Microsoft targeted six domains Fancy Bear registered to use in phishing attacks:

• my-iri.org, meant to look like International Republican Institute, a pro-democracy group with multiple sitting and former Republican officials on its board
• hudsonorg-my-sharepoint.com, which was meant to look like the conservative Hudson Institute think tank's Sharepoint document storage system
• Three domains targeting the Senate, including its email servers, and one targeting users of Office 365

This undercuts a narrative: Prior to the 2016 elections, Russia hacked both Democrats and Republicans, yet only released files that harmed Democrats. Microsoft's moves suggest that Russia continues to hack both sides of the aisle.

Be smart: "Russians are hacking the GOP" doesn't necessarily equal "Russians are hacking Trump." Both Hudson and IRI are well known conservative groups. Neither is closely identified with Trump administration policies.

Microsoft has waged a years-long battle with Fancy Bear over phishing sites sites that appear to be legitimate Microsoft sites. The company use civil courts to take control control of the look-alike website names the Russians have registered.

• At the Aspen Security Forum in July, Microsoft announced it had dismantled a similar site targeting a senatorial candidate — later discovered to be Sen. Claire McCaskill (D-Missouri).

Microsoft made this announcement as it launches new security measures for campaigns, NGOs and other groups involved in elections.

The new AccountGuard program will provide:

• Account security across personal and campaign accounts. This is critical, as we learned in 2016, when John Podesta's personal email was hacked.
• Educational opportunities.
• Early access for campaigns to new security tools as Microsoft rolls them out.