Three congressional candidates targeted by hackers already, Microsoft says
Image credit: Dreamstime
The technology company has announced that it has already detected and taken action against cyber attacks directed at three candidates standing in the upcoming midterm elections, which will be held in November.
Tom Burt, vice-president for customer security and trust at Microsoft, revealed the attempted interference while addressing a panel at the Aspen Security Forum, although he declined to name the targeted candidates or the source of the attacks.
“Earlier this year, we did discover that a fake Microsoft domain had been established as the landing page for phishing attacks, and we saw metadata that suggested those phishing attacks were being directed at three candidates who are all standing for election in the midterm elections,” he said.
Microsoft removed the fraudulent domain, and worked with federal government to block the phishing attacks. A similar approach was used by groups with links to Russian intelligence to hack into the servers of the Democratic National Committee during the run-up to the 2016 presidential election.
According to Burt, the candidates may be people who are “interesting targets from an espionage standpoint as well as an election disruption standpoint” due to their positions.
These incidents mark the first publicly confirmed evidence of hacking in the midterm elections, following extensive evidence of hacking and other interference during the 2016 presidential election, which is now the subject of a high-profile inquiry, which has indicted members of the Trump campaign team and – recently – a dozen Russian nationals and several organisations.
Despite this evidence already emerging of cyber attacks associated with the upcoming elections, Burt stressed that researchers at Microsoft and other organisations were not seeing the same level of underhand activity directed at the democratic process as they saw looking back at the 2016 presidential election, in which independent experts and organisations were targeted in addition to candidates and their staff.
“The consensus of the threat intelligence community right now is that we’re not seeing the same level of activity by the Russian activity groups,” he added. “We don’t see the activity of them trying to infiltrate think tanks and academia and in social networks to do the research that they do to build the phishing attacks.
“That doesn’t mean we’re not going to see it. There’s a lot of time left before the election.”
While many politicians, commentators and security experts have expressed concern that cyber attacks will continue to be used in attempts to influence US elections, this week President Donald Trump said he did not believe that the Russian government was continuing to attempt to interfere.