Russia accused of trying to hack US senator

News sparks fears that 'Fancy Bear' group may be attempting to hack US mid-terms

One of the three US senators being targeted by sophisticated spearphishing campaigns has been identified as Missouri Democrat Claire McCaskill, sparking fears that Russian actors may be attempting to help the GOP retain its Senate majority during the upcoming mid-term elections.

Microsoft revealed at a security conference last week that three senators had been hit with attempted spearphishing attacks similar to the one which John Podesta fell victim to in 2016, using a spoofed version of the US Senate's Microsoft Active Directory login page to lure the targets in.

The identity of one of these targets has been confirmed by a Daily Beast investigation as a policy aide to Senator McCaskill. Each spearphishing email includes a unique URL that allows the spoofed page to display the email address of the target, and a screencapture of the spoofed domain from forensic snapshot tool URLscan.io was found, revealing the target's identity.

While Microsoft has yet to confirm who launched the attack, it is widely suspected to be the work of the same Russian intelligence unit accused of perpetrating the DNC hack, codenamed 'Fancy Bear'.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

Senator McCaskill released a statement pinning the attack on Russia, in-keeping with her historically hard-line stance on Russia's international conduct which has seen her previously dub Putin a "thug and a bully".

"Russia continues to engage in cyber warfare against our democracy. I will continue to speak out and press to hold them accountable," she said. "While this attack was not successful, it is outrageous that they think they can get away with this. I will not be intimidated. I've said it before and I will say it again, Putin is a thug and a bully."

McCaskill is facing re-election in the imminent mid-terms, and is somewhat embattled; Trump won her home state by a 20-point margin in 2016, and more than $15 million has been spent so far opposing her election. The cyber security of the upcoming elections has been identified as a priority by Congress, who have allocated $350 million to ensure their safety.

20/07/2018: Hackers target US mid-term elections

Security experts have detected hacking attempts on the US mid-term elections for first time, after Microsoft announced that it identified and blocked attempted attacks on three congressional candidates so far this year.

Tom Burt, Microsoft's vice president of security and trust, revealed the news at the Aspen Security Summit, Politico reports. The company has not disclosed whether or not the Russian government is suspected of being behind the attacks, and did not specify who the targets were.

Burt did note, however, that they were all candidates for this year's mid-term elections, and were "people who, because of their positions, might have been interesting targets from an espionage standpoint as well as an election disruption standpoint".

Advertisement - Article continues below

The attackers set up a bogus page purporting to be a Microsoft domain, for the purposes of mounting spearphishing attacks to steal targets' credentials. This is a common tactic, and one that allegedly enabled Russian state hackers to access John Podesta's emails in 2016 - which, according to the US Department of Justice, then enabled them to hack the DNC and potentially sway the election.

However, Burt noted that the level of cyber activity observed around the mid-term elections is noticeably less than what was seen during the 2016 presidential elections, indicating that the threat of interference may not be as great.

"On the other hand, cyber security experts Carbon Black warned that cyber warfare is still a very real issue. "Geopolitical tensions manifest in cyberspace," the company's chief cyber security officer Tom Kellermann said. "There is a direct link between the failures of diplomacy and cyberespionage and cyberterrorism. The cold war adversaries have colonised wide swaths of Western cyberspace."

Featured Resources

What you need to know about migrating to SAP S/4HANA

Factors to assess how and when to begin migration

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

Testing for compliance just became easier

How you can use technology to ensure compliance in your organisation

Download now

Best practices for implementing security awareness training

How to develop a security awareness programme that will actually change behaviour

Download now
Advertisement

Recommended

Visit/security/internet-security/354417/avast-and-avg-extensions-pulled-from-chrome
internet security

Avast and AVG extensions pulled from Chrome

19 Dec 2019
Visit/security/354156/google-confirms-android-cameras-can-be-hijacked-to-spy-on-you
Security

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019
Visit/policy-legislation/33757/us-demands-social-media-details-from-visa-applicants
Policy & legislation

US demands social media details from visa applicants

3 Jun 2019

Most Popular

Visit/microsoft-windows/32066/what-to-do-if-youre-still-running-windows-7
Microsoft Windows

What to do if you're still running Windows 7

14 Jan 2020
Visit/operating-systems/25802/17-windows-10-problems-and-how-to-fix-them
operating systems

17 Windows 10 problems - and how to fix them

13 Jan 2020
Visit/hardware/laptops/354533/dell-xps-13-new-9300-hands-on-review-chasing-perfection
Laptops

Dell XPS 13 (New 9300) hands-on review: Chasing perfection

14 Jan 2020
Visit/web-browser/30394/what-is-http-error-503-and-how-do-you-fix-it
web browser

What is HTTP error 503 and how do you fix it?

7 Jan 2020