back to article Microsoft: The Kremlin's hackers are already sniffing, probing around America's 2018 elections

Microsoft says it has already uncovered evidence of Russian government-backed hacking gangs attempting to interfere in the 2018 US mid-term elections. Speaking at an event in Aspen, Colorado, earlier this week, Microsoft vice president of security and trust Tom Burt revealed that the FancyBear hacking group has already begun …

  1. Withdrawn

    Kremlin's hackers

    Putin must've learned nothing during all those KGB years. I would think that even the worst of spies would know to switch out assets once cover is blown.

    1. Voland's right hand Silver badge

      Re: Kremlin's hackers

      out assets once cover is blown

      This is not so much a case of cover is blown, but a case of the method being known. We know that the roads parallel to the one to Redmond will be mined. If an unsuspecting victim by mistake gets on the wrong road they are done for.

      We are yet to know (including names and faces) who mines the roads. We are yet (if ever) to do anything about them.

      We also have no idea what else are they doing, the cat-n-mouse with Microsoft may be a distraction.

    2. annodomini2

      Re: Kremlin's hackers

      Reverse Honeypot

  2. PhilipN Silver badge

    "seized in as little as 24 to 48 hours"

    Not clever.

    Surely better to let them run and track what they are doing.

    1. Voland's right hand Silver badge

      Re: "seized in as little as 24 to 48 hours"

      Surely better to let them run and track what they are doing.

      No you cannot. The server is outside our jurisdiction. So the only way to "see" is to arrest the domain and point it to server(s) you control.

      1. eldakka Silver badge
        Joke

        Re: "seized in as little as 24 to 48 hours"

        > No you cannot. The server is outside our jurisdiction. So the only way to "see" is to arrest the domain and point it to server(s) you control.

        Rubbish, the entire world is subject to American Law and jurisdiction!

        1. DropBear Silver badge
          Joke

          Re: "seized in as little as 24 to 48 hours"

          Except Cuba. Attempt no landing there...!

        2. Fanny

          Re: "seized in as little as 24 to 48 hours"

          "Rubbish, the entire world is subject to American Law and jurisdiction!"

          We'll travelled quote of the day?!

  3. a_yank_lurker Silver badge

    Russia and Who else?

    I am not surprised there are Russian efforts to stir the pot based on the fact in 2016 their efforts created a mess. The mess was not because the efforts were particularly effective but because they created a convenient excuse for the results and a way to delegitimize the results. I suspect they will have a multi-tiered approach. Some of the activities basically repeating the more clumsy methods but with the real meat being at other efforts to not necessarily influence the election but to get access to the internal documents of the various groups. Misdirection with some of the efforts being foiled but to cover the real attacks.

    Also, who else besides Ivan wants to stir the pot for much the same reasons? I can think of a few such as China, India, EU, NorK for starters.

    1. Anonymous Coward
      Anonymous Coward

      Re: Russia and Who else?

      Montenegro and its ne'er-do-well neighbour Grand Fenwick?

      1. Anonymous Coward
        Anonymous Coward

        Re: Russia and Who else?

        Montenegro disrupt elections by preventing an orange baboon to take the prime place in the limelight for a photoshoot. They do not do it electronically.

        Trawl the Internet for the 2017 NATO meeting photoshoot. If the video is full you will see the baboon trying to muscle in on the Monte Negro guy and the Montenegrin not budging. Now, what a vindictive little sh*t you need to be to translate your displeasure for once not being exactly in the prime spot for a picture to a whole country just... beggars belief...

        As far as USA elections being influenced by foreign powers that is normal. There are a couple which are not just allowed, but encouraged to do so to the point where their prime ministers address the Congress on exactly what they are supposed to do the next election cycle. So once again, no need to do that electronically.

    2. MonkeyCee Silver badge

      Re: Russia and Who else?

      "The mess was not because the efforts were particularly effective "

      From where I'm sitting they seem to have been remarkably effective. Trump is about a divisive a candidate as you can get. The goal is fracturing existing political groups, and then setting them on each other. Hence why Clinton/Bernie was such a shitshow, Bernie couldn't win the nomination, but suddenly got a bunch more money and support which just so happened to result in plenty of anti-Clinton democrats. Who then were less likely to vote in the actual election.

      Trump is shitting all over US allies and industrial partners. Can't say a nice thing to/about any of them, even if his family is from Germany and Scotland. Questions article 5 of NATO, despite the fact that the US is currently using it for the GWOT*.

      But when it comes to Russia, suddenly Trump gets coy, hedging even the weakest complaint. The EU is a foe, the Russians are competitors. Even after he didn't not fuck up Helsinki meeting, reading a canned statement designed to make his position "clear" he couldn't resist adding "but it could be anyone" to the end.

      While it might be Trump is a Manchurian candidate, or Putin has some real dirt on him (or just a bunch of his loans belong to Putin's bank). But it could as equally be that Trump is quite aware of just how much help having a plausibly deniable ratfucker on your side, and is terrified what would happen if they switched.

      So either Trump is scared or controlled by Putin. Doesn't really matter which at this point.

      "Also, who else besides Ivan wants to stir the pot for much the same reasons? I can think of a few such as China, India, EU, NorK for starters."

      I must have missed the sanctions being imposed upon the oligarchs of those nations after the invasion of their neighbor.

      The EU consists of nations who are either friendly or allied to the US. The repercussions of even attempting (or being caught) dicking with a fellow democracy would out way any potential gains. Since pretty much every other politician in the US is aware that the EU are in fact allies, it's not like it's an extreme position that needs to be advocated.

      The Norks love Trump! He gave them a huge political victory, and apparently does't understand the ramifications (optics and practical) of stopping military exercises. Name another recent president who would have betrayed long term allies in exchange for no policy change and a photo op.

      The Chinese are quite happy with Trump too. Their territorial and influence expansion works better with MAGA policies, since it allows them to be the local superpower in Asia and Africa. Belt and road baby :)

      * invoked after 9/11. Because the world superpower needs some help cleaning up the blowback from the "defensive" US fights on communism.

      1. Mark 85 Silver badge

        @MonkeyCee -- Re: Russia and Who else?

        From where I'm sitting they seem to have been remarkably effective.

        Indeed and probably beyond their wildest expectations. Trump, family, and friends were surprised he won the nomination. To say they were floored that he won the Presidency would be an understatement from what I've read in various sources on both sides of political spectrum.

    3. DougS Silver badge

      India?

      Why do you think they'd have an interest in trying to compromise US elections? Trump has pretty much ignored them during his term, they should want to keep things that way!

    4. Palpy

      Re: Russia and Who else? Talk to the NSA, FBI, et al.

      US security agencies involved with international intelligence have unanimously fingered Russia for 2016 election hacks, and to ongoing efforts to disrupt US politics. The article to hand is a footnote, with Microsoft explaining how Russia abuses MS services in phishing attacks.

      Parroting Trump ("it could have been anyone") is buying a lie, Yank Lurker. It wasn't just anyone. The NSA fingers Russia. The FBI fingers Russia. The CIA fingers Russia. The Office of the Director of National Intelligence, the oversight agency responsible for coordinating US intelligence... fingers Russia.

      The intelligence reports specifically say that the Russian effort was to discredit and denigrate Clinton, and to boost Trump. Here's the public report from the Office of the Director (pdf). The report is very clear: the effort was to defeat Clinton and get Trump elected. The report is also very clear on the Russian actors which ran (and continue to run) the effort.

      Don't buy the disinformation from Fox News, Breitbart, and Trump. The data is in the intelligence documents, not in the mouths of Sean Hannity and Tucker Carlson. And the truth has never been associated with anything coming from Trump's mouth. Get facts.

      1. Anonymous Coward
        Anonymous Coward

        Re: Russia and Who else? Talk to the NSA, FBI, et al.

        @Palpy The spooks have never lied, have they? Especially not in recent times.

        1. DougS Silver badge

          Re: Russia and Who else? Talk to the NSA, FBI, et al.

          If you want to claim they're lying, what's the reason for it? Why make such a specific allegation, that apparently has a lot of very specific evidence that Trump and those in congress etc. have seen? If the goal was to make up a lie to denigrate Russia, there are many far less politically controversial lies that could have been made than "election interference to help Trump".

          If you want to take the "it is the deep state fighting against Trump" claim, then why are Trump's own picks like Sessions and Coats in full agreement with this assessment? When they became AG and DNI were they initiated into the Deep State(tm) in some sort of secret ritual involving goat's blood and the bones of J. Edgar Hoover?

          It should be pretty obvious to anyone but those who believe 100% of what Trump says what is going on, especially after last week. He cowtows to Putin like no other, and can't speak ill of him or Russia. He couldn't even stay on script in the "hostage video" carefully crafted for him by his advisors after he was shocked (and I can't believe he was shocked!) that even his own party was outraged by letting Putin and Russia off the hook because of his "strong and powerful denial" and stating that he believes him over his own national security people. There is no longer any question that Putin has something over him, the only question that remains now is what that is, and how damaging it will be to Trump when it is finally revealed.

          1. Anonymous Coward
            Anonymous Coward

            Re: Russia and Who else? Talk to the NSA, FBI, et al.

            @DougS Let’s see, WMDs in Iraq, lying to Congress, mass surveillance, rendition, running torture houses around the world, hacking Congressional computers to access investigations into their activities (and getting caught). Why wouldn’t I believe everything they say and accept it as absolute incontrovertible truth?

      2. Thought About IT

        Re: Russia and Who else? Talk to the NSA, FBI, et al.

        Palyp wrote: "Don't buy the disinformation from Fox News, Breitbart, and Trump. The data is in the intelligence documents, not in the mouths of Sean Hannity and Tucker Carlson. And the truth has never been associated with anything coming from Trump's mouth. Get facts."

        It's surprising how many downvotes this statement of fact incurred. I hope that the IT professionals doing that are not involved in designing software for self-driving cars or drones, where they have to take moral decisions about who to save in the event of accident or malfunction.

    5. Steve Davies 3 Silver badge
      Mushroom

      Re: Russia and Who else?

      You clearly forgot the most evil of them all, (or at least that's what El Trumpo thinks), Iran.

      his latest tweet and to quote

      NEVER, EVER THREATEN THE UNITED STATES AGAIN OR YOU WILL SUFFER CONSEQUENCES THE LIKES OF WHICH FEW THROUGHOUT HISTORY HAVE EVER SUFFERED BEFORE. WE ARE NO LONGER A COUNTRY THAT WILL STAND FOR YOUR DEMENTED WORDS OF VIOLENCE & DEATH. BE CAUTIOUS!

      will make the USA a far less safe place. Iran does not like to be messed with. He'll probably call them Arabs next which is a huge insult. They aren't Arabs.

      The world is clearly heading for [see icon] and there is SFA that we can do to stop it.

      1. Rameses Niblick the Third Kerplunk Kerplunk Whoops Where's My Thribble? Silver badge

        Re: Russia and Who else?

        WE ARE NO LONGER A COUNTRY THAT WILL STAND FOR YOUR DEMENTED WORDS OF VIOLENCE & DEATH.

        There's irony in there somewhere, I'm absolutely sure of it.

  4. croc

    Paper Ballots.

    1. DougS Silver badge

      Paper ballots only solve a tiny part of the problem

      Once the paper ballots are counted in the local precinct, how are the results forwarded to the county HQ, and from the county HQ to the state HQ? If they are emailing them, texting them, uploading them into a web site, etc. you are still ripe for attack despite paper ballots.

      Even if you do all that part correctly, if you have a voter roll on an computer and that's taken, one could do a lot of mischief. Call up people registered for the other party and tell them their voting location has changed, or tell them to show up when polls open at 6am because huge lines with waits of 5-6 hours are expected later in the day, or any number of ways to suppress their turnout.

      You don't need to change the actual VOTES to affect an election.

      1. Yet Another Anonymous coward Silver badge

        Re: Paper ballots only solve a tiny part of the problem

        Why not just make the whole process open?

        Just put the presidency out for tender - the one that pays most wins.

        Same system as now but it's open, fair and the money goes to the tax payer rather than to Rupert Murdoch

      2. Pascal Monett Silver badge

        Re: Paper ballots only solve a tiny part of the problem

        I think you are assigning way too much power to the disruptors.

        Paper ballots are traceable. The results are sent electronically are, these days, are most likely encrypted. Even if not, when the results are published, they are also controlled. Any error is called out and corrected.

        Whatever attack can be set up on data transmission cannot survive a proper error correction procedure.

        You need to remember that there are countries using paper ballots. You don't hear much about their vote count being called in question, now do you ? There's a good reason for that.

        As for phoning electors and spreading misinformation, hackers (Russian or otherwise) are not going to do something that so obviously points to them. Remember that it took a state agency investigation to find the hacker's traces. With phone calls, it'd take a quick check at the phone company to get proof.

        1. DougS Silver badge

          Re: Paper ballots only solve a tiny part of the problem

          What good is encryption if the result is stored on a computer that is almost certainly not very secure and easy for a state-level actor to break into? There are a lot of steps from paper ballots to the results reported by a state, and you'd need robust audit procedures at each one (which must include mandatory recounts of a statistically significant number of paper ballots) to identify all possible attempts to changing the result. If you look at the procedures actually being used in the US, most states are woefully short of this mark - there are still far too many voters who aren't leaving a paper trail so election manipulation would be impossible to detect. The precincts where voters leave no paper trail are obviously the ones you'd want to look towards if you wanted to manipulate results (hint, these are almost exclusively low income areas that don't have the budget for new voting machines without federal help)

          That's why I'm always calling for elections that leave a paper trail (electronic voting machines are fine if they spit out a piece of paper that the voter can see/verify that's kept for recounts) and mandatory recounts of a statistically significant portion of the ballots to insure that the results reported were correct.

          Sticking your head in the sand and claiming "paper ballots and encryption" will solve everything just makes it possible for someone to someday compromise an election.

    2. Voland's right hand Silver badge

      Nope

      Paper ballots have been counted and tallied electronically since the late 80-es.

      They are actually LESS secure than a PROPERLY implemented electronic voting system.

      Additionally, you simply cannot use paper ballots in USA any more. The direct democracy "additions" where it is trivial to add a "proposition" to the ballot in major states have killed them. When a voter is voting on 20+ things in ballot doing so on paper is a no-starter. There will be 30% or so spoiled ballots.

      1. Stork Bronze badge

        Re: Nope

        I can see the argument that the US elections are more complex (electing everyone from water meter reader upwards), but then consider how the Swiss manage?

        They have collections of referenda 3 or 4 times per year, and they also have federal, cantonal and municipal assemblies. I am not sure how they do it, anyone knows?

      2. Peter2 Silver badge

        Re: Nope

        Paper ballots have been counted and tallied electronically since the late 80-es.

        They are actually LESS secure than a PROPERLY implemented electronic voting system.

        Actually, nope. Maybe in the USA, but that's another one of those famous "only in America..." things.

        In the UK, it's all done by hand and much information can be found on the process by the magic of Google. With 300 years to perfect the system for dealing with paper votes I think that frankly it's better and cheaper than any alternative.

      3. DougS Silver badge

        Paper ballots are used in most of the US

        The computer readable bubble kind. I get a ballot with a front and a back that has a bunch of stuff on a legal sized piece of paper.

        I don't know the rate of spoiled ballots, but a ballot that is spoiled because there were two votes for city council won't stop it from being counted for Senate if there is only one vote as there should be. The pencils they give you have erasers, or I assume you could ask them for a replacement ballot if you don't want trust the eraser.

  5. Anonymous Coward
    Anonymous Coward

    "The goal here is to say stop using Microsoft domain names,"

    That's gotta sting for those two bing users.

  6. Anonymous Coward
    Anonymous Coward

    vice president of security and trust

    Who in their right mind trusts Microslurp? Maybe that position is an inside joke.

  7. Anonymous Coward
    Anonymous Coward

    All your elections are belong to us

    Relax comrades.

    What could possibly go wrong?

    Oh.

    Trump you mean?

    Fair enough.

  8. SVV Silver badge

    Azure ElectionHack 365

    Well, what our clients use their cloud servers for is none of our business, we're just making money off it whatever it is!

  9. Temmokan

    The spy that is detected is a dead spy.

    Either Microsoft is spreading, so to day, incorrect information, or they are just trying to impress everyone with their security efficiency.

    I don't buy it. Especially if GRU could indeed be involved (there are no fools in such agencies).

  10. RobertLongshaft

    **puts on Troy Mcclure voice**

    Hi it's the CIA here, you might remember me from such hits as "Iraqi WMDs and the chemical laiden scuds which can be launched in 12 minutes" or "I have absolutely no idea how all this cocaine got here" or finally "Look, it's the Russians"

    If you believe this total and utter bullsh1t then you'll literally believe anything, anything at all.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019