A group of hackers believed to be tied to Russia’s military have launched spear-phishing campaigns against at least three candidates running for election in 2018, a Microsoft executive said Thursday.
Tom Burt, a vice president for customer security at Microsoft, said at the Aspen Security Forum that security researchers at the company discovered the phishing campaigns, tracing them to a group widely believed in the threat-intelligence community to be run by the GRU, the Russian military intelligence agency that hacked into DNC email accounts and leaked their emails.
Burt didn’t disclose the names of the candidates targeted by the hackers, but said they were running for reelection and added, “They were all people who, because of their positions, might have been interesting targets from an espionage standpoint as well as an election disruption standpoint.”
Last week, Special Counsel Robert Mueller indicted 12 GRU officers for stealing usernames and passwords of people working in Hillary Clinton’s 2016 presidential campaign, including its chairman John Podesta.
That same day, Dan Coats, the director of national intelligence, said that Russian cyber attacks could again interfere in this year’s midterm elections, likening the threat to the warnings of terror threats ahead of the September 11, 2001 attacks.
On Monday, FBI director Christopher Wray reiterated his agency’s belief that Russia may again attempt to meddle in this year’s election. President Trump has often undermined findings from intelligence agencies that Putin personally ordered the cyberattacks, while downplaying the likelihood of another attack this year.
On Thursday, the Republican-controlled House moved to eliminate new funding for states to strengthen security in their elections, drawing criticism from Democrats that Congress isn’t doing enough to protect U.S. elections from another attack by Russian hackers.
At the Aspen Forum, Burt said that so far Russia doesn’t appear to be as aggressive as it was during the 2016 election. “We don’t see the activity of them trying to infiltrate think tanks and academia and in social networks to do the research that they do to build the phishing attacks that they then launch,” he said.
“That doesn’t mean were not going to see it,” Burt said. “There’s a lot of time left before the election.”
