The hackers used spear fishing to target the website of the Hudson Institute, that of the International Republican Institute and Microsoft’s Office 365 website.
In a momentous development, Microsoft Corp disclosed, it has recently thwarted cyber attacks by hackers associated with the Russian government. The hackers were attempting to steal user information from groups that advocate cybersecurity and promote democracy.
Microsoft’s digital crimes unit (DCU) action was backed by a court order which saw it block attempts to disrupt and transfer control of 6 internet domains by a group known as Strontium, aka Fancy Bear or APT28.
In a blog post made late at night, Microsoft stated, the group is associated with the Russian government.
“We’re concerned that these and other attempts pose security threats to a broadening array of groups connected with both American political parties in the run-up to the 2018 elections,” said Microsoft.
Microsoft’s disclosure comes at a time of heightened cyber-tensions between Washington and Moscow. There has also been great concerns regarding security ahead of the 2018 mid-term elections in the United States.
Earlier in July 2018, a federal grand jury in the U.S. indicted twelve Russian intelligence officers on charges of hacking the computer networks of 2016 Democratic presidential candidate Hillary Clinton and the Democratic Party.
Special Counsel Robert Mueller is investigating Russia’s role in the 2016 U.S. Presidential elections and whether the campaign of Republican candidate Donald Trump colluded with Moscow.
The hackers created websites mimicking three U.S. Senate websites, which includes the websites of the Hudson Institute, that of the International Republican Institute and Microsoft’s Office 365 website.
The International Republican Institute promotes democratic principals around the globe and has a board of directors that includes six Republican senators and a senatorial candidate.
According to Microsoft, the Hudson Institute has hosted discussions on a range of topics including cybersecurity. As per a New York Times report, it has also examined the rise of kleptocracy in Russia and has been critical of the Russian government.
“They are pursuing attacks that they perceive in their own national self-interest,” said Eric Rosenbach, the director of the Defending Digital Democracy project at Harvard University. “It’s about disrupting and diminishing any group that challenges how Putin’s Russia is operating at home and around the world.”
The hackers used a type of attack known as “spear fishing,”. In this type of attack, attackers create URLs and websites that closely resemble the original sites in order to fool the victims into giving up their login credentials.
“To be clear, we currently have no evidence these domains were used in any successful attacks before the DCU transferred control of them, nor do we have evidence to indicate the identity of the ultimate targets of any planned attack involving these domains,” said Microsoft on the blog.