Hackers with links to Russian intelligence are continuing to conduct covert cyberattacks on U.S. political targets and are putting democracy at risk, Microsoft has said.
The company revealed in a report this week that it had successfully gleaned new insights from six internet domains seized from the unit widely-known as APT28, or Fancy Bear.
New evidence suggested that the group—which is known to Microsoft as Strontium—was posing as at least two conservative think tanks which have been critical of Russia. These included the International Republican Institute (IRI) and the Hudson Institute. The primary aim—much like 2016’s presidential election meddling—was seemingly to steal passwords and private data.
The internet domains—which also imitated the U.S. Senate—indicated the hacking group’s targets have broadened, Microsoft president Brad Smith wrote in a blog post Monday. He noted the culprits were “likely to continue” clandestine operations as the November midterm elections approach. “It’s clear that democracies around the world are under attack,” Smith stated.
U.S. President Donald Trump and Russian President Vladimir Putin arrive for a meeting in Helsinki, on July 16. BRENDAN SMIALOWSKI/AFP/Getty Images
Microsoft said it had “no evidence” to suggest the domains were used in successful cyberattacks but was nevertheless concerned by activity against elected officials and think tanks.
The firm said it has notified the targeted organizations and had worked with Senate staff for months to bulk up cybersecurity and monitor potential threats. The IRI and the Hudson Institute did not immediately respond to a request for comment.
“We can only keep our democratic societies secure if candidates can run campaigns and voters can go to the polls untainted by foreign cyberattacks,” Smith wrote in the Microsoft blog post. The technology company, which is working within the U.S. court system to seize domains linked to the hackers, said it has shut down a total of 84 fake websites associated with the group.
One of the seized domains was caught posing as Microsoft’s OneDrive service.
As noted by The New York Times, board members of the IRI have been critical of U.S. president Donald Trump’s meetings with his Russian counterpart, Vladimir Putin. The Hudson Institute, meanwhile, has pushed out analysis of government abuse of power, including within Russia.
According to the The Times, the groups argue for increased sanctions against Moscow. The hackers’ websites typically mirror legitimate versions, but pilfer any user details entered.
Russian President Vladimir Putin attends a joint news conference with Japanese Prime Minister Shinzo Abe following their meeting at the Kremlin in Moscow on May 26. GRIGORY DUKOR/AFP/Getty Images
U.S. intelligence has said the hacking group is working to sow political division in America. In 2016, an unprecedented campaign leaked emails, spread propaganda and abused social media. An organization called the Internet Research Agency allegedly spearheaded much of the work. A dozen Russian intelligence officials were recently indicted by the U.S. for hacking a U.S. entity.
In July, Microsoft discovered evidence that staffers of three candidates standing in the 2018 midterms had been the target of the Strontium hacking unit. It was later confirmed that one of the individuals was Democrat Claire McCaskill, who had previously been criticized by Trump.
In the wake of the news, McCaskill branded Putin a “thug and a bully.”
While attribution in cybersecurity remains difficult, the majority of evidence gathered by researchers suggests that close links exist between the Russian state and the hackers’ work.
FireEye, one U.S.-based cybersecurity company, concluded in a report released last year that its operations were “consistent with government sponsorship and control.” It said: “APT28 closely integrated its cyberattacks into broader propaganda efforts of benefit to a nation-state actor.”
- Russians targeted Senate and conservative think tanks, Microsoft says
- U.K., U.S. and Canada report Russian cyberspies may be trying to steal vaccine research
- The Hill's Morning Report — Presented by Argentum — US mask debate intensifies
- Russia Says No Need to Steal Western Coronavirus Research
- Russia's UK ambassador rejects coronavirus vaccine hacking allegations
- Russia says it ‘has not and will never interfere in internal affairs’ after accusations of meddling in UK election
Democracy ‘Under Attack’ as Russian Hackers Target Conservative Groups have 730 words, post on www.newsweek.com at August 21, 2018. This is cached page on Talk Vietnam. If you want remove this page, please contact us.