View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
August 21, 2018

Microsoft Identifies Fresh Russian Effort to Disrupt US Democracy

Company to offer free cybersecurity protection to political candidates

By CBR Staff Writer

Microsoft will provide advanced cybersecurity protection for free to political candidates and campaign offices across the US, the company has announced, after identifying fresh efforts by Russia-affiliated group Fancy Bear to disrupt the democratic process.

Microsoft President Brad Smith said that Microsoft executed a court order last week to disrupt and transfer control of six internet domains created by the Strontium or Fancy Bear group “widely associated with the Russian government”.

The websites, including “senate.group” were designed to mimic organisations like the International Republican Institute and were intended to mask attacks; a hallmark of the Fancy Bear group, which hacked Democratic National Committee servers in 2015.

The company’s President Brad Smith said in a blog post late Monday: “We’re concerned that these and other attempts pose security threats to a broadening array of groups connected with both American political parties in the run-up to the 2018 elections.”

Microsoft has used such court orders 12 times in two years to shut down 84 fake websites associated with this group, he added.

Fancy BearMicrosoft Fancy Bear Scare

Cybersecurity company Crowdstrike, which has tracked the group closely, describes Fancy Bear as: “A Russian-based threat actor, which has been active since mid 2000s, and has been responsible for targeted intrusion campaigns against the Aerospace, Defense, Energy, Government and Media sector.”

“This group is known for its technique of registering domains that closely resemble domains of legitimate organizations they plan to target. Afterwards, they establish phishing sites on these domains that spoof the look and feel of the victim’s web-based email services in order to steal their credentials.”

Content from our partners
Unlocking growth through hybrid cloud: 5 key takeaways
How businesses can safeguard themselves on the cyber frontline
How hackers’ tactics are evolving in an increasingly complex landscape

The company adds: “Our team considers them some of the best adversaries out of all the numerous nation-state, criminal and hacktivist/terrorist groups we encounter on a daily basis. Their tradecraft is superb, operational security second to none and the extensive usage of ‘living-off-the-land’ techniques enables them to easily bypass many security solutions they encounter.”

In a  recent indictment by special counsel Robert Mueller, those responsible for the DNC hack were named as former GRU officers Viktor Netyksho, Boris Antonov, Dmitriy Badin, Ivan Yermakov, Aleksey Lukashev, Sergey Morgachev, Nikolay Kozachek, Pavel Yershov, Artem Malyshev, Aleksandr Osadchuk, and Aleksey Potemkin.

LinkedIn

Microsoft’s Brad Smith

Microsoft AccountGuard 

Microsoft’s Brad Smith said: “We’re concerned that these and other attempts pose security threats to a broadening array of groups connected with both American political parties in the run-up to the 2018 elections.”

“That’s why today we are expanding Microsoft’s Defending Democracy Program with a new initiative called Microsoft AccountGuard. This initiative will provide state-of-the-art cybersecurity protection at no extra cost to all candidates and campaign offices at the federal, state and local level, as well as think tanks and political organizations we now believe are under attack.”

He added: “To be clear, we currently have no evidence these domains were used in any successful attacks before the DCU transferred control of them, nor do we have evidence to indicate the identity of the ultimate targets of any planned attack involving these domains.”

The company’s Tom Burt – Corporate VP for Customer Security & Trust – added in a further post that the “AccountGuard” offering would include close liaison with the expertise of the Microsoft Threat Intelligence Center, ongoing guidance on cybersecurity, including love threat modelling and contingency planning sessions, and private previews of security features typically offered first to large corporate customers.”

The free security offering is for candidates using Office 365.

 

 

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU