Skip to main content
Jul 26, 2018 - Politics & Policy

Vulnerable Democratic Senator targeted in midterm hacking attempt

Shannon Vavra
Claire McCaskill looks surprised with mouth agape.

Photo: Mark Wilson/Getty Images

Sen. Claire McCaskill’s team was targeted with spear phishing attempt from Russia’s intelligence unit around August 2017, according to The Daily Beast. Sen. McCaskill claims the attack wasn't successful, according to her statement on the attempt.

Why it matters: This is the first publicly identified target of the cyber attacks Moscow has launched in the buildup to the 2018 midterms. McCaskill is a vulnerable Democrat running for reelection in Missouri, a state where President Trump beat out Hillary Clinton in 2016 by almost 20 points.

Homeland Security Secretary Kirstjen Nielsen has previously said Russia is not launching attacks at the scale and scope of the 2016 attacks.

  • Microsoft said last week at the Aspen Security Forum that two other campaigns have been targeted like this, although would not specify whether Russia was responsible.

The details: Senate targets received emails that claimed they needed to reset an expired Microsoft Exchange password. By clicking on a link in that email, they were redirected to a site made to look like the Senate’s Active Directory Federation Services (ADFS) login page, individualized based on who clicked.

  • A Virginia judge issued a permanent injunction against the Russian intelligence hackers last August, which allowed Microsoft to take over websites hackers are responsible for that use Microsoft’s trademark.

The big picture: Individual campaigns and lawmakers’ staffing teams are only as safeguarded from falling for these traps as they are trained to avoid spear phishing tricks. The Russians were able to break into the DCCC and DNC through phishing, which allowed them to launch malware to steal passwords.

  • Given that we know Russians have already launched several hacks like these in the past year, campaigns and election officials would do well to be wary of emails with links in them, especially if there are prompts to provide user credentials.

Microsoft declined to comment on the report.

Go deeper: How the Russians hacked in the 2016 elections

Go deeper