Russian Hackers Target Senate And Conservative Think Tanks
Russian hacker Fancy Bear targeted two conservative US think tanks and the United States Senate.
Microsoft announced that a group called Strontium, also known as Fancy Bear and APT28 created fake websites designed to look like those used by the Hudson Institute, the International Republican, and the Senate.
Fancy Bear, the organization believed to be responsible for 2016 election hack of the Hillary Clinton campaign and the Democratic National Committee, is associated with the GRU, a Russian intelligence service.
Microsoft’s President Brad Smith said the tech giant obtained court orders to transfer control of the domains in order to shut down 84 phony websites over the past two years that were connected to Fancy Bear.
Smith said, “We’re concerned that these and other attempts pose security threats to a broadening array of groups connected with both American political parties in the run-up to the 2018 elections.”
In court documents, Microsoft argued that six domains were posing as its company’s services. The domains could have been used to trick Senators and aides, as well as Hudson Institute and International Republican Institute staff, into giving up sensitive information like usernames and passwords.
Microsoft said the fake websites were designed to look like login pages for document sharing, email access, and calendars. A staffer, unaware of the ruse, would enter a username and password, allowing the hacker access to personal data.
Websites at domains like “senate.group” and “adfs-senate.email” were created to mimic sites used by congressional staffers. Others looked like they belonged to the Hudson Institute and the International Republican Institute. Candidate for the Senate and former Massachusetts Gov. Mitt Romney is a member of the IRI as are six current members of the Senate and Trump’s former National Security Advisor General H.R. McMaster.
Smith said that there are no indication hackers successfully persuaded staffers to click nefarious links on the fake websites.
A spokesman for the Hudson Institute said he was happy Russian hackers targeted the organization.
“We’re glad that our work is attracting the attention of bad actors,” David Tell said. “It means we’re having an effect, presumably.”
The Hudson Institute, a consistent critic of Moscow, works with Russian experts to reveal how “financial secrecy fuels globalized corruption and threats to democracy.”
The International Republican Institute labeled the Russian Federation an “undesirable organization” in 2016.
Dmitry Peskov, a spokesman for the Kremlin, denied Microsoft’s allegations saying there is no tangible evidence.
We don’t know what hackers they are talking about,” Peskov said. “Who exactly are they talking about? We don’t understand what the proof and the basis is for them drawing these kinds of conclusions. Such information is lacking.”