(ITpro)— Microsoft revealed that it has already blocked spearphishing attempts against three congressional candidates.Security experts have detected hacking attempts on the US mid-term elections for first time, after Microsoft announced that it identified and blocked attempted attacks on three congressional candidates so far this year.
Tom Burt, Microsoft’s vice president of security and trust, revealed the news at the Aspen Security Summit, Politico reports. The company has not disclosed whether or not the Russian government is suspected of being behind the attacks, and did not specify who the targets were.
Burt did note, however, that they were all candidates for this year’s mid-term elections, and were “people who, because of their positions, might have been interesting targets from an espionage standpoint as well as an election disruption standpoint”.
The attackers set up a bogus page purporting to be a Microsoft domain, for the purposes of mounting spearphishing attacks to steal targets’ credentials. This is a common tactic, and one that allegedly enabled Russian state hackers to access John Podesta’s emails in 2016 – which, according to the US Department of Justice, then enabled them to hack the DNC and potentially sway the election.
However, Burt noted that the level of cyber activity observed around the mid-term elections is noticeably less than what was seen during the 2016 presidential elections, indicating that the threat of interference may not be as great.
“On the other hand, cyber security experts Carbon Black warned that cyber warfare is still a very real issue. “Geopolitical tensions manifest in cyberspace,” the company’s chief cyber security officer Tom Kellermann said. “There is a direct link between the failures of diplomacy and cyberespionage and cyberterrorism. The cold war adversaries have colonised wide swaths of Western cyberspace.”