By Joel Schectman, Raphael Satter, Christopher Bing and Joseph Menn
WASHINGTON (Reuters) – Microsoft Corp <MSFT.O> recently alerted one of Democratic presidential candidate Joe Biden’s main election campaign advisory firms that it had been targeted by suspected Russian state-backed hackers, according to four people briefed on the matter.
The hacking attempts targeted staff at Washington-based SKDKnickerbocker, a campaign strategy and communications firm working with Biden and other prominent Democrats, over the past two months, the sources said.
Microsoft Corp <MSFT.O> identified the suspected hacking group as the same set of spies blamed by the U.S. government for breaking into the campaign of Democratic former presidential candidate Hillary Clinton and leaking the emails of her staff, two of the sources said.
The group, which many cyber researchers refer to as “Fancy Bear,” is controlled by the Russia’s military intelligence agency, according to reports from the U.S. intelligence community released after the 2016 election.
A person familiar with SKDK’s response to the attempts said the hackers failed to gain access to the firm’s networks. “They are well-defended, so there has been no breach,” the person said.
U.S. intelligence agencies have raised alarms about possible efforts by foreign governments to interfere in the November presidential election.
Investigations by former special counsel Robert Mueller and the Senate intelligence committee both concluded that affiliates of the Russian government interfered in the 2016 presidential election to try to help Republican Donald Trump get elected. Mueller has warned that Russia was meddling in the current campaign.
SKDK Vice Chair Hilary Rosen declined to comment. The Biden campaign said it was aware Microsoft said a foreign actor had tried and failed to access “non-campaign email accounts of individuals affiliated with the campaign.”
Microsoft, which has shared with SKDK its assessment that Russian state-backer hackers targeted the firm, declined to comment.
Kremlin spokesman Dmitry Peskov dismissed the allegations as “nonsense.” Moscow has repeatedly denied using hacking to interfere in other countries’ elections.
One of the sources familiar with the incident said it was not clear whether Biden’s campaign was the target or whether the hackers were attempting to gain access to information about other SKDK clients.
SKDK managing director Anita Dunn was a White House communications director during the Barack Obama presidency and serves the Biden campaign as a senior advisor.
The attempts to infiltrate SKDK were recently flagged to the campaign firm by Microsoft, which identified hackers tied to the Russian government as the likely culprits, according to the three sources briefed on the matter.
The attacks included phishing, a hacking method which seeks to trick users into disclosing passwords, as well as other efforts to infiltrate SKDK’s network, the three sources said.
A Microsoft spokesman declined to comment.
Microsoft believes Fancy Bear is behind the attacks based on an analysis of the group’s hacking techniques and network infrastructure, one of the sources said.
The company, which has extraordinary visibility on digital threats via its widely used Windows operating system and cloud services such as Office 365, has taken an increasingly active role in calling out state-backed cyberespionage. In 2018, the company launched its Defending Democracy initiative, aimed in part at safeguarding campaigns from hackers.
SKDK is closely associated with the Democratic Party, having worked on six presidential campaigns and numerous congressional races. In addition to its current work for Biden, the firm in 2018 worked on successful governors’ races in Kansas and Connecticut.
(Additional reporting by Thomas Balmforth in Moscow and Jack Stubbs in London; Editing by William Mallard and Alistair Bell)