SEVERE WX : Flood Warning View Alerts
STREAMING NOW: Watch Now

Russian hackers targeted US Senate and think tanks, says Microsoft

Governments are struggling to deter cyberattacks, which can be launched by anyone, anywhere in the world, explains Steven Ranger, UK Editor-in-Chief for Tech Republic.

Posted: Aug 21, 2018 9:21 PM
Updated: Aug 21, 2018 9:27 PM

Parts of an operation linked to Russian military intelligence targeting the US Senate and conservative think tanks that advocated for tougher policies against Russia were thwarted last week, Microsoft announced early Tuesday.

The disclosure, coming less than three months ahead of the 2018 midterms, demonstrates new ways in which Russia is attempting to destabilize US institutions. The news also places additional pressure on President Donald Trump to take action, even though he downplayed Russia's involvement as recently as Monday.

In its announcement, Microsoft said it executed a court order giving it control of six websites created by a group known as Fancy Bear. The group was behind the 2016 hack of the Democratic National Committee and directed by the GRU, the Russian military intelligence unit, according to cybersecurity firms.

The websites could have been used to launch cyberattacks on candidates and other political groups ahead of November's elections, the company said.

Microsoft said the domains were "associated with the Russian government and known as Strontium, or alternatively Fancy Bear or APT28." The company said it has no evidence that the domains were used in successful attacks but that it was working with the potential target organizations.

Microsoft argued in court that the domains were posing as some of its company's services.

"Attackers want their attacks to look as realistic as possible and they therefore create websites and URLs that look like sites their targeted victims would expect to receive email from or visit," Microsoft President Brad Smith said in a blog posted to the company's website on Monday night.

Although the websites could be used to trick members of the Senate and think tanks, they also could have been used to dupe other people or entities that interact with them.

Think tanks have criticized Russia

Hackers could have used the domains to send emails to Senate staffers or people working for the Hudson Institute or the International Republican Institute in an attempt to trick them into handing over information, like their passwords.

This form of attack, known as spearphishing, was successfully used to target Hillary Clinton's campaign chairman John Podesta in 2016. Missouri Democratic Sen. Claire McCaskill's staff was similarly targeted by a Russian group last year. McCaskill has said the attempt was unsuccessful, and Microsoft took control of the domain that targeted her staff via a court order in Virginia earlier this year.

Among the websites for which a judge in the Eastern District of Virginia granted Microsoft control were those with domain names designed to resemble sites used by congressional staff. They include "senate.group" and "adfs-senate.email."

Other domains were designed to look like they were related to the Hudson Institute, a conservative think tank, and the International Republican Institute, whose board includes six serving senators, former Massachusetts Gov. Mitt Romney and Gen. H.R. McMaster.

Both think tanks have been critical of Russia.

The Hudson Institute runs the Kleptocracy Initiative, which has an advisory council with several Russia experts and focuses on revealing how "financial secrecy fuels globalized corruption and threats to democracy" and frequently scrutinizes on the Kremlin.

The International Republican Institute has been working to promote democracy since the 1980s and receives funding through the US State Department, US Agency for International Development and the National Endowment for Democracy. IRI has also been critical of Russia, and the Russian Federation labeled the group an "undesirable organization" in 2016.

The institute's board of directors includes several Republicans in Congress. Arizona Sen. John McCain led the board earlier this year and Alaska Sen. Dan Sullivan took over for McCain. Both have been critical of Trump.

Kremlin denies involvement

The Kremlin on Tuesday denied any knowledge of attempts to interfere in US elections.

"Our reaction has already become traditional: we don't know which hackers they are talking about, we don't know what is meant about the impact on elections," Kremlin spokesman Dmitry Peskov said in response to a CNN question. "From the US, we hear that there was not any meddling in the elections. Whom exactly they are talking about, what is the proof, and on what grounds are they reaching such conclusions?"

He added, "We don't understand, and there is no information, so we treat such allegations accordingly."

In an interview with Reuters on Monday, Trump -- who has openly and repeatedly questioned US intelligence findings that Russia interfered in the 2016 election with the goal of harming Hillary Clinton's campaign to aid his bid -- blamed special counsel Robert Mueller's investigation into the matter for undermining his efforts to improve relations with Moscow.

Mueller's investigation has "played right into the Russians -- if it was Russia -- they played right into the Russians' hands," the President said.

Recent attacks

The news comes less than a week after it emerged that two Democratic congressional primary candidates were hacked earlier this year.

The campaigns of Dr. Hans Keirstead and David Min, both of whom lost in California's June primaries, were breached, but the groups responsible for the attacks have not been made public and may not be known.

Microsoft said Monday that, in light of the ongoing threats to political groups in the US, it was launching a specialized cybersecurity protection service called AccountGuard.

The company says it will offer the service to all candidates and campaign officials, as well as think tanks and political organizations that use Microsoft Office 365, at no additional cost.

The initiative is part of Microsoft's Defending Democracy Program, which it launched in April. The company said it plans to roll out AccountGuard in other parts of the world.

This story has been updated with additional context about the Russians' attempted interference.

Lafayette
Clear
47° wxIcon
Hi: 60° Lo: 35°
Feels Like: 44°
Kokomo
Clear
41° wxIcon
Hi: 56° Lo: 34°
Feels Like: 36°
Rensselaer
Clear
36° wxIcon
Hi: 58° Lo: 33°
Feels Like: 31°
Lafayette
Clear
47° wxIcon
Hi: 58° Lo: 33°
Feels Like: 44°
Danville
Clear
43° wxIcon
Hi: 59° Lo: 34°
Feels Like: 38°
Frankfort
Clear
43° wxIcon
Hi: 58° Lo: 33°
Feels Like: 37°
Frankfort
Partly Cloudy
43° wxIcon
Hi: 57° Lo: 33°
Feels Like: 37°
Monticello
Clear
39° wxIcon
Hi: 59° Lo: 34°
Feels Like: 34°
Monticello
Clear
39° wxIcon
Hi: 60° Lo: 33°
Feels Like: 34°
Logansport
Clear
36° wxIcon
Hi: 58° Lo: 33°
Feels Like: 36°
Warmer, wetter, stormy pattern ahead.
WLFI Radar
WLFI Temps
WLFI Planner

Indiana Coronavirus Cases

Data is updated nightly.

Cases: 662750

Reported Deaths: 12623
CountyCasesDeaths
Marion907691647
Lake48461880
Allen35897638
Hamilton32121398
St. Joseph30032513
Elkhart25403417
Vanderburgh21261379
Tippecanoe20050203
Johnson16362360
Porter15987270
Hendricks15835300
Clark11976181
Madison11756319
Vigo11625230
Monroe10343163
Delaware9842179
LaPorte9778197
Howard9059198
Kosciusko8567111
Bartholomew7464147
Warrick7422151
Hancock7409132
Floyd7217170
Wayne6640192
Grant6432157
Boone610088
Morgan6096125
Dubois5916111
Dearborn548368
Cass545099
Marshall5427104
Henry542593
Noble509778
Jackson465067
Shelby460790
Lawrence4186113
Gibson401381
Harrison400464
Clinton396153
Montgomery387283
DeKalb385878
Miami357563
Knox357485
Whitley349537
Huntington345777
Steuben338855
Wabash331876
Putnam330559
Ripley327162
Adams323549
Jasper316643
White297352
Jefferson295074
Daviess285496
Fayette271956
Decatur270988
Greene261580
Posey261231
Wells258375
Scott250850
Clay241644
LaGrange240970
Randolph225476
Spencer218030
Jennings215344
Washington211627
Sullivan203339
Fountain201642
Starke188251
Owen182353
Fulton179037
Jay177928
Carroll176518
Perry173235
Orange171250
Rush165122
Vermillion160842
Franklin159435
Tipton146741
Parke139316
Pike127832
Blackford120627
Pulaski106644
Newton96532
Brown95139
Benton92213
Crawford90713
Martin80114
Warren75814
Switzerland7548
Union67210
Ohio53711
Unassigned0431

COVID-19 Important links and resources

As the spread of COVID-19, or as it's more commonly known as the coronavirus continues, this page will serve as your one-stop for the resources you need to stay informed and to keep you and your family safe. CLICK HERE

Closings related to the prevention of the COVID-19 can be found on our Closings page.

Community Events