Russian hackers target sites exposing Kremlin kleptocracy


Source: Crowdstrike

Hackers linked to Russia’s government tried to target the websites of two U.S. think-tanks, suggesting they were broadening their attacks in the build-up to November elections, according to Microsoft, Reuters reports:

The software giant said it thwarted the attempts last week by taking control of sites that hackers had designed to mimic the pages of The International Republican Institute and The Hudson Institute. Users were redirected to fake addresses where they were asked to enter usernames and passwords.

The Russian military intelligence unit that sought to influence the 2016 election appears to have a new target: conservative U.S. think tanks that are seeking continued sanctions against Moscow, exposing kleptocrats or pressing for human rights.

In a report scheduled for release on Tuesday, Microsoft said that it identified and seized websites created recently by hackers associated with the Russian unit formerly known as the G.R.U. The sites were designed to give users the impression that they were clicking links managed by the Hudson Institute and the International Republican Institute, a core institute of the National Endowment for Democracy, but they were then covertly redirected to web pages created by the hackers to steal passwords and other credentials.

 “We are now seeing another uptick in attacks. What is particular in this instance is the broadening of the type of websites they are going after,” Microsoft’s president, Brad Smith, told the New York Times:

The Hudson Institute has promoted programs examining the rise of kleptocracy in governments around the world, with Russia as a prime target. The International Republican Institute, which receives some funding from the State Department and the United States Agency for International Development, has worked for decades in promoting democracy around the world.

“You can’t really bring people together in a democratic society unless we share information about what’s going on,” Smith told The Washington Post. “When there are facts that are clear as day, for those of us who operate inside companies, increasingly we feel it’s an imperative for us to share this more broadly with the public.”

“This is another demonstration of the fact that the Russians aren’t really pursuing partisan attacks, they are pursuing attacks that they perceive in their own national self-interest,” said Eric Rosenbach, the director of the Defending Digital Democracy project at Harvard University, on Monday. “It’s about disrupting and diminishing any group that challenges how Putin’s Russia is operating at home and around the world.”

David Tell, the group’s director of public affairs, said that the Hudson Institute’s Kleptocracy Initiative, which frequently reports on corruption in Russia, may have made the conservative think tank a target, the Post adds. Tell also noted that Director of National Intelligence Daniel Coats, speaking at the Hudson Institute in July, called Russia “the most aggressive foreign” actor in seeking to divide Americans, which could have drawn the attention of APT28.

“This kind of stuff does happen. It’s happened to us before,” Tell said. “It doesn’t surprise me that bad actors in nondemocratic states would want to mess with us.”

Daniel Twining, the president of the International Republican Institute, called the apparent “spear phishing” attempt “consistent with the campaign of meddling that the Kremlin has waged against organizations that support democracy and human rights,” The Times adds.

“It is clearly designed to sow confusion, conflict and fear among those who criticize Mr. Putin’s authoritarian regime,” Mr. Twining said in a statement.

“It’s clear that democracies around the world are under attack,” Microsoft’s Smith stated.

“These attacks are seeking to disrupt and divide,” he said. “There is an asymmetric risk for democratic societies. The kind of attacks we see from authoritarian regimes are seeking to fracture and splinter groups in our society.”

The Microsoft report coincides with British Foreign Secretary Jeremy Hunt calling on the European Union “to ensure its sanctions against Russia are comprehensive, and that we truly stand shoulder to shoulder with the US.” Hunt will focus remarks at the US Institute of Peace in Washington  on the global response to Russia’s “malign behavior,” which “undermines the international order that keeps us safe,” according to excerpts of the speech obtained by CNN.

“Of course we must engage with Moscow, but we must also be blunt: Russia’s foreign policy under President Putin has made the world a more dangerous place,” Hunt will say at the US Institute of Peace in Washington. Following the Skripal chemical weapons attack in England, the EU should apply more pressure to protect western democracy from Russian interference and ensure the Kremlin sticks to international rules.

The Defending American Security from Kremlin Aggression Act (DASKAA) has the potential to be an effective deterrent to bad Russian behavior, but to be credible it needs two things, analysts Clay R. Fuller and Nate Sibley write for The Hill:

  • First, the clear support of US-based multinational firms across all sectors.
  • Second, language to provide a tool for truly undermining the economic foundations of Putin’s authoritarian kleptocracy: a provision requiring corporate beneficial ownership transparency.


Print Friendly, PDF & Email