How Microsoft found another Russian hacking effort

How Microsoft spotted another Russian hacking attempt

Revealed: The Secrets our Clients Used to Earn $3 Billion

Microsoft stated Monday that it had actually determined yet another effort to hack political companies which the attack originated from what it believes is a group of expert hackers working for the Russian federal government. The tech giant found and reduced the effects of sites that were trying to impersonate the websites of conservative think tanks.

If this all sounds familiar, that’s due to the fact that Microsoft just recently stopped comparable efforts to gather login details from staffers of Democrats running for workplace, consisting of somebody working for Missouri Sen Claire McCaskill It’s all part of what United States intelligence authorities and cybersecurity specialists state is a continuous effort to affect United States elections by hacking political leaders and triggering discord online.

Here are responses to your concerns about Microsoft’s efforts to stop the phony websites and how these efforts suit the huge image when it concerns election hacking.

What is Microsoft doing?

Microsoft remains in a special position to take on hacking efforts like these. That’s due to the fact that its services are the foundation of numerous workplace e-mail systems, so spoof sites impersonate the business. Microsoft watches out for web domains it does not manage that impersonate Microsoft login or password-reset pages. Such domains are a clear indication hackers are attempting to deceive web users into turning over their usernames and passwords, which the hackers can then utilize to take e-mails and files.

That’s comparable to what took place in 2016 to John Podesta, then head of Hillary Clinton’s governmental project. Podesta was utilizing Gmail and supposedly got an e-mail triggering him to enter his username and password. He did, and hackers swiped a collection of his e-mails, which were later on revealed.

Microsoft is utilizing the court system to take control of spoof sites bearing the Microsoft name. That takes the tools out of the hands of hackers, making it so they can’t utilize them to take usernames and passwords or release any other sort of hacking attack.

Which groups were targeted?

This time, the hacks targeted the International Republican Institute and the Hudson Institute, both of which count Republican senators amongst their members, along with 3 sites connected with the Senate.

The International Republican Institute’s objective is concentrated on structure democracy abroad, and the Hudson Institute promotes discussions on nationwide security and diplomacy.

“We can only assume that this attack was intended to gather information about, and compromise or otherwise disrupt, Hudson’s longstanding democracy-promotion programs, and in particular, our initiatives to expose the activities of foreign kleptocratic regimes,” the Hudson Institute stated in a declaration Tuesday.

< div class ="shortcode video v2" data-video-playlist="[{" id="" department="" indicts="" russian="" cyberspies="" suspected="" in="" dnc="" hacking="" charges="" filed="" days="" before="" a="" trump-putin="" summit="" are="" part="" of="" special="" counsel="" robert="" mueller="" investigation="" into="" collusion="" with="" the="" presidential="" election.="" news="" video="">

Now playing:
Watch this:

Justice Department indicts 12 Russian cyberspies suspected…


The International Republican Institute pointed to the threat of hacking attempts from foreign regimes.

“Cyberattacks have become one of the preferred tools of authoritarians around the world to harass and undermine independent organizations and democratic governments,” the organization’s president, Daniel Twining, said in a statement Tuesday.

How often is Microsoft seeing hacking attempts like this?

The company isn’t finding a hack every day, but it’s taken down a lot of spoof sites.

“We have now used this approach 12 times in two years to shut down 84 fake websites associated with this group,” Microsoft President Brad Smith wrote in a blog post published Monday that details the new hacking effort.

How can political groups — and everyone else — protect themselves?

The first line of defense is to use two-factor authentication. That stops hackers from using your stolen username and password to log in to your accounts. 

Two-factor authentication is a login system that requires an extra piece of information, in addition to your username and password. It can be a onetime code generated on an app on your phone, or a physical token that connects to your device wirelessly or through the USB port.

Tech companies have a big role to play too. In addition to Microsoft’s efforts to spot and take over spoofing websites, the company’s Outlook service can filter out the fraudulent emails that hacking targets often receive prompting them to click on a link to the fake site. 

On Monday, Google security engineer Shane Huntley wrote in a blog post that Google does its best to filter out these phishing emails from Gmail. Google also sends warnings to users it finds are being targeted by a government-backed hacking effort. (Hunt also encouraged users to adopt token-based two-factor authentication if they believe they’re at risk.)

Finally, companies are developing specialized tools for political campaigns and others at risk from this kind of hacking. At the same time it disclosed the Russian hacking attempt, Microsoft said its new AccountGuard tool will protect political organizations’ accounts free of charge. What’s more, secure-messaging companies like Wickr and Signal are working with campaigns to encourage them to keep sensitive messages and documents out of their regular email.

How does this fit into the big picture of election hacking?

All these hacking attempts use the same set of strategies Russians allegedly used in 2016 to sow chaos in the lead-up to the US presidential election. 

The 2016 hackers, who US agencies said were under direct orders from Russian president Vladimir Putin, made stolen information public. Other hacking campaigns focused on probing voter registration databases and elections websites for vulnerabilities.

So far in 2018, large troves of emails haven’t been made public, and cybersecurity experts and law enforcement officials haven’t identified any successful hacking attacks.

Beyond hacking, Russians at the Internet Research Agency allegedly ran misinformation and influence campaigns on social media platforms including Facebook, Twitter, YouTube and Reddit in 2016.

Many of those activities appear to continue today, and Facebook announced earlier this month that it had identified and taken down 32 accounts, pages and events affiliated with a coordinated campaign to influence the platform’s users.

First published Aug. 21 at 1:15 p.m. PT
Update at 2:28 p.m. PT: Added information about preventing future hacks.

Cambridge Analytica: Everything you need to know about Facebook’s data mining scandal.

Taking It to Extremes: Mix insane situations — erupting volcanoes, nuclear meltdowns, 30-foot waves — with everyday tech. Here’s what happens.

This site uses Akismet to reduce spam. Learn how your comment data is processed.