Microsoft has gained control of six internet domains formerly in the group’s possession, with one pointing towards Republicans. Among them is a mimicry of the International Republication Institute, which holds a board of directors of six Republican senators. Other domains have similarities to senate services and email, the cybersecurity-focused Hudson Institute, and OneDrive. Though Microsoft has of use in attacks, the intent of phishing seems logical.
The company’s Digital Crimes Unit now holds the domains, with plans to analyze them. It used similar tactics when Strontium was under the name Fancy Bear, to great effect. It was able re-route 70 domains to its own, getting an idea of the group’s victims and increasing its costs.
Microsoft Account Guard for Candidates and Campaign Offices
While it works behind the scenes, Microsoft’s Defending Democracy Program is offering free security to all federal, state, and local campaign offices and candidates. Called Microsoft Account Guard, the software will provide threat notifications, security guidance, and preview releases of new security features. It will also be available to related political institutions, the only requirement being the use of Office 365. It cites concerns that Strontium’s behavior is mirroring that seen in 2016 and France’s 2017 election and plans to help organizations protect against such threats. “We can only keep our democratic societies secure if candidates can run campaigns and voters can go to the polls untainted by foreign cyberattacks,” said Microsoft president Brad Smith. “Democracy requires vigilance and at times action by citizens to protect and maintain it. No individual or company can hope to meet this imperative by itself. We all need to do our part. We’re committed to doing our part by helping to protect candidates and campaigns in preserving their voices and votes no matter what party they support.”