Microsoft says Russian hackers are behind fake US political sites

In previous court filings, Microsoft outlined how a network of fake sites are designed to trick victims into installing malicious software. Ahead of midterm elections, five sites spoofing US conservative groups and the Senate have been uncovered and shutdown.

Jeff Chiu/AP/File
A man walks past a Microsoft sign set up for the Microsoft BUILD conference at Moscone Center in San Francisco. Microsoft has uncovered new hacking attempts by Russia targeting US political groups ahead of the midterm elections. Fake websites that appeared to spoof two American conservative organizations and the US Senate tricked user into installing malicious software.

Microsoft has uncovered new Russian hacking efforts targeting US political groups ahead of the midterm elections.

The company said Tuesday that a group tied to the Russian government created fake websites that appeared to spoof two American conservative organizations: the Hudson Institute and the International Republican Institute. Three other fake sites were designed to look as if they belonged to the US Senate.

Microsoft didn't offer any further description of the fake sites, although it has previously outlined in court filings how this hacking group operated a network of fake sites designed to trick victims into installing malicious software.

Russian officials dismissed the company's claims as unfounded. Kremlin spokesman Dmitry Peskov cited the lack of detail on the hack, and said it wasn't clear "who the hackers in question are" and how they could distort the US electoral system.

The revelation of new hacking efforts arrives just weeks after a similar Microsoft discovery led Sen. Claire McCaskill, a Missouri Democrat who is running for reelection, to reveal that Russian hackers tried unsuccessfully to infiltrate her Senate computer network.

The hacking attempts mirror similar Russian attacks ahead of the 2016 election, which US intelligence officials have said were focused on helping to elect Republican Donald Trump to the presidency by hurting his Democratic opponent, Hillary Clinton.

This time, more than helping one political party over another, "this activity is most fundamentally focused on disrupting democracy," Brad Smith, Microsoft's president and chief legal officer, said in an interview this week.

Mr. Smith said there is no sign the hackers were successful in persuading anyone to click on the fake websites, which could have exposed a target victim to computer infiltration, hidden surveillance, and data theft. Both conservative think tanks said they have tried to be vigilant about "spear-phishing" email attacks because their global pro-democracy work has frequently drawn the ire of authoritarian governments.

"We're glad that our work is attracting the attention of bad actors," said Hudson Institute spokesman David Tell. "It means we're having an effect, presumably."

The International Republican Institute is led by a board that includes six Republican senators, and one prominent Russia critic and Senate hopeful, Mitt Romney, who is running for a Utah seat this fall.

The group's president, Daniel Twining, said in a statement that the apparent hacking is "consistent with the campaign of meddling that the Kremlin has waged against organizations that support democracy and human rights."

"It is clearly designed to sow confusion, conflict and fear among those who criticize [Vladimir] Putin's authoritarian regime," Mr. Twining wrote.

Microsoft calls the hacking group Strontium; others call it Fancy Bear or APT28. An indictment from US special counsel Robert Mueller has tied it to Russian's main intelligence agency, known as the GRU, and to the 2016 email hacking of both the Democratic National Committee and the Clinton campaign.

"We have no doubt in our minds" who is responsible, Smith said.

Microsoft has waged a legal battle with Strontium since suing it in a Virginia federal court in summer 2016. The company obtained court approval last year allowing it to seize certain fake domains created by the group. It has so far used the courts to shut down 84 fake websites created by the group, including the most recent six announced Tuesday.

Microsoft has argued in court that by setting up fake but realistic-looking domains, the hackers were misusing Microsoft trademarks and services to hack into targeted computer networks, install malware, and steal sensitive emails and other data.

Smith also announced Tuesday that the company is offering free cybersecurity protection to all US political candidates, campaigns, and other political organizations, at least so long as they're already using Microsoft's Office 365 productivity software. Facebook and Google have also promoted similar tools to combat campaign interference.

This story was reported by The Associated Press.

You've read  of  free articles. Subscribe to continue.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.