This article was originally published by Radio Free Europe/Radio Liberty and is reprinted with permission.
Microsoft says it has uncovered new Russian hacking attempts to target U.S. political groups ahead of the U.S. midterm elections in November.
The company said a hacking group linked to Russia’s government had created fake Internet domains in order to mimic the websites of two conservative Washington-based think tanks that have been critical of the Kremlin — the Hudson Institute and the International Republican Institute.
It said the Russian hackers also created three fake domains designed to look as if they belonged to the U.S. Senate.
Microsoft calls the hacking group Strontium. Others call it Fancy Bear or APT28.
An indictment from U.S. Special Counsel Robert Mueller has tied the hackers to Russian’s main intelligence agency, known as the GRU, and to the 2016 e-mail hacking of both the Democratic National Committee and Hillary Clinton’s presidential election campaign.
Kremlin spokesman Dmitry Peskov denied that the Russian government played a role in the incidents or had links to the hackers.
“We do not know what influence these alleged actions will have on future elections,” Peskov told journalists in Moscow on August 21. “We do not know what hackers they are talking about, how they influenced elections, or what those conclusions were based on.”
Known as a “spear-phishing” attack, the fake websites noted by Microsoft attempt to persuade target victims to click on links that expose them to computer infiltration, hidden surveillance, and data theft.
Microsoft’s president and chief legal officer, Brad Smith, said there was no sign the hackers successfully infiltrated either conservative think tank.
Both groups said they try to be vigilant about “spear-phishing” attacks because their global pro-democracy work often angers authoritarian governments.
The International Republican Institute is led by a board that includes six Republican senators, as well as prominent Russia critic Mitt Romney, who is running for a U.S. Senate seat in Utah this autumn.
Microsoft’s latest announcement on Russian hackers comes less than a month after a similar discovery by Microsoft led U.S. Senator Claire McCaskill, a Missouri Democrat running for reelection in November, to announce that Russian hackers tried unsuccessfully to break into her Senate computer network.
Microsoft has been waging a legal battle with Strontium since bringing a lawsuit in a U.S. federal court in the summer of 2016.
With court approval allowing it to seize certain fake domains, Microsoft has used the courts to shut down 84 fake websites created by the Russian hackers — including the most recently announced websites.
Microsoft has argued in court that by setting up fake but realistic-looking domains, the hackers misuse Microsoft trademarks and services to hack into targeted computer networks, install malware, and steal sensitive e-mails and other data.
Smith said on August 21 that Microsoft was now offering free cybersecurity protection to all U.S. political candidates, campaigns, and political organizations that use Microsoft software.
