Microsoft shuts down Russian military backed sites aiming to influence elections

Kareem Anderson

The democratic experiment in several nations has been under increasing attack from foreign entities looking to derail the ebbing flow of progress and political evolution within the world.

As more citizens become participants and consumers of information via the internet, cyber attacks are becoming more commonplace. Nefarious countries are using the internet to spread disinformation, tamper with voting systems and engineer political divide via social media in a new cyber warfare where the effects may be longer lasting than any “boots on the ground” engagement.

Here in the US, the use of cyber warfare was no more evident than the 2016 presidential election, one in which lingering effects still occupy a continuous space in the political process.

As the US heads into another big democratic election process for its 2018 midterm elections, Microsoft, a US based technology company wants to help ensure the sanctity of the country’s voting process.

Yesterday, Microsoft penned a new post on its Microsoft On the Issues blog where it explains the steps the company plans to take to help fortify the US electronic voting process in the wake of another presumed Russian Military sanctioned cyber attack.

Broadening cyberthreats to both U.S. political parties make clear that the tech sector will need to do more to help protect the democratic process. Last week, Microsoft’s Digital Crimes Unit (DCU) successfully executed a court order to disrupt and transfer control of six internet domains created by a group widely associated with the Russian government and known as Strontium, or alternatively Fancy Bear or APT28. We have now used this approach 12 times in two years to shut down 84 fake websites associated with this group. Attackers want their attacks to look as realistic as possible and they therefore create websites and URLs that look like sites their targeted victims would expect to receive email from or visit. The sites involved in last week’s order fit this description.

To combat attacks such as these, Microsoft is set to expand its newly released (as of April 2018) Defending Democracy Program.

Microsoft’s Defending Democracy Program has a four pronged priority list that includes “protecting campaigns from hacking, protecting voting and the electoral process, increasing political advertising transparency, and defending against disinformation campaigns.” 

In addition to dealing with some of the intangibles of voting Microsoft has initiated AccountGuard meant to provide additional security services for organizational and consumer email accounts to prevent the proliferation of data theft.

  1. Threat notification across accounts. The Microsoft Threat Intelligence Center will enable Microsoft to detect and provide notification of attacks in a unified way across both organizational and personal email systems. For political campaigns and other eligible organizations, when an attack is identified, this will provide a more comprehensive view of attacks against campaign staff. When verifiable threats are detected, Microsoft will provide personal and expedited recommendations to campaigns and campaign staff to secure their systems.
  2. Security guidance and ongoing education. Officials, campaigns and related political organizations will receive guidance to help make their networks and email systems more secure. This can include applying multi-factor authentication, installing the latest security updates and guidance for setting up systems that ensure only those people who need data and documents can access them. AccountGuard will provide updated briefings and training to address evolving cyberattack trends.
  3. Early adopter opportunities. Microsoft will provide preview releases of new security features on a par with the services offered to our large corporate and government account customers.

Microsoft plans to expand its MDDP services to more areas around the world as its works on adhering to new international laws such as the Digital Geneva Convention.

Microsoft has taken a vigilant approach to protecting US democratic processes, unfortunately, the company’s efforts seem to be unmatched in focus by the current digital establishments in place. Hopefully, more US campaigns and voting destinations make use of these technological tools heading into the 2018 mid term elections.