Microsoft helped US gov block Russian hacking attempts on three candidates this year
REDMOND TECH GIANT Microsoft claims it helped the US government detect and block Russian hacking attempts on at least three congressional candidates this year.
Speaking at the Aspen Security Forum on Thursday, a Microsoft executive revealed the news but refused to name the targets of the attacks.
According to Fortune, Tom Burt, Microsoft’s vice president for customer security, said the three candidates were “people who, because of their positions, might have been interesting targets from an espionage standpoint as well as an election disruption standpoint”.
The hacks came in the form of attacks launched against the candidates’ staff, which were apparently attempted phishing attacks, redirecting them to a fake Microsoft website in an attempt to steal their credentials.
“Earlier this year, we did discover that a fake Microsoft domain had been established as the landing page for phishing attacks,” Burt added.
“And we saw metadata that suggested those phishing attacks were being directed at three candidates who are all standing for election in the midterm elections.”
Immediately after learning of the incident, Microsoft took down the fake domain and worked with the government to “avoid anybody being infected by that particular attack”, while also ensuring that none of the targeted campaign staffers were infected.
Microsoft “discovered that these [fake domains] were being registered by an activist group that at Microsoft we call Strontium…that’s known as Fancy Bear or APT 28,” he added.
“The consensus of the threat intelligence community right now is [that] we do not see the same level of activity by the Russian activity groups leading into the mid-year elections that we could see when we look back at them at that 2016 elections.”
However, he warned that this doesn’t mean we won’t see it, as “there is a lot of time left before the election”. µ
Source : Inquirer