DHS, Microsoft to brief states on latest Russian intelligence activity

DHS will use the domain takedown as another reason to brief states on the latest threats that could threaten the 2018 midterm elections.
Matt Masterson speaks Aug. 21, 2018, at FedTalks in Washington, D.C. (CyberScoop)

The Department of Homeland Security will hold a conference call for Microsoft representatives to brief state election officials on new evidence showing Russian hackers have targeted the U.S. Senate and conservative think tanks, according to senior DHS cybersecurity adviser Matthew Masterson.

The goal will be to turn Microsoft’s observations into actionable security advice for state officials as the November midterms approach. The conference call, which Masterson said had not been scheduled yet, will be an opportunity for state officials to study the latest techniques from the Russian hacking group, often known as Fancy Bear, that breached Democratic Party organizations in the 2016 U.S. presidential campaign.

Speaking to reporters Tuesday, Masterson said Microsoft’s takedown of internet domains allegedly set up by Fancy Bear showed “a growing interaction and relationship that we have with industry.” Asked if he anticipated that private companies would need to take similar action in the future, Masterson said the Russian government-backed cyber activity “is ongoing and so I would hope and anticipate that these kind of responsible actions by the private sector will continue.”

Late Monday, Microsoft revealed that it had executed a court order to seize six domains from the Russian hackers, including ones that mimicked websites associated with the Senate and think tanks International Republican Institute and the Hudson Institute.


“We’re concerned that these and other attempts pose security threats to a broadening array of groups connected with both American political parties in the run-up to the 2018 elections,” Microsoft President Brad Smith wrote in a blog post.

DHS held a similar call earlier this month with Facebook representatives and state officials after the social-media giant identified an “inauthentic” and coordinated political influence campaign on its platform.

Last week, DHS hosted an unprecedented election security exercise in which officials from 44 states walked through a multi-faceted cyberattack scenario that included spearphishing and denial-of-service attacks on board of election websites.

Masterson told CyberScoop that the drill helped state officials realize the extent of support that county personnel need to bolster their security.

“The state officials that had county officials with them in the room…really gained a better understanding of the level of support and information-sharing that the counties need,” Masterson said.

Sean Lyngaas

Written by Sean Lyngaas

Sean Lyngaas is CyberScoop’s Senior Reporter covering the Department of Homeland Security and Congress. He was previously a freelance journalist in West Africa, where he covered everything from a presidential election in Ghana to military mutinies in Ivory Coast for The New York Times. Lyngaas’ reporting also has appeared in The Washington Post, The Economist and the BBC, among other outlets. His investigation of cybersecurity issues in the nuclear sector, backed by a grant from the Pulitzer Center on Crisis Reporting, won plaudits from industrial security experts. He was previously a reporter with Federal Computer Week and, before that, with Smart Grid Today. Sean earned a B.A. in public policy from Duke University and an M.A. in International Relations from The Fletcher School of Law and Diplomacy at Tufts University.

Latest Podcasts