Arguably, the US Congress is doing little to curb the recent onslaught of cyber terrorism aimed at the nation, especially in light of recent reports that Russia has once again targeted another national election cycle. While other nations are making middling progress to stem the levels of attack on their countries, internet savvy assailants are finding more ways to steal, leak and spread information or disinformation, depending on the desired result.
With just a couple of weeks before the US enters into its midterm elections, Microsoft is upping its effort to help patrol US political party protections.
To help curb the potential nefarious activity around the US 2018 midterm elections, Microsoft expanded its Defending Democracy Program to include a new tool called Microsoft AccountGuard.
AccountGuard is an additional free tool for any politically vested organization that already uses Office 365. AccountGuard is an extension of Microsoft's own efforts to thwart meddling of the democratic process and ultimately results in additional state-of-the-art cybersecurity and protection of documents, email, calendar events, etc.
- Threat notification across accounts. The Microsoft Threat Intelligence Center will enable Microsoft to detect and provide notification of attacks in a unified way across both organizational and personal email systems. For political campaigns and other eligible organizations, when an attack is identified, this will provide a more comprehensive view of attacks against campaign staff. When verifiable threats are detected, Microsoft will provide personal and expedited recommendations to campaigns and campaign staff to secure their systems.
- Security guidance and ongoing education. Officials, campaigns and related political organizations will receive guidance to help make their networks and email systems more secure. This can include applying multi-factor authentication, installing the latest security updates and guidance for setting up systems that ensure only those people who need data and documents can access them. AccountGuard will provide updated briefings and training to address evolving cyberattack trends.
- Early adopter opportunities. Microsoft will provide preview releases of new security features on a par with the services offered to our large corporate and government account customers.
Back in August, Microsoft was able to successfully execute a court order to go after and disrupt the activities of six internet domains associated with the Russian government.
Last week, Microsoft’s Digital Crimes Unit (DCU) successfully executed a court order to disrupt and transfer control of six internet domains created by a group widely associated with the Russian government and known as Strontium, or alternatively Fancy Bear or APT28. We have now used this approach 12 times in two years to shut down 84 fake websites associated with this group. Attackers want their attacks to look as realistic as possible and they, therefore, create websites and URLs that look like sites their targeted victims would expect to receive email from or visit. The sites involved in last week’s order fit this description.
In lieu of Microsoft's DCU most recent cybersecurity victory, the company maintains a vigilant outlook on upcoming cyber attacks for both national and international democratic processes.
We can only keep our democratic societies secure if candidates can run campaigns and voters can go to the polls untainted by foreign cyberattacks.
Hopefully, following the midterm elections of 2018, Microsoft will provide some numbers of attacks thwarted and also, how many campaigns chose to use its Defending Democracy Program as well as the new AccountGuard to measure its effectiveness.
For some voters, choosing a candidate who understands the necessity of cybersecurity is just as important as any other political campaign platform.