Microsoft finds Russian operation targeting US political institutions
San Francisco : A group affiliated with the Russian government created phony versions of six websites, including some related to the US Senate, with an aim to hack into the computers of people who were tricked into visiting, according to Microsoft.
Microsoft on Monday night said that it has discovered and disabled the fake sites, reports The Washington Post.
The effort by the notorious APT28 hacking group, which has been publicly linked to a Russian intelligence agency and actively interfered in the American 2016 presidential election, underscores the aggressive role Russian operatives are playing ahead of the midterm congressional elections in the US.
APT28 specialises in information warfare or hacking and disinformation operations. "APT" refers to "advanced persistent threat" in cybersecurity circles.
US officials have repeatedly warned that the November vote is a major focus for interference efforts.
Microsoft said the sites were created over the past several months but did not go into more specifics.
Microsoft's Digital Crimes Unit, which is responsible for the company's response to email phishing schemes, took the lead role in finding and disabling the sites, and the company is launching an effort to provide expanded cybersecurity protection for campaigns and election agencies that use Microsoft products.
Among those targeted were the Hudson Institute, a conservative Washington think-tank active in investigations of corruption in Russia, and the International Republican Institute (IRI), a non-profit group that promotes democracy worldwide.
Three other fake sites were crafted to appear as though they were affiliated with the Senate, and one non-political site spoofed Microsoft's own online products.
"This apparent spear-phishing attempt against the International Republican Institute and other organisations is consistent with the campaign of meddling that the Kremlin has waged against organizations that support democracy and human rights," The Washington Post quoted Daniel Twining, IRI's president, as saying who put blame on Russian President Vladimir Putin.
"It is clearly designed to sow confusion, conflict and fear among those who criticise Putin's authoritarian regime."
The move by Microsoft is the latest effort by Silicon Valley to address Russian threats to the upcoming election more aggressively than the technology industry did in 2016.
Companies and US officials have vowed to work together more closely this year.
Facebook recently disclosed that the company had taken down 32 fake accounts and pages that were tied to the Internet Research Agency, a Russian disinformation operation active before and after the 2016 election.