Russian hackers targeted U.S. Senate, think tanks: Microsoft

FILE PHOTO: A Microsoft logo is seen in Los Angeles, California U.S. November 7, 2017. REUTERS/Lucy Nicholson/File Phot

By Brendan O’Brien

(Reuters) – Microsoft Corp charged that hackers linked to Russia’s government sought to launch cyber attacks on the U.S. Senate and conservative American think tanks, warning that Moscow is broadening attacks ahead of November’s congressional elections.

The world’s biggest software company said late on Monday that it last week took control of six web domains that hackers had created to mimic sites belonging to the Senate and the think tanks. Users who visited the fake sites were asked to enter login credentials.

It is the latest in a string of actions Microsoft has taken to thwart what it charges are Russian government hacking attempts. The company said it has shut down 84 fake websites in 12 court-approved actions over the past two years.

“We’re concerned that these and other attempts pose security threats to a broadening array of groups connected with both American political parties in the run-up to the 2018 elections,” Microsoft President Brad Smith said in a blog post.

Microsoft said it had no evidence that the hackers had succeeded in compromising any user credentials before it took control of the malicious sites.

The Kremlin rejected the Microsoft allegations and said there was no evidence to support them.

“We don’t know what hackers they are talking about,” Kremlin spokesman Dmitry Peskov told reporters. “Who exactly are they talking about? We don’t understand what the proof and the basis is for them drawing these kind of conclusions. Such information (proof) is lacking.”

Moscow has repeatedly dismissed allegations that it has used hackers to influence U.S. elections and political opinion.

The targets, Microsoft said, included the International Republican Institute, whose high-profile Republican board members include Senator John McCain of Arizona, who has criticized U.S. President Donald Trump’s interactions with Russia and Moscow’s rights record.

The Hudson Institute, another target, has hosted discussions on topics including cyber security, according to Microsoft. It has also examined the rise of kleptocracy, especially in Russia, and has been critical of the Russian government.

Other malicious domains were used to mimic legitimate sites used by the U.S. Senate and Microsoft’s Office software suite, the company said.

CYBER TENSIONS

Microsoft’s report came amid increasing tensions between Moscow and Washington ahead of midterm elections in November.

A U.S. federal grand jury indicted 12 Russian intelligence officers in July on charges of hacking the computer networks of 2016 Democratic presidential candidate Hillary Clinton and the Democratic Party.

Special Counsel Robert Mueller is investigating Russia’s role in the 2016 election and whether Trump’s campaign worked with Russians to sway the vote. Russia denies interfering in the elections and Trump has denied any collusion.

The type of attack is known as “spear fishing,” in which the hackers trick victims into entering their username and password into a fake site in order to steal their credentials.

Facebook Inc said late last month it had removed 32 pages and fake accounts from its platforms in a bid to combat foreign meddling ahead of the U.S. votes.

The company stopped short of identifying the source of the misinformation. But members of Congress who had been briefed by Facebook on the matter said the methodology of the influence campaign suggested Russian involvement.

(Reporting by Brendan O’Brien; Additional reporting by Andrew Osborn and Tom Balmforth in Moscow; Editing by Jim Finkle and Steve Orlofsky)

Russia looms large as U.S. election officials prep for 2018

People walk by the U.S. Capitol building in Washington, U.S., February 8, 2018. REUTERS/ Leah Millis

By Dustin Volz

WASHINGTON (Reuters) – Ten months before the United States votes in its first major election since the 2016 presidential contest, U.S. state election officials huddled in Washington this weekend to swap strategies on dealing with an uninvited guest: Russia.

A pair of conferences usually devoted to staid topics about election administration were instead packed with sessions dedicated to fending off election cyber attacks from Russia or others, as federal authorities tried to portray confidence while pleading with some states to take the threat more seriously.

“Everyone in this room understands that what we are facing from foreign adversaries, particularly Russia, is real,” Chris Krebs, a senior cybersecurity official at the Department of Homeland Security (DHS), told an audience of secretaries of state, who in many states oversee elections. Russia, he added, is “using a range of tools against us.”

The department said last year that 21 states had experienced initial probing of their systems from Russian hackers and that a small number of networks were compromised. Voting machines were not directly affected and there remains no evidence any vote was altered, officials say.

While virtually all 50 states have taken steps since the 2016 election to purchase more secure equipment, expand the use of paper ballots, improve cyber training or seek federal assistance, according to groups that track election security, some officials at the conferences expressed an added sense of urgency.

That is because the meetings came immediately after U.S. Special Counsel Robert Mueller unsealed an indictment accusing 13 Russians and three Russian companies of conducting a criminal conspiracy to interfere in the 2016 election.

The charges alleged a sophisticated multi-year operation carried out by a Russian propaganda factory to use false personas on social media to boost Donald Trump’s campaign. Russia has repeatedly denied it attempted to meddle.

“Loud and clear I hear that the biggest threat is this campaign of disinformation as opposed to the election process itself,” said Denise Merrill, Connecticut’s secretary of state, a Democrat.

DHS has taken the lead on working with states to improve voting machine security, but no federal agency is specifically responsible for combating online propaganda.

Several secretaries of state said they needed more rapid notification from federal partners about not just attempts to breach voting systems but disinformation campaigns as well.

“I don’t want to find out about propaganda two years later, after I elect my congressman,” said Mississippi Secretary of State Delbert Hosemann, a Republican, in an interview while clutching his own printed copy of the 37-page indictment.

Frustration boiled over at times among the secretaries of state, some of whom criticized a classified briefings U.S. intelligence agencies held with them over the weekend as largely unhelpful.

Federal officials, they said, continued to provide inadequate information to states about the nature of the Russian cyber threat and how to protect against it.

“I would have thought that behind closed doors, I would have heard, ‘This is why this has to be classified.’ And I heard none of it,” said West Virginia Secretary of State Mac Warner, a Republican. Still, other secretaries of state and election directors said relationships with DHS had improved dramatically compared with a year ago.

Speaking on a panel and attempting to quell frustration, Robert Kolasky, another DHS cybersecurity official, stressed that U.S. intelligence officials were genuinely worried about how Russia or others may attempt to interfere in 2018.

“There are reasons we are worried that things could become more serious,” Kolasky said. “The Russians got close enough, and we anticipate it could be different, or worse, the next time around,” he said.

(Reporting by Dustin Volz; Editing by Daniel Wallis)

U.S. intelligence contractor pleads not guilty to leaking charge

Reality Winner, the U.S. intelligence contractor charged with leaking classified National Security Agency material is shown in this courtroom sketch during her hearing at the U.S. District Courthouse in Augusta, Georgia, U.S., June 8, 2017. Courtesy Richard Miller via REUTERS

By Rich McKay

AUGUSTA, Ga. (Reuters) – A U.S. intelligence contractor accused of illegally leaking a classified report on Russian interference in U.S. elections to a media outlet pleaded not guilty on Thursday to an espionage offense, and a federal judge denied her request for bail.

Reality Leigh Winner, 25, is accused of passing the top secret National Security Agency report to The Intercept last month while working with Pluribus International Corp, which provides analytical services for U.S. defense and intelligence.

Winner was charged in a federal grand jury indictment on Wednesday with a single count of willful retention and transmission of national defense information, a felony offense under the Espionage and Censorship Act that carries a maximum sentence of 10 years in prison.

A federal judge ordered that Winner remain held without bond after prosecutors argued during Thursday’s three-hour hearing that she posed a flight risk and public danger, citing what they called “disturbing” comments found in her notebook.

In one notation she wrote: “I want to burn the White House down,” Assistant U.S. Attorney Jennifer Solari told the judge. The prosecutor said investigators also found the names of three Islamic extremists known to federal authorities listed in Winner’s notebook.

According to a probable-cause affidavit from the Federal Bureau of Investigation, Winner admitted to intentionally printing a copy of the intelligence report in her office and mailing it to the news outlet.

The NSA document in question provided technical details on what it said were Russian attempts to hack election officials in the United States and a voting-machine firm before the presidential election in November, two U.S. officials with knowledge of the case have confirmed to Reuters.

The FBI said unauthorized disclosure of the secret document “could reasonably result in exceptionally grave damage to the national security,” though the government has not alleged that Winner sought to share the report with foreign agents.

She is the first person charged with leaking classified information to the media since the inauguration of President Donald Trump, who has called for investigations into leaks to the media.

A White House spokeswoman said at a press briefing ahead of Winner’s detention hearing that Trump believes anyone found guilty of unlawfully disclosing government secrets should be punished to the fullest extent of the law.

Winner, shackled at the feet and wearing an orange jumpsuit in court, said little during Thursday’s proceeding, except to reply, “Not guilty, your honor,” when asked for her plea, and to answer “yes” and “no” to procedural questions put to her by the judge.

Winner’s parents testified in support of her request to be released from jail on bond, describing their daughter as a church-going patriot who volunteered for the military and was never previously in trouble.

“Your honor, my daughter is a good girl. She will do whatever you tell her to do if you grant her bond,” her stepfather, Gary Winner, told the judge.

Solari countered that Winner’s political agenda mattered more to her than her oath to protect secrets entrusted to her, adding that she might be tempted to flee if further charges were brought in the continuing investigation.

(Reporting Rich McKay in Augusta. Additional reporting by Dustin Volz in Washington; Writing by Jim Finkle in Toronto and Steve Gorman in Los Angeles; Editing by Grant McCool and Tom Brown)