Slashdot Mirror
Russian Hackers Targeted US Conservative Think-Tanks, Says Microsoft (reuters.com)
retroworks shares a report: Hackers linked to Russia's government tried to target the websites of two right-wing U.S. think-tanks, suggesting they were broadening their attacks in the build-up to November elections, Microsoft said. The software giant said it thwarted the attempts last week by taking control of sites that hackers had designed to mimic the pages of The International Republican Institute and The Hudson Institute. Users were redirected to fake addresses where they were asked to enter usernames and passwords. There was no immediate comment from Russian authorities, but the Kremlin was expected to address the report later on Tuesday. It has regularly dismissed accusations that it has used hackers to influence U.S. elections and political opinion. Casting such allegations as part of an anti-Russian campaign designed to justify new sanctions on Russia, it says it wants to improve not worsen ties with Washington. Further reading: Microsoft Reveals First Known Midterm Campaign Hacking Attempts, and Microsoft Launches Pilot Program To Provide Cybersecurity Protection To Political Campaigns and Election Authorities.
All the while pretending like this is something that doesn't happen all the time. Pretty much every country in the world wants America's president to benefit their interests; Canada meddled, Mexico meddled, the UK meddled, Somalia meddled, the Koreas meddled, China meddled, etc etc.
So how exactly did Canada meddle in the US election. I don't even recall any Canadian authority stating that they supported one candidate over the other. Even if they did I wouldn't call that meddling. If Russia came out and said they preferred Trump over Clinton (or vice versa) I wouldn't call that meddling either. If you go to the extent of robo-posting to social media sites in hopes of seeding discord then I would call that meddling. As far as I know Canada has never been accused of that level of involvement in US elections.
The rest of the countries in your list probably fall in this same situation but I don't have any direct knowledge either way to say for sure.
I'm not sure this overall narrative actually says what you want it to say.
"Russians swayed dumb mouth breathing voters with crazy fake news"
Okay ... we've had a pretty evenly split national electorate for quite awhile now ... so if Russia managed (through the most incredible small investment in political history, btw) to sway enough idiot stupid dumb (did I stick closely enough to the narrative there?) people to sway the presidential election ... then which side did those moronic people come from?
(Spoiler / hint: not the side that won ... outside influence would need to peel votes from the other side ...)
"How dare you steal our dumb voters" might not be the best slogan for ya.
I haven't seen yet how Microsoft linked this particular incident, but in general there are many ways. Each group has their own favored tools, techniques, and overall style. When you do it for a living, you get to know them. All combined, it's like a pop radio DJ identifying a new Justin Bieber song, the DJ knows Bieber's sound.
Some groups specialize in certain malware. They have one or two members who are good at actually writing the malware etc. They keep making improvements or variations on the same malware. Other members distribute the malware, repeatedly using the same methods, targeting the same type of targets. They host the malware or other web resources in the same places that worked well last time. Sometimes they talk about things on hacker forums. If you've been a member of such a forum for a few years, most people there assume you're okay - not a cop.
You may recall a few years ago someone called "Stonetewr" was asking on Reddit about how to delete evidence from a server for "a very VIP". Paul Combetta, who worked on Clinton's server, used the email address stonetear@gmail.com and used the name Stonetear on Etsy. Knowing that Stonetear wanted to wipe a server for "a very VIP" a day or two before someone at Combetta's company wiped Hillary's server, and knowing that Combetta goes by Stonetear, it's not hard to figure out that Combetta was working on wiping Hillary's server. No IP tracing required, and it doesn't matter how many proxies and VPNs he used.
On Slashdot, if a new account popped up called JelloLover and they uses ten times as many commas as grammar would indicate, while randomly capitalizing a few words for no reason and saying the things that Jellomizer says, some of us would recognize that's probably Jellomizer's new account. It's similar with the crackers - you get to know them.
Before the US government publicly accuses the Russian government of a specific attack, we can expect the NSA and others would make use of their rather significant data collection capabilities to make some even firmer connections. That's not necessary in order in order for someone who follows the Russian hackers every day to be able to recognize them, though.
Someone might say "it could be a false flag! Someone could impersonate the FSB, just like someone could impersonate Jellomizer or MDSolar!" Yeah, someone COULD post something silly about solar electric, breathlessly pitching whatever MDSolar's company is selling this month. Which would make it look like - MDSolar is spamming his products again? We'd think it was MDSolar because the impersonator was acting like MDSolar, which would fool us into thinking that MDSolar acts like MDSolar. The job of the FSB is to do cyberattacks on Russia's rivals. If someone were being tricky and trying to make a hack look like the work of the FSB, they'd be making it look like FSB is doing their job. I guess maybe the NSA wants Alexander Bortnikov to get a raise?