The hacking attempts, which targeted two conservative think-tanks, have been described as attempts to “disrupt democracy” itself and to undermine any institution, regardless of political affiliation, that challenges the Kremlin and Russian President Vladimir Putin.
Microsoft said it, in recent weeks, detected and pulled fake websites that appeared to spoof the Hudson Institute and the International Republican Institute. The computer giant said it had also uncovered and seized three other phony domains that were designed to look as if they were affiliated with the U.S. Senate.
Brad Smith, Microsoft’s president and chief legal officer, told the Associated Press he had “no doubt” that the hacking group known as Strontium, Fancy Bear or APT 28 — a group with known ties to Russia’s main intelligence agency — was behind the “spear-phishing” attempt.
Smith said the fake sites were linked to secret web pages that could’ve exposed visitors to “computer infiltration, hidden surveillance and data theft.” He stressed, however, that there was no sign that anyone was actually fooled into clicking on the sites before Microsoft axed them.
Still, the company said the phishing attempts point to a troubling new trend: Russian hackers appear to be casting a wider net, no longer just targeting Democratic candidates and groups like they had before the 2016 presidential election ― but also organizations of other political leanings that have been critical of the Kremlin.
“This activity is most fundamentally focused on disrupting democracy,” Smith told AP.
The Hudson Institute is known for its investigations into corruption in Russia, while the focus of the International Republican Institute is to promote democracy worldwide. As The New York Times noted, IRI’s board of directors includes several Republican leaders who have been critical of President Donald Trump’s relationship with Putin, such as Arizona Sen. John McCain and former presidential candidate Mitt Romney.
“We’re glad that our work is attracting the attention of bad actors,” Hudson Institute spokesman David Tell told AP on Monday. “It means we’re having an effect, presumably.”
Daniel Twining, IRI’s president, called the recent attempts “consistent with the campaign of meddling that the Kremlin has waged against organizations that support democracy and human rights.”
“It is clearly designed to sow confusion, conflict and fear among those who criticize Mr. Putin’s authoritarian regime,” Twining told The Washington Post.
Microsoft said this week that it had recently seen an “uptick” of such hacking attempts. Last month, Sen. Claire McCaskill (D-Mo.), who is seeking reelection, said Microsoft had uncovered an unsuccessful attempt by Russian hackers to infiltrate her Senate computer network.
To counter such threats, Microsoft announced that it will be providing free cybersecurity protections to political candidates and campaign offices that are using its Office 365 software.
“The Russians are seeking to disrupt and divide,” Smith told the Times. “There is an asymmetric risk here for democratic societies. The kind of attacks we see from authoritarian regimes like Russia are seeking to fracture and splinter groups in our society.”
CORRECTION: Due to an editing error, a previous version of this story incorrectly identified Sen. Claire McCaskill’s state. She represents Missouri.