Hackers have already targeted 2018 Congressional candidates, Microsoft revealed today. At the Aspen Security Forum, Microsoft disclosed on Thursday that the company identified and stopped attempts to launch cyberattacks against three 2018 candidates.
“Earlier this year, we did discover that a fake Microsoft domain had been established as the landing page for phishing attacks,” Tom Burt, Microsoft’s vice president for security and trust, revealed today. These attacks were made using phony versions of Microsoft’s website.
Related Microsoft Calls for Facial Recognition Laws – Says Orwell’s 1984 Is Almost Here
“And we saw metadata that suggested those phishing attacks were being directed at three candidates who are all standing for election in the midterm elections.”
Working with the US government, the company removed the domain and blocked the phishing messages. The hacks weren’t successful since they were spotted before hackers could successfully infiltrate the networks.
“We were able to avoid anybody being affected by that attack. They tried, they weren’t successful and the government security teams deserve a lot of the credit.”
The same phishing tactics were used during the 2016 DNC hacks that led to indictments last week. Since Burt was talking about both the 2016 and 2018 cyberattacks mentioning Russian hacking group known as APT28 or Fancy Bear, it isn’t clear whether Microsoft believes the same group was behind the 2018 hacking attempt.
Election hacks remain a concern but many believe Russian hackers aren’t as active yet as they were during 2016 election campaign
Microsoft hasn’t disclosed the names of the candidates who were targeted and just said they were “people who, because of their positions, might have been interesting targets from an espionage standpoint as well as an election disruption standpoint.”
Related Microsoft’s $399 Surface Go Is Official With Modest Performance, Brilliant Design Ergonomics
Microsoft said that Russians aren’t as active as they were during the 2016 election. “I would say that the consensus of the threat intel community right now is that we’re not seeing the same level of activity by the Russian activity groups leading into the midterm elections that we could see when we look back in the 2016 elections,” Burt said.
“We don’t see the activity of them trying to infiltrate think tanks and academia and in social networks to do the research that they do to build the phishing attacks,” he added. “[But] that doesn’t mean we’re not going to see it. There’s a lot of time left before the election.”
– We have reached out to Microsoft for a clarification.
