Sen. Claire McCaskill target of apparent Russian hacking attempt

A malicious website was designed to trick a staffer into handing over a password.

Laura Hautala Former Senior Writer
Laura wrote about e-commerce and Amazon, and she occasionally covered cool science topics. Previously, she broke down cybersecurity and privacy issues for CNET readers. Laura is based in Tacoma, Washington, and was into sourdough before the pandemic.
Expertise E-commerce | Amazon | Earned wage access | Online marketplaces | Direct to consumer | Unions | Labor and employment | Supply chain | Cybersecurity | Privacy | Stalkerware | Hacking Credentials
  • 2022 Eddie Award for a single article in consumer technology
Laura Hautala
2 min read
Sen. Claire McCaskill at a press conference, with right arm gesturing while she addresses the room.

Sen. Claire McCaskill at a press conference earlier this month. McCaskill said a hacking attempt on her staff member wasn't successful.

Getty Images

Hackers with suspected ties to a Russian intelligence group tried to access the email of a staff member of Missouri Sen. Claire McCaskill, a trail of evidence first unearthed by the Daily Beast indicates.

The attempt follows the same playbook Russians followed in the alleged hacking operation in the 2016 election -- get the target to hand over his email password. 

Reporters found a screenshot of a phishing website tailor-made for Kyle Simpson, a former staffer in McCaskill's office. McCaskill is a Democrat who is up for reelection this fall. The page mimics a page administered by Microsoft that lets hill staffers and lawmakers log in to email and other online services. What's more, the page appears to be run by a group affiliated with the GRU, the Russian intelligence agency accused of hacking the head of Hillary Clinton's presidential campaign in 2016 as part of a larger conspiracy to influence the election.

The revelation comes amid growing concern over cybersecurity in the midterm elections later this year. Last week, Director of National Intelligence Dan Coats said Russia is continuing its misinformation efforts, and is "one click of the keyboard away" from attacking election infrastructure like voter registration databases.

Simpson, the former Senate staffer, didn't immediately reply to a request for comment. In a statement Thursday, Sen. McCaskill appeared to confirm the hacking attempt took place. 

"Russia continues to engage in cyber warfare against our democracy. I will continue to speak out and press to hold them accountable," McCaskill said in an emailed statement. "While this attack was not successful, it is outrageous that they think they can get away with this. I will not be intimidated. I've said it before and I will say it again, Putin is a thug and a bully."

The phishing page matches a hacking attempt described last week by a Microsoft executive at the Aspen Security Forum. Microsoft's vice president for customer security and trust, Tom Burt, said the company had identified three candidates for Senate targeted by hacking attempts, though he wouldn't name them. 

"We did discover that a fake Microsoft page had been established as the landing page for phishing attacks," Burt told the crowd at the annual event, "and we saw metadata that suggested those phishing attacks were being directed at three candidates who are all standing for election in the midterm elections."

Microsoft declined to comment for this story.

CNET Magazine: Check out a sample of the stories in CNET's newsstand edition.

Tech Enabled: CNET chronicles tech's role in providing new kinds of accessibility.