaign. 

"We have no doubt in our minds" who is responsible, Smith said.

Microsoft has been engaged in a legal battle with Strontium ever since suing it in a Virginia federal court in the summer of 2016. Microsoft obtained court approval last year that allowed it to seize certain fake domains created by the group. So far, through working with the courts, Microsoft has managed to shut down some 84 fake websites created by the group. This tally includes the six announced on Tuesday. 

According to AP, Microsoft contended in court proceedings that by setting up fake but realistic-looking domains, the hackers were misusing Microsoft trademarks and services. The purpose of this misuse was to hack into targeted computer networks, install malware and steal sensitive emails and other data. 

Smith also announced on Tuesday that the company is offering free cyber-security protection to all US political candidates, campaigns and other political organisations, provided that they already use certain Microsoft software. Facebook and Google have also promoted similar tools to combat campaign interference. 


US & Canada Russia