Microsoft claims it has identified and stopped a number of Russian cyberattacks just last week. In a post published on Monday (August 20), Brad Smith wrote that “Microsoft’s Digital Crimes Unit (DCU) successfully executed a court order to disrupt and transfer control of six internet domains created by a group widely associated with the Russian government and known as Strontium.”
Not only are the attacks notable because of Strontium’s links with the Russian government, but also because of the institutions these ‘fake’ domains were targeting. One of the domaisn is believed to mimic International Republican Institute, while another is supposedly an imitation of conservative think tank the Hudson Institute.
CNN notes that “both think tanks have been critical of Russia.”
Smith also writes that “other domains appear to reference the U.S. Senate but are not specific to particular offices.”
The attackers are alleged to have used a technique known in cybersecurity as spearphishing. This is where an email or a website is disguised a a reliable and trustworthy source to scam users into handing over information.
In this instance, cyberattackers could have been imitating Republican think tanks in order to get staff to hand over information.
This isn’t the first spearphishing attack that Microsoft claims it has intercepted. Brad Smith writes that 84 fake websites believed to be linked to Strontium have been transferred to Microsoft in the last 2 years.
Microsoft has notified the Hudson Institute and the International Republican Institute about the attacks. “Microsoft will continue to work closely with them and other targeted organizations on countering cybersecurity threats to their systems. We’ve also been monitoring and addressing domain activity with Senate IT staff the past several months, following prior attacks we detected on the staffs of two current senators.”
Next steps: Microsoft is expanding its Defending Democracy Program
Microsoft has also announced it will be expanding its Defending Democracy Program with a new initiative called Microsoft AccountGuard. This will “provide state-of-the-art cybersecurity protection at no extra cost to all candidates and campaign offices at the federal, state and local level, as well as think tanks and political organizations we now believe are under attack” (free if you’re using Office 365).