IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Russia accused of trying to hack US senator

News sparks fears that 'Fancy Bear' group may be attempting to hack US mid-terms

One of the three US senators being targeted by sophisticated spearphishing campaigns has been identified as Missouri Democrat Claire McCaskill, sparking fears that Russian actors may be attempting to help the GOP retain its Senate majority during the upcoming mid-term elections.

Microsoft revealed at a security conference last week that three senators had been hit with attempted spearphishing attacks similar to the one which John Podesta fell victim to in 2016, using a spoofed version of the US Senate's Microsoft Active Directory login page to lure the targets in.

The identity of one of these targets has been confirmed by a Daily Beast investigation as a policy aide to Senator McCaskill. Each spearphishing email includes a unique URL that allows the spoofed page to display the email address of the target, and a screencapture of the spoofed domain from forensic snapshot tool URLscan.io was found, revealing the target's identity.

While Microsoft has yet to confirm who launched the attack, it is widely suspected to be the work of the same Russian intelligence unit accused of perpetrating the DNC hack, codenamed 'Fancy Bear'.

Senator McCaskill released a statement pinning the attack on Russia, in-keeping with her historically hard-line stance on Russia's international conduct which has seen her previously dub Putin a "thug and a bully".

"Russia continues to engage in cyber warfare against our democracy. I will continue to speak out and press to hold them accountable," she said. "While this attack was not successful, it is outrageous that they think they can get away with this. I will not be intimidated. I've said it before and I will say it again, Putin is a thug and a bully."

McCaskill is facing re-election in the imminent mid-terms, and is somewhat embattled; Trump won her home state by a 20-point margin in 2016, and more than $15 million has been spent so far opposing her election. The cyber security of the upcoming elections has been identified as a priority by Congress, who have allocated $350 million to ensure their safety.

20/07/2018: Hackers target US mid-term elections

Security experts have detected hacking attempts on the US mid-term elections for first time, after Microsoft announced that it identified and blocked attempted attacks on three congressional candidates so far this year.

Tom Burt, Microsoft's vice president of security and trust, revealed the news at the Aspen Security Summit, Politico reports. The company has not disclosed whether or not the Russian government is suspected of being behind the attacks, and did not specify who the targets were.

Burt did note, however, that they were all candidates for this year's mid-term elections, and were "people who, because of their positions, might have been interesting targets from an espionage standpoint as well as an election disruption standpoint".

The attackers set up a bogus page purporting to be a Microsoft domain, for the purposes of mounting spearphishing attacks to steal targets' credentials. This is a common tactic, and one that allegedly enabled Russian state hackers to access John Podesta's emails in 2016 - which, according to the US Department of Justice, then enabled them to hack the DNC and potentially sway the election.

However, Burt noted that the level of cyber activity observed around the mid-term elections is noticeably less than what was seen during the 2016 presidential elections, indicating that the threat of interference may not be as great.

"On the other hand, cyber security experts Carbon Black warned that cyber warfare is still a very real issue. "Geopolitical tensions manifest in cyberspace," the company's chief cyber security officer Tom Kellermann said. "There is a direct link between the failures of diplomacy and cyberespionage and cyberterrorism. The cold war adversaries have colonised wide swaths of Western cyberspace."

Featured Resources

The state of Salesforce: Future of business

Three articles that look forward into the changing state of Salesforce and the future of business

Free Download

The mighty struggle to migrate SAP to the cloud may be over

A simplified and unified approach to delivering Enterprise Transformation in the cloud

Free Download

The business value of the transformative mainframe

Modernising on the mainframe

Free Download

The Total Economic Impact™ Of IBM FlashSystem

Cost savings and business benefits enabled by FlashSystem

Free Download

Recommended

Cyber attacks rain on Taiwan during Pelosi visit
cyber warfare

Cyber attacks rain on Taiwan during Pelosi visit

5 Aug 2022
US and Japan double down on joint semiconductor research
Policy & legislation

US and Japan double down on joint semiconductor research

1 Aug 2022
FCC to consider huge update to minimum broadband speed
Infrastructure

FCC to consider huge update to minimum broadband speed

18 Jul 2022
NOAA unveils two new supercomputers in effort to better predict extreme weather
high-performance computing (HPC)

NOAA unveils two new supercomputers in effort to better predict extreme weather

29 Jun 2022

Most Popular

Why convenience is the biggest threat to your security
Sponsored

Why convenience is the biggest threat to your security

8 Aug 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

29 Jul 2022
Cyber attack on software supplier causes "major outage" across the NHS
cyber attacks

Cyber attack on software supplier causes "major outage" across the NHS

8 Aug 2022