After numerous American intelligence organizations, including the CIA, NSA, and FBI confirmed that hacking by the Russian GRU intelligence agency played a part in the 2016 presidential election, fears it would happen again have plagued the 2018 midterm election races. Well, brace yourselves. On Thursday, the Daily Beast reported that the same Russian hackers targeted Democratic Sen. Claire McCaskill and her reelection race. And while by all accounts it probably wasn't successful, it's still a big deal.
According to Vox, McCaskill, a senator from Missouri, is defending one of the most vulnerable Democratic Senate seats in this year's election, in a state that went to Trump by almost 20 points in 2016. The Daily Beast's investigation reported that, in a similar strategy to that of the Democratic National Convention hack, hackers sent one of McCaskill's aides an email asking them to reset their "expired" Microsoft Exchange password, a method of phishing to gain access to the target's email account.
This revelation comes just two days after President Trump tweeted his concern that possible Russian hacking would serve to put Democrats in office in 2018. During last week's national outrage over his kowtowing to Russian President Vladimir Putin at the Helsinki summit last week, Trump went back and forth over whether he believed that Russia was responsible for the 2016 hacking at all.
In the press conference following the summit meeting, even Putin confirmed that he wanted Trump to win the 2016 election. Democrats and critics took Trump's statement as yet another example of his habit of gaslighting the public.
"So obviously, you invited Putin over here, in the weeks before the upcoming election, as an indication of your concern," tweeted ex-Obama administration staffer Ronald Klain. New York Sen. Chuck Schumer responded on Twitter with a video of Putin responding "Yes I did" to a question about whether he wanted Trump to win the election, captioned "Let's go the video tape (again)."
According to The Daily Beast, the hack on McCaskill's reelection campaign actually occurred back in August, 2017. In order to gain access to individual email accounts, a department of Russia's GRU agency called Fancy Bear — the same group that targeted the DNC in 2016 — reportedly set up a "password reset" webpage that looked identical to the U.S. Senate email login page, complete with the Microsoft logo.
In 2016, Microsoft actually sued Fancy Bear for its fraudulent phishing websites, and won. As a result, since August, 2017, says The Daily Beast, Microsoft has been able to redirect traffic from the fake Senate email page to its own servers, which enables the company to monitor password reset attempts. The Daily Beast's investigation into these attempts, which Microsoft executive Tom Burt disclosed last week, showed that McCaskill and two other election candidates were the targets of the attempted hacks.
“Russia continues to engage in cyber warfare against our democracy. I will continue to speak out and press to hold them accountable,” McCaskill told The Daily Beast. “While this attack was not successful, it is outrageous that they think they can get away with this. I will not be intimidated. I’ve said it before and I will say it again, Putin is a thug and a bully.”