Tech giant Microsoft is claiming that Russian-linked hackers tried to breach the Senate and several conservative think tanks last week. It’s believed that the infamous “Fancy Bear” group was behind the attacks. The group has previously been accused of hacking Democratic National Committee (DNC) emails in the 2016 campaign and, many believe, tried to directly interfere with the Presidential elections on behalf of the Russian government.
Fancy Bear, also known as Strontium and APT28, has emerged as perhaps the most notorious government-sponsored hacking group. This time around, Fancy Bear allegedly created several domains that resemble genuine senate domains, such as senate.group and adfs-senate.email. Other domains targeted conservative groups, such as the International Republican Institute and the Hudson Institute.
Most likely, the domains were meant to be part of a phishing attack. Fancy Bear could have sent emails to Senate staff members or employees at targeted think tanks. The emails might have requested the user to “reset” their password due to a security hack. Of course, in order to reset your password, you’d need to provide your current one. Except, when you provide that password, you’re really just handing it over to the hackers.
(Credit: Facebook/Technology and electronics)
Fancy Bear has been accused of targeting American officials and organizations on numerous occasions, and is believed to be associated with the Russian government, and specifically the GRU intelligence agency. The group does not call itself Fancy Bear, but has instead been labeled that by security experts.
It’s believed that Fancy Bear has previously carried out attacks on the Hillary Clinton campaign, using phishing methods to secure passwords. Missouri Democratic Sen. Claire McCaskill’s office was also targeted last year.
Microsoft was able to take control of six websites following court orders granting their request. In court, Microsoft argued that the hackers could pose as Microsoft services. Microsoft is now launching a specialized cybersecurity service called AccountGuard to counter Fancy Bear and other groups trying to target political organizations.
Microsoft will offer the service for free to Senators, campaign officials, and staff at political organizations that use Microsoft Office 365. AccountGuard is part of Microsoft’s larger Defending Democracy Program, which was launched back in April. Hacking has emerged as a major risk in elections and for governments in general.
