Russian hackers target U.S. conservative think-tanks and Senate, Microsoft says

Hackers linked to Russia's governmenttried to target the websites of two right-wing U.S. think-tanks,suggesting they were broadening their attacks in the build-up toNovember elections, Microsoft said.

The software giant said it had thwarted the attempts lastweek by taking control of sites that hackers had designed to mimic the pages of The International Republican Institute andThe Hudson Institute. Users were redirected to fake pages wherethey were asked to enter usernames and passwords.

TheRussian government deniedthe allegations on Tuesday.

"We don't know what hackers they are talking about," Kremlinspokesperson Dmitry Peskov told reporters on a conference call."Who exactly are they talking about? We don't understandwhat the proof and the basis is for them drawing these kind ofconclusions. Such information [proof]is lacking."

It's about disrupting and diminishing any group that challenges how Putin's Russia is operating at home and around the world.- Eric Rosenbach,Defending Digital Democracyproject

Officials in Moscow have regularly dismissed accusations that they haveused hackersto influenceelections and political opinion in the U.S. and other countries.

Casting such allegations as part of an anti-Russian campaigndesigned to justify new sanctions on Russia, it says it wants toimprove, not worsen ties with Washington.

"We're concerned that these and other attempts pose securitythreats to a broadening array of groups connected with bothAmerican political parties in the run-up to the 2018 elections,"Microsoft said in a blog post overnight.

The International Republican Institute has a roster ofhigh-profile Republican board members, including Senator John McCain of Arizona who has criticized U.S. President Donald Trump's interactions with Russia, and Moscow's rights record.

Putin targeting critical groups

The Hudson Institute, another conservative group, has hosteddiscussions on topics including cybersecurity, according toMicrosoft. It has also examined the rise of kleptocracy,especially in Russia and has been critical of the Russian government, the New York Times reported.

"They [the Russians]are pursuing attacks that they perceivein their own national self-interest," said Eric Rosenbach, thedirector of the Defending Digital Democracy project at HarvardUniversity, on Monday to the New York Times.

"It's about disrupting and diminishing any group thatchallenges how Putin's Russia is operating at home and aroundthe world."

The report comes amid increasing cyber-tensions betweenMoscow and Washington ahead of the congressional votes inNovember.

A federal grand jury in the U.S. indicted 12 Russianintelligence officers earlier in July on charges of hacking the computer networks of 2016 Democratic presidential candidateHillary Clinton and the Democratic Party.

Special counsel Robert Mueller is investigating Russia'srole in the 2016 election and whether Trump's campaign team colluded with Russians during the vote. Russia denies meddlingin the elections whileTrump has denied any collusion.

Fake Senate websites

Microsoft said its digital crimes unit (DCU) had acted on acourt order to take control of six internet domains created by agroup known variously as Strontium, Fancy Bear and APT28, whichit said was associated with the Russian government.

As well as the two think-tanks, other home pages had beenset up to mimic the websites of the U.S. Senate and Microsoft'sown Office software suite, it added.

The type of attack is known as "spear fishing," in which thehackers trick victims to enter their user name and password intothe fake site in order to steal their credentials.

"To be clear, we currently have no evidence these domainswere used in any successful attacks before the DCU transferredcontrol of them, nor do we have evidence to indicate theidentity of the ultimate targets of any planned attack involvingthese domains," Microsoft said on the blog.

Facebook said late last month it had removed 32 pagesand fake accounts from its platforms in a bid to combat foreign meddling ahead of November's U.S. congressional elections.

The company stopped short of identifying the source of themisinformation. But members of Congress who had been briefed byFacebook on the matter said the methodology of the influencecampaign suggested Russian involvement.

With files from CBC News