News

Actions

Microsoft says foreign hackers still actively targeting US political targets

Posted at 4:21 PM, Jul 17, 2019
and last updated 2019-07-17 18:21:57-04

Americans involved in the democratic process were heavily targeted by foreign government hackers in the past year, according to Microsoft.

Since August 2018, the company made more than 740 notifications to US political parties, campaigns, and democracy-focused nonprofits that they had been targeted by foreign government hackers who use its free cybersecurity services, it said in a release Wednesday.

The majority of those came from Iran, North Korea and Russia, the company said.

Microsoft declined to share a clear definition of an attack, except to say it constituted a unique attempt to breach a network. In a dedicated attempt to break into a political campaign — like the successful one in 2016 against Clinton campaign chairman John Podesta — hackers might send dozens or hundreds of phishing emails to an organization.

As the developer of the world’s most popular operating system, the company is widely regarded as having a particularly strong insight into tracking how hackers around the world operate.

Tom Burt, Microsoft’s vice president of customer security and trust, announced last year that three congressional campaigns — later corrected to two — had been targeted by the GRU, the same Russian military intelligence agency that hacked Democrats in 2018. News reports later named one of those campaigns as Missouri Democratic Sen. Claire McCaskill.

The GRU has also been accused of hacking and leaking documents from at least two US think tanks.

Think tanks have long been a popular target for government hackers interested in conventional espionage, as they heavily influence US policy and often employ people who have worked in the government or who cycle in and out of government jobs.

“It’s hard to break into the State Department, but it’s easy to break into a think tank with a shoestring budget, then get information that’s ultimately being provided to or circulated around the government,” said Adam Meyers, vice president of intelligence at CrowdStrike, a cybersecurity company.

“It’s an easier target for a threat actor to collect intelligence about political issues,” he said.