Russia has been accused of meddling with the U.S. elections in 2016 using the internet, with tech giants such as Google, Facebook, and Twitter having been summoned last year to testify before U.S. legislators over the issue. While investigations into that matter continue, it appears that Russia is also trying to intervene in the upcoming midterm elections.
Microsoft announced that its Digital Crimes Unit (DCU) has disabled and taken control of six websites (pictured above) operated by the Strontium group, also known as Fancy Bear or APT28, which is supposedly linked to the Russian government. The move was executed by virtue of a court order and it marks the 12th time in two years that Microsoft used that approach to thwart 84 fake websites associated with Strontium.
The six fake websites tried to spoof the domain of the International Republican Institute, the Hudson Institute, and other domains containing references to the U.S. Senate. Microsoft pointed out that there was no evidence indicating the sites have already been used in targeted hacking attacks before they were shut down.
Brad Smith, Microsoft's President, says the latest spoofing attempt is part of the attackers' efforts to make their method look realistic and lure potential victims into visiting the fake sites. Concerned over the security threats posed by these attempts to both American political parties in the lead-up to the 2018 elections, Smith says Microsoft is introducing a new initiative called AccountGuard as part of its Defending Democracy Program. The goal of the new effort is to offer a free cybersecurity protection to all candidates, campaign offices, think tanks, and political organizations that use the Office 365.