Microsoft sounds alarm on Russian hacking attempts

Read the Full Transcript

• Amna Nawaz:

  And speaking of Russia, Microsoft said yesterday that hackers linked to Russian military intelligence tried targeting a pair of conservative think tanks in the U.S. that had advocated for tougher policies against Russia.

  Those Russian-affiliated groups known as Fancy Bear or APT28, or sometimes called Strontium, created fake Web sites for the Hudson Institute and the International Republican Institute designed to lure in users, then steal their information.

  Now, Microsoft says there's no evidence the hackers were successful. Russian authorities denied any involvement with those attacks.

  And I spoke with Microsoft president Brad Smith yesterday.

  I began by asking him how confident he was of Russia's involvement.

• Brad Smith:

  We are extremely confident and have no doubt in our minds that these Web sites were set up by the group that you mentioned.

  It is a group widely associated with the Russian government. It is the same group that hacked into U.S. political candidates and campaigns and the Democratic national party in 2016. It is the same group that we saw hack into the campaigns, or at least try to attack the campaigns of all of the French candidates for the presidency last year.

  Now this group is doing it again. It is, in our view, indisputably the same group.

• Amna Nawaz:

  So why share all the information about the efforts, about what you did to counteract them? Why share all of that publicly now? What do you see about the threat or the tactic that led you to believe there was something new or different that you should share with everyone?

• Brad Smith:

  I think we're at a critical moment in time.

  We all know far more than we did two years ago about these new threats. We need to take them seriously. And when you think about what it takes to successfully defend democracy in the 21st century, this is part of it.

  Now we have new elections on our doorstep. We need to be prepared. We need to get ready. We need to work, as we now are, with political campaigns across the country to better protect themselves from these kinds of threats.

• Amna Nawaz:

  Let me ask you about the way you were able to respond to this particular threat.

  In this instance, it kind of seems like a Whac-A-Mole strategy to some degree, right? You wait for the threat to present itself, you detect it, you hope you caught it early enough that there's no damage, and then you shut it down.

  It seems very reactive to the threats that we know exist. But is there a more proactive thing you could be doing, more efforts to stop the threats you don't even know about yet?

• Brad Smith:

  Well, I think that's an extremely important point.

  And that's why really, today, we are doing two things. First, we're talking publicly about the work that we did last week to address these Web sites. But the other thing in some ways is far more sweeping, it's more proactive, it's more systematic.

  And that's a new initiative that we call AccountGuard. It's part of our Defending Democracy Program. What we are saying is that we will reach out and work with every candidate and campaign at the federal, state and local level in the run-up to these elections. We will provide them at no extra costs our most sophisticated threat intelligence work and data. We will provide them with training.

  We need to get ahead of this, for all the reasons you just mentioned, or all we're going to be doing is playing defense.

• Amna Nawaz:

  You mentioned working with political campaigns and candidates. What about with your peers?

  I wonder, as you detect new threats and information, how much communication and coordination is there with other companies like yours?

• Brad Smith:

  I think we have made some important progress over the last year, and we have more work ahead of us.

  The tech sector, and especially the tech leaders, have really come together in new ways. We're sharing threat intelligence together. Last December, Facebook and Microsoft acted together to disrupt the malware capability of the North Korean group that launched the worldwide WannaCry attack.

  We're doing new things like that this year. I think we also need to collaborate more closely with people in government. We're interested in that. I think people in Washington are interested in that.

  In essence, this is a time when we have a lot of differences in the country. There's always a lot of differences between competitors. We need to set aside enough of our differences to work together to do what it takes to secure our democracy from these kinds of threats.

• Amna Nawaz:

  President of Microsoft Brad Smith, thank you for your time.

• Brad Smith:

  Thank you.