We had an article in which it was alleged that the Russians would be active in the midterm elections, but this time, they’d help the Democrats, to cause more trouble. Now, it appears that they are being more precise and targeted. Yes, they are attacking Republicans, but they are establishment Republicans. In effect, they’re attacking NeverTrumpers. So, once again, they’d be helping Trump beat certain establishment people, causing the rest to fall into line.
Microsoft has been working to thwart the Russian meddling.
The Russian group linked to the hacking of Hillary Clinton’s presidential election campaign has been launching fresh attacks in the US, including against two conservative thinktanks, in the run-up to the midterm elections.
According to Microsoft, which uncovered the new attempts, the hackers created fake websites that appeared to mimic the Hudson Institute and the International Republican Institute, two rightwing thinktanks broadly allied against Donald Trump. . .
The International Republican Institute is led by a board that includes six Republican senators and the prominent Russia critic and Senate hopeful Mitt Romney, who is running for a Utah seat.
But the effort is not just against NeverTrumpers. It also includes Democrats.
The revelation of the new attacks came just weeks after a similar Microsoft discovery led the senator Claire McCaskill, a Missouri Democrat who is running for re-election, to reveal that Russian hackers tried unsuccessfully to infiltrate her Senate computer network.
The hacking attempts mirror similar Russian attacks before the 2016 presidential election, which US intelligence officials have said were focused on helping to get the Republican candidate, Donald Trump, into office by hurting Clinton, his Democratic opponent. . .
It’s an ongoing battle, according to the Chicago Tribune.
Microsoft calls the hacking group Strontium; others call it Fancy Bear or APT28. An indictment from U.S. special counsel Robert Mueller has tied it to Russian’s main intelligence agency, known as the GRU, and to the 2016 email hacking of both the Democratic National Committee and the Clinton campaign.
“We have no doubt in our minds” who is responsible, Smith said.
Microsoft has waged a legal battle with Strontium since suing it in a Virginia federal court in summer 2016. The company obtained court approval last year allowing it to seize certain fake domains created by the group. It has so far used the courts to shut down 84 fake websites created by the group, including the most recent six announced Tuesday.
Reuters says the Russians are expected to deny everything, as Putin told Trump at their summit.
There was no immediate comment from Russian authorities, but the Kremlin was expected to address the report later on Tuesday. It has regularly dismissed accusations that it has used hackers to influence U.S. elections and political opinion.
Casting such allegations as part of an anti-Russian campaign designed to justify new sanctions on Russia, it says it wants to improve not worsen ties with Washington.
Both of the Republican think-tanks have been critical of Trump’s overtures toward Russia.
The International Republican Institute has a roster of high-profile Republican board members, including Senator John McCain of Arizona who has criticized U.S. President Donald Trump’s interactions with Russia, and Moscow’s rights record.
The Hudson Institute, another conservative group, has hosted discussions on topics including cybersecurity, according to Microsoft. It has also examined the rise of kleptocracy, especially in Russia and has been critical of the Russian government, the New York Times reported.
Microsoft was able to identify the hackers as directed by Russian government intelligence.
The company said it executed a court order giving it control of six websites created by a group known as Fancy Bear. The group was behind the 2016 hack of the Democratic National Committee and directed by the GRU, the Russian military intelligence unit, according to cybersecurity firms.
The websites could have been used to launch cyberattacks on candidates and other political groups ahead of November’s elections, the company said. . .
Microsoft said the domains were “associated with the Russian government and known as Strontium, or alternatively Fancy Bear or APT28.” The company said it has no evidence that the domains were used in successful attacks but that it was working with the potential target organizations.
And in addition to the Democrats and NeverTrumpers, the hackers also went after the Senate.
Among the websites a judge in the Eastern District of Virginia granted Microsoft control of were those with domain names designed to resemble sites used by congressional staff. They include “senate.group,” and “adfs-senate.email.”. . .
Hackers could have used the domains to send emails to Senate staffers or people working for the Hudson Institute or the International Republican Institute in an attempt to trick them into handing over information, like their passwords.
This form of attack, known as spearphishing, was successfully used to target Hillary Clinton’s campaign chairman John Podesta in 2016. . .
The news comes less than a week after it emerged that two Democratic congressional primary candidates were hacked earlier this year.
The campaigns of Dr. Hans Keirstead and David Min, both of whom lost in California’s June primaries, were breached, but the groups responsible for the attacks have not been made public and may not be known.
Our previous story theorized that the Russians were simply attacking Republicans to help Democrats, thereby leading to checks-and-balances that would slow down legislation. But now, it looks like the Russians are being more precise in their attack—working against candidates who object to Trump’s attempts to be friendly toward Russia.