U.S. intelligence agencies have continuously blamed Russia for hacking the 2016 presidential election in favor of Donald Trump. Most of those hacks targeted Democrats, but now Microsoft said it has evidence that Russia is going after Republican-affiliated think tanks ahead of this year's midterm elections, which supports the idea that Russian hackers are supporting Trump specifically rather than backing the GOP and its allies.
Microsoft said it recently discovered (opens in new tab) six domains created by Strontium, a hacking group with connections to Russian intelligence agencies, with clear similarities to domains used by the Hudson Institute and International Republican Institute. Several of the domains also faked a vague connection to the U.S. Senate. The company's Digital Crimes Unit (DCU) assumed control over the domains in a bid to prevent their misuse.
The New York Times reported that Strontium hackers planned to use the domains to set up dummy websites that could steal account information from people trying to access their accounts with the Hudson Institute and IRI. (Microsoft's report on its discovery is more vague about what the hackers planned to use the domains for.)
Here's what Microsoft said to summarize its worries about this latest discovery:
"Despite last week’s steps, we are concerned by the continued activity targeting these and other sites and directed toward elected officials, politicians, political groups and think tanks across the political spectrum in the United States. Taken together, this pattern mirrors the type of activity we saw prior to the 2016 election in the United States and the 2017 election in France."
To combat those efforts, the company is expanding its Defending Democracy Program with the Microsoft AccountGuard Initiative. AccountGuard is supposed to analyze threats across personal and professional email accounts; offer "officials, campaigns, and related political organizations" guidance on how to "make their networks and email systems more secure"; and "provide preview releases of new security features."
You can learn more about the Microsoft AccountGuard Initiative in the company's blog post (opens in new tab) about it. But the gist is that Microsoft will more proactively monitor politically affiliated people and organizations while also educating them on security best practices. Most of these folks aren't going to become security experts, but at least they should prove harder to hack than they would've been without programs like Microsoft's.
Microsoft explained why that matters in its blog post:
"We can only keep our democratic societies secure if candidates can run campaigns and voters can go to the polls untainted by foreign cyberattacks. [...] Democracy requires vigilance and at times action by citizens to protect and maintain it. No individual or company can hope to meet this imperative by itself. We all need to do our part. We’re committed to doing our part by helping to protect candidates and campaigns in preserving their voices and votes no matter what party they support."