U.S. Sen. Claire McCaskill of Missouri, one of the most vulnerable Democrats running for reelection this year, was targeted by Russian government hackers who sought but failed to compromise her Senate computer network.
“Russia continues to engage in cyber warfare against our democracy,” McCaskill said in a press release Thursday evening. “While this attack was not successful, it is outrageous that they think they can get away with this. I will not be intimidated. I’ve said it before and I will say it again, [Russian President Vladimir] Putin is a thug and a bully.”
The hackers, who belong to Russia’s military spy agency GRU, targeted two other candidates running in the midterms, according to a Microsoft executive, Tom Burt, who spoke at the Aspen Security Forum in Colorado last week. He did not identify the candidates. None were compromised, he said.
McCaskill issued the statement after the Daily Beast first reported on the attempt. McCaskill, who is the ranking Democrat on the Homeland Security and Governmental Affairs Committee and also sits on the Armed Services Committee, has been critical of President Trump’s statements that appear to discount the intelligence community’s assessment that Russia used information warfare in an attempt to influence the 2016 election.
Just two weeks ago, the Justice Department announced the indictments of 12 GRU officers charged with hacking Democratic Party email networks and releasing stolen material in an effort to affect the election.
Top U.S. intelligence officials, including Director of National Intelligence Daniel Coats, have warned that they expected the Russians to try again this year.
“Russia has been the most aggressive foreign actor — no question,” Coats said in recent remarks at the Hudson Institute. “And they continue their efforts to undermine our democracy.”
At Aspen, Burt said the three candidates were targeted using spear-phishing, a common hacker technique to get targets to open emails that appear legitimate but in fact lure victims to click on malware-infested links or send them to websites that contain malware — in an effort to obtain users’ log-in credentials and passwords. He said Microsoft discovered “a fake Microsoft domain” or website that the hackers had created to which spear-phish victims were directed.
“We took down that domain, and working with the government, actually were able to avoid anybody being infected by that particular attack,” he said.
McCaskill is expected to face Josh Hawley, Missouri’s attorney general and the leading GOP contender for the Senate seat, in November.