Speaking at the Aspen Security Forum today, Microsoft said it already blocked the first attempts of a Russian threat actor at hacking into the campaigns of three congressional candidates participating in the 2018 midterm elections.
"Earlier this year, we did discover that a fake Microsoft domain had been established as the landing page for phishing attacks," said Tom Burt, Corporate Vice President for Customer Security and Trust, Microsoft.
"We saw metadata that suggested those phishing attacks were directed at three candidates who are all standing for election in the midterm elections," he added.
Burt says the phishing attacks were directed against the staff of the three candidates. He declined to name the three candidates citing their right for privacy.
"Because of their position, [the staff] might have been interesting targets from an espionage standpoint as well as an election disruption standpoint," Burt said.
"We took down that domain," he added," and working with the government we were able to avoid anybody being infected by that particular attack."
"The government's security teams deserve a lot of credit for that," the Microsoft exec said.
"I would say that the consensus of the threat intelligence community right now is [that] were not seeing the same level of activity by the Russian activity groups leading into the mid-year elections that we could see when looking back on the 2016 elections," Burt also added on the scale of the hacking in preparation for this year's elections.
"We don't see the activity of them trying to infiltrate think tanks and academia. And in social networks to do the research that they do to build the phishing attacks that they then launch. And we're not seeing ongoing activities like the one we were going to disrupt much earlier this year," Burt explained.
"This doesn't mean [...] we're not going to see it, but there's a lot of time left until the elections. So we and the others in the private sector are trying t be vigilant about that."
Burt's comments are in the video below, at the 15:15 mark.