Microsoft Corp. announced that it identified and took action against recent Russian hacking attempts ahead of the upcoming 2018 midterm elections.
The attacks seemed to be focused on conservative think tanks which have been critical of Russian activities, including the International Republican Institute (which counts Sen. John McCain as a member) and the Hudson Institute, which has raised concerns about kleptocracy in Russia and cybersecurity.
Microsoft has publicly stated that the hackers were using spearphishing attacks that mimicked existing websites and attempted to gain access to user credentials by sending emails to targets that required them to enter their user credentials. The activities were attributed to the Russian-backed hacking group known as Fancy Bear. Six domains linked to the attack were taken down following a US court order, including “senate.group,” “adfs-senate.email,” and “my-iri.org.”
“[W]e currently have no evidence these domains were used in any successful attacks before the DCU transferred control of them, nor do we have evidence to indicate the identity of the ultimate targets of any planned attack involving these domains,” wrote Microsoft president Brad Smith in a blog post.
“Obviously, we can't speak for what exactly was intended, but I think we can conclude that it wasn't for the advancement of American democracy,” Smith said in a later interview with NPR.