America’s top intelligence official, Dan Coats, said last week that “the warning signs are there” when it comes to Russia and other foreign governments waging cyberattacks on the United States. He made the point again on Thursday at the Aspen Security Forum in Colorado, capping off a wild week that began with President Trump buddying up to Vladimir Putin in Helsinki and taking the Russian leader’s word over that of intelligence chiefs.
And as the midterm elections loom in November, it seems there’s already evidence of Russia interfering.
A Microsoft executive said at the Aspen Security Forum panel — the same that Coats and other US officials attended — that the company had detected phishing attacks targeting three US congressional candidates, a bit like the strategy the Russian GRU agents used in the 2016 election against Democrats and Hillary Clinton.
Tom Burt, Microsoft’s vice president of customer security and trust, told the audience in Colorado that earlier in the year, the company discovered that a fake Microsoft domain had been created as a landing page, kind of a staging ground, to get candidates to click so they would be vulnerable to a phishing attack. “We saw metadata that suggested those phishing attacks were being directed at three candidates who were all standing for the election in the midterms,” Burt said.
Tom Burt, VP of security at Microsoft, says the company detected Russian phishing attacks on three candidates in the 2018 midterms "who would be interesting from an espionage perspective." Wouldn't reveal who they are. #AspenSecurity— Julia Ioffe (@juliaioffe) July 19, 2018
The cyberattacks weren’t successful in hacking the three candidates. Burt didn’t identify them by name, but intriguingly described them as “interesting targets from an espionage standpoint.”
The hacks are going to keep happening, even if Trump believes they aren’t
Microsoft’s account backs up what intelligence and law enforcement officials keep repeating — despite the mixed messages from the White House: Russia is going to keep hacking and trying to exploit American partisanship on social media.
When asked if Russia was still attempting to target the United States this week, President Trump said, “No.” The White House press secretary cleaned up his response, saying he meant to say “no” to more questions from reporters.
But the back-and-forth underscored the concerns about whether the US government will be able to fight off these attacks, and how they’ll be able to warn and inform the public, especially with Trump as “skeptic-in-chief.”
Top administration officials are moving forward with measures to counter such foreign attacks, with or without Trump. At the same forum, Deputy Attorney General Rod Rosenstein introduced the Department of Justice’s cyber-digital task force, a comprehensive report on what the threats are, the key targets, and how the US should fight them. When it comes to America’s political system, that’ll include everything from attacks on election infrastructure to the targeting of particular candidates to the propaganda and divisive news that Russian operatives spewed on social media. Russia tried each of those influence operations in 2016.
“Russian intelligence officers did not stumble on the idea of hacking American computers and posting misleading messages because they had a free afternoon,” Rosenstein said on Thursday. “It’s what they do every day.”