The Kremlin has targeted conservative think tanks critical of Russia, Microsoft says


The Kremlin is “broadening” its political targets and has attempted to hack at least two prominent conservative U.S.-based think tanks that have taken a hard line on Russia, Microsoft announced Tuesday.

Both the Hudson Institute and the International Republican Institute, right-leaning think tanks that have been critical of Russia, were the targets of spear-phishing attempts, according to Microsoft. The hackers are linked to the Russian unit formerly known as the GRU, the New York Times reported. Users who thought they were navigating to the Hudson Institute and the International Republican Institute were redirected to sites that mimic their domain.

Microsoft said there is “no evidence” the attempted hacking was successful.

The report comes just over two months ahead of November’s midterms, and further indicates that Russia is seeking to interfere in the upcoming election, as they did in 2016.

President Donald Trump has publicly suggested on multiple occasions that Russia did not meddle in the 2016 presidential election, and seemed to say after a controversial meeting with Russian President Vladimir Putin in July that the Kremlin no longer poses a threat to the U.S. election system.

“Is Russia still targeting the U.S., Mr. President?” a reporter asked him in the Cabinet room of the White House on July 18.

“Thank you very much. No,” Trump said.

“No, you don’t believe that to be the case?”

“No,” Trump said.

The White House later claimed Trump was simply saying “no” to answering further questions from the press. The remark, which came on the heels of his Helsinki summit with Putin, opened him up to significant criticism that he was failing to adequately secure the U.S. election system.

Alexey Nikolsky/Getty Images

“It’s clear that democracies around the world are under attack” and that the “tech sector will need to do more to help protect the democratic process,” Microsoft said Tuesday.

The Microsoft Digital Crimes Unit last week “executed a court order to disrupt and transfer control” of web domains created by a group associated with the Russian government, the company announced. One was made to mimic the International Republican Institute, another to mimic the Hudson Institute and others that “appear to reference the U.S. Senate but are not specific to particular offices.”

The Hudson Institute, whose board members include former Trump national security adviser H.R. McMaster, is home to the Kleptocracy Initiative, which has been critical of Russia. The International Republican Institute, which receives funding from the U.S. Department of State, whose board includes Sen. John McCain (R-Ariz.), a critic of Trump and Russia, frequently publishes experts that scrutinize Russia’s malign behavior. 

The attempted attack seems to indicate that Russia, which targeted Hillary Clinton and the Democratic Party in 2016 with the goal of helping Trump, has expanded its meddling efforts.

Microsoft announced Tuesday it is establishing an initiative called Microsoft AccountGuard as part of its Defending Democracy Program, to give extra cybersecurity protection to candidates, campaigns and other political entities.

But it also stressed that “no individual or company” can secure the democratic process alone and called for widespread vigilance.

“We can only keep our democratic societies secure if candidates can run campaigns and voters can go to the polls untainted by foreign cyberattacks,” Microsoft’s report said. “We’re committed to doing our part by helping to protect candidates and campaigns in preserving their voices and votes no matter what party they support.”