Microsoft has once again thwarted the efforts of Russian hackers ahead of the 2018 midterm elections in the United States in November. Through its Digital Crimes Unit (DCU), Microsoft was able to take down six malicious websites targeting political candidates, politicians, and think tanks. DCU traced the spearphishing campaign back to a group called Fancy Bear; the group is widely believed to have strong ties to Russia’s military.
For its spearphishing campaign, Fancy Bear created fake websites with similar domains to notable organizations, like the International Republican Institute and the Hudson Institute. The former counts high-profile Republicans in its leadership, including Senator John McCain and Governor Mitt Romney along with one Senate candidate, while the latter hosts talks on cybersecurity. Both organizations have been critical of Donald Trump and Russia in the past.
“Microsoft has notified both nonprofit organizations,” Microsoft wrote in a blog post. “Both have responded quickly, and Microsoft will continue to work closely with them and other targeted organizations on countering cybersecurity threats to their systems. We’ve also been monitoring and addressing domain activity with Senate IT staff the past several months, following prior attacks we detected on the staffs of two current senators.” The company said that there is no evidence that a successful attack was conducted, however.
This latest effort to stop Russian meddling in U.S. elections follows Microsoft’s announcement in July that it had stopped a group tied to Russia’s intelligence agency of using a phishing campaign to target three political candidates ahead of the midterm elections.
“It’s clear that democracies around the world are under attack,” Microsoft said, highlighting that cyberattacks are on the rise, especially when the attacks could be used to influence elections. “Foreign entities are launching cyber strikes to disrupt elections and sow discord.”
Microsoft claims that its DCU has taken down 84 fake websites over the past two years and that more work is needed. “An effective response will require even more work to bring people and expertise together from across governments, political parties, campaigns and the tech sector,” the company said.
As part of its efforts to combat election meddling, Microsoft launched a new AccountGuard service, which will be available at no cost to candidates running for federal, state, or local office. To take advantage of AccountGuard, political candidates must have use Office 365 for their campaign, and the service provides threat notification across accounts, security guidance, and the opportunity to trial new security features. Microsoft said that these features are “on a par with the services offered to our large corporate and account customers.”
Microsoft has been demonstrating that it wants to be an upstanding corporate citizen, and AccountGuard follows recent Microsoft initiatives like the Cybersecurity Tech Accord and its work on creating ethical artificial intelligence systems.
