The NY Times and other publications ran a story “New Russian
Hacking Targeted Republic Groups, Microsoft Says” (see: https://www.nytimes.com/2018/08/21/us/politics/russia-cyber-hack.html,
which is also a photo source.) Digging a bit I found an original source from
Microsoft see: http://bit.ly/2Mp5wgT,
another photo source).
The lead for that story is “We are taking new steps against
broadening threats to democracy” which is an entry in Microsoft on the
Issues, The Official Microsoft Blog. That entry replete with informative
hotlinks, addresses how the US general election in 2016 and the May 2018 French
presidential elections were tampered with.
Microsoft goes on to describe that “Microsoft’s Digital
Crimes Unit (DCU) successfully executed a court order to disrupt and transfer
control of six internet domains created by a group widely associated with the
Russian government and known as Strontium, or alternatively Fancy Bear or APT28.”
As a software superhero, Microsoft is
using its powers only for good and will provide Microsoft AccountGuard,
“state-of-the-art cybersecurity protection at no extra cost to all candidates
and campaign offices at the federal, state and local level, as well as think
tanks and political organizations we now believe are under attack. The
technology is free of charge to candidates, campaigns and related political
institutions using Office 365.”
(Emphasis added by the Blog Writer)
Interestingly enough, a search of the
Microsoft website for “AccountGuard” (https://www.microsoft.com/en-us/search/result.aspx?q=AccountGuard)
pulls up only two results, neither of which relates to the product noted above.
Check out the screenshot.
What does this all mean? There are two
key takeaways:
1.
Stronger security can be a marketing
advantage if properly used to buoy a product’s perceived level of security.
Microsoft is facing increasing competition from Google’s G-Suite as large
organizations, especially government organizations and schools move away from
Office.
2.
The Russians have clear guidance on the purpose
of cyber influence. They understand how to blend and bend technology to alter
the information people see and to influence their votes.
As to the second point, it appears to me that the US has
adopted a version of Henry Stimson’s “Gentlemen don’t read each other’s mail”
which effectively killed SIGINT by hobbling our Cyber Influence efforts because
“Nations don’t interfere with the politics of other nations to support their
own goals and objectives”.