Microsoft: Russian Military Intel Tried to Hack Senate, Conservative Think Tank Websites
Microsoft Corp. announced on Tuesday morning that Russian intelligence personnel recently tried to hack and steal data from conservative American political organizations.
Brad Smith, president of the software company, posted an online notice that they executed a court order to shut down six websites created by Fancy Bear. Multiple cybersecurity firms previously identified Fancy Bear as the hacker collective responsible for the Russia-directed breach of the Democratic National Committee in 2016.
The websites Microsoft took control of were designed to impersonate think tanks like the International Republican Institute and the Hudson Institute. Other domains mimicked the U.S. Senate’s offices and service website, and another one tried to pass itself off as an software service for Microsoft Office.
“Attackers want their attacks to look as realistic as possible and they therefore create websites and URLs that look like sites their targeted victims would expect to receive email from or visit,” Smith wrote. “We’re concerned that these and other attempts pose security threats to a broadening array of groups connected with both American political parties in the run-up to the 2018 elections.”
Judging by the networking architecture of the websites that were shut down, they were most likely part of a “spear phishing” operation that would’ve allowed hackers to steal login information for anyone using their sites. By mimicking webpages used by congressional staff, hackers might’ve also been able to fool senate staffers into handing over passwords and other kinds of sensitive information ahead of the midterm elections.
BBC heard from a Russian diplomatic source who denied any connection between these fake websites and their military intelligence.
“Microsoft is playing political games,” the source said. “The (mid-term U.S.) elections have not happened yet, but there are already allegations.”
[Image via screengrab]
— —
