Microsoft Corporation said that hackers linked to Russia’s government sought to launch cyber-attacks on the US Senate and conservative American think tanks, warning that Moscow is broadening attacks ahead of November’s congressional elections.
The world’s biggest software company said late on Monday that last week it took control of six Web domains that hackers had created to mimic websites belonging to the Senate and the think tanks.
Such fake sites can be used by hackers to try and trick users into giving up their login details, which would then give the attackers access to confidential systems and files.
The domain takedowns are the latest in a string of actions by Microsoft to thwart what it says are hacking attempts by a Russian-backed group known as APT28 (also known as Fancy Bear).
The company said it has shut down 84 fake websites in 12 court-approved actions over the past two years.
“We’re concerned that these and other attempts pose security threats to a broadening array of groups connected with both American political parties in the run-up to the 2018 elections,” Microsoft president Brad Smith said in a blog post.
Microsoft said it had no evidence that the hackers had succeeded in compromising any user credentials before it took control of the malicious sites or whether any data was stolen.
The Kremlin rejected the Microsoft allegations and said there was no evidence to support them.
“We don’t know what hackers they are talking about,” Kremlin spokesman Dmitry Peskov told reporters. “Who exactly are they talking about? We don’t understand what the proof and the basis is for them drawing these kind of conclusions. Such information (proof) is lacking.”
Moscow has repeatedly dismissed allegations that it has used hackers to influence US elections and political opinion.
The targets, Microsoft said, included the International Republican Institute, whose high-profile Republican board members include Senator John McCain of Arizona, who has criticised US President Donald Trump’s interactions with Russia and Moscow’s human rights record.
The Hudson Institute, another target, has hosted discussions on topics including cyber-security, according to Microsoft.
It has also examined the global rise of kleptocracy, citing Russia as an example.
Other malicious domains were used to mimic legitimate sites used by the US Senate and Microsoft’s Office software suite, the company said.
Microsoft’s report came amid increasing tensions between Moscow and Washington over alleged election-meddling.
A US federal grand jury indicted 12 Russian intelligence officers in July on charges of hacking Democratic Party computer networks in an attempt to sway the 2016 US presidential election, and some US officials have said that Moscow could try to interfere in the US mid-term elections in November.
Three US intelligence officials, speaking on the condition of anonymity, said that the Russian hacking into traditional Republican policy organisations is neither new nor confined to Russia.
Others including China and Iran, have attempted to penetrate the websites and communications of political and other groups across what one of the officials described as “the entire political spectrum from far-left to far-right”.
One cyber-security researcher said there was no evidence to link this latest activity directly to election interference.
“APT28 has targeted political entities for around a decade, as have other actors, including other Russian actors. This activity today looks like run-of-the-mill spying. So far nothing special,” said Thomas Rid, professor of strategic studies at John Hopkins School of Advanced International Studies (SAIS).
“The interesting question is if stolen information surfaces publicly or not,” he said. “For the moment I sit and wait.
“What’s interesting is not hacking and trolling, but leaking and forging.”
Microsoft president Brad Smith: These attempts pose security threats ... to groups connected with both American political parties in the run-up to the 2018 elections.
