Arthur J. Villasanta – Fourth Estate Contributor
Seattle, WA, United States (4E) – The Russian government hacking group also known as “Fancy Bear,” which led the cyberattacks on the Democratic National Committee (DNC) in the 2016 U.S. presidential election, has tried and failed to compromise the websites of several conservative US think tanks, the Senate, and Microsoft Corporation.
Microsoft has discovered and shut down 84 fake websites created by Fancy Bear over the past two years. It said it defeated these latest attacks by Fancy Bear. The Russian designation for this group is apparently Unit 26165 and Unit 74455.
Both these units are part of the GRU, or the “Main Intelligence Directoraate”of the Armed Forces of the Russian Federation. Other aliases for this advanced persistent threat group are APT28, Pawn Storm, Sofacy Group, Sednit and STRONTIUM.
Microsoft president Brad Smith revealed that Russian government hackers in Fancy Bear created six websites that intentionally tried to mimic those of certain conservative U.S. think tanks, the Senate, and even Microsoft itself. Smith said Fancy Bear’s goal was to trick people into clicking through the fake pages, thereby allowing the hackers to steal information from them. These websites were created within the past few weeks.
Microsoft said it discovered those websites and seized them after obtaining a court order to do so. These websites are now offline and useless to the GRU, which is the acronym for “Glavnoye razvedyvatel’noye upravleniye.”
Microsoft considers this cyberattack a failure and has yet to see any evidence the websites were part of a successful attack. It’s likely the six fake websites contained malware that would have allowed Russian spies to access the computers of their victims.
Smith said Microsoft’s Digital Crimes Unit (DCU) successfully executed a court order to disrupt and transfer control of six internet domains created by Fancy Bear. He said Microsoft has now used this approach 12 times in two years to shut down 84 fake websites associated with Fancy Bear.
He noted the Eussian spies want their attacks to look as realistic as possible. To do this, the Russians create websites and URLs that look like sites their targeted victim, who expect to receive email from or visit those sites.
Smith said Microsoft is concerned the latest attacks by Fancy Bear and other attempts pose security threats to a broadening array of groups connected with both American political parties in the run-up to the 2018 elections. He announced an expansion of Microsoft’s Defending Democracy Program with a new initiative called Microsoft AccountGuard to better protect U.S. elections from cyber attacks from Russia.
In July, special counsel Robert Mueller indicted 12 of members of the GRU for stealing emails and documents from the DNC, the Democratic Congressional Campaign Committee, and various Hillary Clinton campaign staffers, including campaign chairman John Podesta
“The efforts of the Russian security services reflect a broader goal to skew the American political discourse in ways that are sympathetic to Moscow,” said Michael Sulmeyer, a former top cyber official at the Pentagon.
Article – All Rights Reserved.
Provided by FeedSyndicate