Also: How it all fits in with a larger campaign to influence elections.
Microsoft said Monday that it had identified yet another attempt to hack political organizations, and that the attack came from what it suspects is a group of professional hackers working for the Russian government. The tech giant spotted and neutralized websites that were attempting to impersonate the sites of conservative think tanks.
If this all sounds familiar, that’s because Microsoft recently stopped similar attempts to collect login information from staffers of Democrats running for office, including someone working for Missouri Sen. Claire McCaskill. It’s all part of what US intelligence officials and cybersecurity experts say is an ongoing attempt to influence US elections by hacking politicians and sparking discord online.
Here’re answers to your questions about Microsoft’s efforts to stop the fake sites, as well as how these attempts fit into the big picture when it comes to election hacking.
Microsoft is in a unique position to tackle hacking attempts like these. That’s because its services are the backbone of many workplace email systems, so spoof websites impersonate the company. Microsoft keeps an eye out for web domains it doesn’t control that pose as Microsoft login or password-reset pages. Such domains are a clear sign hackers are trying to fool web users into handing over their usernames and passwords, which the hackers can then use to steal emails and documents.
That’s similar to what happened in 2016 to John Podesta, then head of Hillary Clinton’s presidential campaign. Podesta was using Gmail and reportedly received an email prompting him to enter his username and password. He did, and hackers made off with a collection of his emails, which were later made public.
Microsoft is using the court system to take control of spoof websites bearing the Microsoft name. That takes the tools out of the hands of hackers, making it so they can’t use them to steal usernames and passwords or launch any other kind of hacking attack.
This time, the hacks targeted the International Republican Institute and the Hudson Institute, both of which count Republican senators among their members, as well as three websites affiliated with the Senate.
The International Republican Institute’s mission is focused on building democracy abroad, and the Hudson Institute fosters conversations on national security and foreign policy.
“We can only assume that this attack was intended to gather information about, and compromise or otherwise disrupt, Hudson’s longstanding democracy-promotion programs, and in particular, our initiatives to expose the activities of foreign kleptocratic regimes,” the Hudson Institute said in a statement Tuesday.
The International Republican Institute pointed to the threat of hacking attempts from foreign regimes.
“Cyberattacks have become one of the preferred tools of authoritarians around the world to harass and undermine independent organizations and democratic governments,” the organization’s president, Daniel Twining, said in a statement Tuesday.
The company isn’t finding a hack every day, but it’s taken down a lot of spoof sites.
“We have now used this approach 12 times in two years to shut down 84 fake websites associated with this group,” Microsoft President Brad Smith wrote in a blog post published Monday that details the new hacking effort.
All these hacking attempts use the same set of strategies Russians allegedly used in 2016 to sow chaos in the lead-up to the US presidential election.
The 2016 hackers, who US agencies said were under direct orders from Russian president Vladimir Putin, made stolen information public. Other hacking campaigns focused on probing voter registration databases and elections websites for vulnerabilities.
So far in 2018, large troves of emails haven’t been made public, and cybersecurity experts and law enforcement officials haven’t identified any successful hacking attacks.
Beyond hacking, Russians at the Internet Research Agency allegedly ran misinformation and influence campaigns on social media platforms including Facebook, Twitter, YouTube and Reddit in 2016.
Many of those activities appear to continue today, and Facebook announced earlier this month that it had identified and taken down 32 accounts, pages and events affiliated with a coordinated campaign to influence the platform’s users.
Cambridge Analytica: Everything you need to know about Facebook’s data mining scandal.
Taking It to Extremes: Mix insane situations — erupting volcanoes, nuclear meltdowns, 30-foot waves — with everyday tech. Here’s what happens.
