Microsoft’s security team prevented a phishing attack by Russian actors on 3 congressional candidates

Jack Wilkinson

Russia is a hot topic when it comes to political campaigns, following the ongoing saga of the 2016 US Presidential campaign. Now Microsoft has stumbled into the heat by surprise.

Microsoft’s President of Customer Security and Trust, Tim Burt, was speaking at the Aspen Institute’s Security Summit this week, in which he discussed how Microsoft stumbled across Russian actors attempting to hack 3 congressional campaigns. In the course of locating and preventing phishing attacks on its customers, Microsoft fell upon a domain that was setup purely to target 3 candidates running in the midterms (via Ars Technica).

Burt said that a “fake Microsoft domain had been established as the landing page for phishing attacks, and we saw metadata that suggested those phishing attacks were being directed at three candidates who are all standing for election in the midterm elections.”

Microsoft then worked alongside US law enforcement and the government to take the sites offline. Burt confirmed that, by working with the government, they were able to prevent the attacks from infiltrating their targets.

The candidates that were targeted have not been disclosed, but Burt mentions that they were interesting targets because of their position, saying:

They were all people who, because of their positions, might have been interesting from an espionage standpoint as well as an election disruption standpoint.

Ending the discussion, Burt said that Russian activity related to the elections is far lower this year than it was in 2016, with no build up of a social media disinformation campaign being seen. He notes, however, that there is still a “lot of time left before the election.”