Microsoft’s announcement early Tuesday that it had stopped an attempt to hack a group of conservative think tanks added to recent evidence that Russia continues to conduct cyber-espionage efforts aimed at U.S. politics in the run-up to the 2018 midterm elections.
But cybersecurity experts who spoke with NBC News said that focusing solely on the impact to the midterms ignores the broader issue: There is a quiet but intensifying digital battle being fought between Russia and the U.S. that reaches into geopolitics and foreign policy. In particular, Russia wants to get rid of U.S. economic sanctions by eliminating Republican support for the measures.
“The Russians initiated a cyber-insurgency inside of American cyberspace in 2014,” said Tom Kellermann, chief cybersecurity officer for the security firm Carbon Black, who also served on the Obama administration's Commission on Cyber Security. “This is ongoing. This has been going on for literally four years.”
U.S. government officials and cybersecurity experts have repeatedly warned that the Russian government's effort to meddle in the 2016 election was not an isolated incident.
Related
And with the 2018 midterm elections less than three months away, cybersecurity has become a sensitive subject, with Facebook announcing that it had uncovered a covert campaign and Sen. Claire McCaskill, D-Mo., alleging that Russian hackers tried to gain access to her office’s computer network.
Growing concerns about Russian election meddling have been magnified by worries that President Donald Trump and his administration are not taking cybersecurity seriously. In May, Trump eliminated the job of White House cybersecurity coordinator. The president has also repeatedly disagreed with national security officials who say Russia meddled in the 2016 U.S. election.
Those concerns are growing more urgent with the midterm elections approaching, said Thomas Rid, a professor of strategic studies at Johns Hopkins University. But he agreed that what Microsoft found did not appear related to the election.
“We’re very alert right now and we’re practically waiting for some election interference to happen,” Rid said. “This is nothing special, and we’re treating it as something special.”
Rid said that he’s still “sitting and waiting” for what he would consider serious efforts by Russia to interfere with the midterms, such as a leak of sensitive information or an attempt to push forgeries, “which is historically something we see a lot from the Russian intelligence community,” Rid said.
While there has been some evidence of Russian efforts to influence the midterms, the announcement from Microsoft pointed to a different kind of target — conservative think tanks and senators who have been critical of Russia. Those targets aren’t of particular importance to the 2018 midterms but they could be influential when it comes to something else that Russia wants to change: U.S. sanctions.
“It’s blatantly obvious that their goal is to remove economic sanctions,” Kellermann said. “Now they’re targeting Republican politicians and Republican think tanks.”
Sean Sullivan, security advisor at the cybersecurity firm F-Secure, said what Microsoft had uncovered was “a level above” what might be considered “ordinary espionage between powers,” such as trying to intercept communications.
U.S. economic sanctions against Russia, including those covered by the Magnitsky Act, which froze the Western assets of certain Russian officials, have pushed Russia to amp up its efforts to use cyberespionage against influential senators and institutions, Sullivan said.
“The Russians are very focused on anything related to sanctions,” he said. “The midterms, I think, are an also-ran in regard to that.”
Daniel Argandoña, managing director of commercial practice at the security firm Fortalice Solutions, said that companies, campaigns and individuals are getting better at avoiding the kinds of traps that Microsoft found.
But he cautioned that average Americans are quickly becoming conditioned to assume that Russia has had some sort of impact on whatever they’re seeing in relation to U.S. elections, making even unsuccessful efforts like the one thwarted by Microsoft into an effective weapon.
“It’s not really about influencing people’s opinions,” Argandoña said. “What it’s about is flooding the information space with just enough doubt for people to doubt not only the things that are fake but the things that are actually incontrovertible.”