Sign up for our daily briefing

Make your busy days simpler with Axios AM/PM. Catch up on what's new and why it matters in just 5 minutes.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Denver news in your inbox

Catch up on the most important stories affecting your hometown with Axios Denver

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Des Moines news in your inbox

Catch up on the most important stories affecting your hometown with Axios Des Moines

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Minneapolis-St. Paul news in your inbox

Catch up on the most important stories affecting your hometown with Axios Twin Cities

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Tampa Bay news in your inbox

Catch up on the most important stories affecting your hometown with Axios Tampa Bay

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Charlotte news in your inbox

Catch up on the most important stories affecting your hometown with Axios Charlotte

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Microsoft's Russian headquarters, as seen at night. Photo: Mikhail Tereshchenko/TASS via Getty Images

Microsoft last week seized six potential phishing domains associated with the Kremlin-backed hackers Fancy Bear, who tampered with the 2016 election and likely intended to target two conservative groups and the U.S. Senate. It appears Microsoft shut down the domains before they were ever actively used. Microsoft announced the move in a blog post early Tuesday morning.

Why it matters: Spies have infiltrated legislative bodies and political groups from time immemorial, usually for boring reasons, like getting an edge in trade negotiations. But Russia's mass public dumping of stolen documents in 2016 broke the norms of espionage. Whatever the motivation for Russian attempts to hack influential political figures' emails in 2018, the current climate will lead people to assume the worst.

Microsoft targeted six domains Fancy Bear registered to use in phishing attacks:

  • my-iri.org, meant to look like International Republican Institute, a pro-democracy group with multiple sitting and former Republican officials on its board
  • hudsonorg-my-sharepoint.com, which was meant to look like the conservative Hudson Institute think tank's Sharepoint document storage system
  • Three domains targeting the Senate, including its email servers, and one targeting users of Office 365

This undercuts a narrative: Prior to the 2016 elections, Russia hacked both Democrats and Republicans, yet only released files that harmed Democrats. Microsoft's moves suggest that Russia continues to hack both sides of the aisle.

Be smart: "Russians are hacking the GOP" doesn't necessarily equal "Russians are hacking Trump." Both Hudson and IRI are well known conservative groups. Neither is closely identified with Trump administration policies.

Microsoft has waged a years-long battle with Fancy Bear over phishing sites sites that appear to be legitimate Microsoft sites. The company use civil courts to take control control of the look-alike website names the Russians have registered.

  • At the Aspen Security Forum in July, Microsoft announced it had dismantled a similar site targeting a senatorial candidate — later discovered to be Sen. Claire McCaskill (D-Missouri).

Microsoft made this announcement as it launches new security measures for campaigns, NGOs and other groups involved in elections.

The new AccountGuard program will provide:

  • Account security across personal and campaign accounts. This is critical, as we learned in 2016, when John Podesta's personal email was hacked.
  • Educational opportunities.
  • Early access for campaigns to new security tools as Microsoft rolls them out.

Go deeper

1 hour ago - Health

U.S. surpasses 25 million COVID cases

A mass COVID-19 vaccination site at Dodger Stadium on Jan. 22 in Los Angeles, California. Photo: Mario Tama/Getty Images

The U.S has confirmed more than 25 million coronavirus cases, per Johns Hopkins data updated on Sunday.

The big picture: President Biden has said he expects the country's death toll to exceed 500,000 people by next month, as the rate of deaths due to the virus continues to escalate.

GOP implosion: Trump threats, payback

Spotted last week on a work van in Evansville, Ind. Photo: Sam Owens/The Evansville Courier & Press via Reuters

The GOP is getting torn apart by a spreading revolt against party leaders for failing to stand up for former President Trump and punish his critics.

Why it matters: Republican leaders suffered a nightmarish two months in Washington. Outside the nation’s capital, it's even worse.

Erica Pandey, author of @Work
5 hours ago - Economy & Business

The limits of Biden's plan to cancel student debt

Data: New York Fed Consumer Credit Panel/Equifax; Chart: Axios Visuals

There’s a growing consensus among Americans who want President Biden to cancel student debt — but addressing the ballooning debt burden is much more complicated than it seems.

Why it matters: Student debt is stopping millions of Americans from buying homes, buying cars and starting families. And the crisis is rapidly getting worse.

You’ve caught up. Now what?

Sign up for Mike Allen’s daily Axios AM and PM newsletters to get smarter, faster on the news that matters.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!