Microsoft shut down six websites created by the Russian government-linked hacking group Fancy Bear which were meant to disrupt democracy ahead of the 2018 midterm elections.While Microsoft refers to the hacking group as Strontium, the hackers associated with the Russian military intelligence service GRU are more widely referred to as Fancy Bear or APT28. The group\u2019s latest thwarted attempt to meddle in U.S. elections involved two websites which targeted conservative think tanks the Hudson Institute and the International Republican Institute, three which were meant to mimic U.S. Senate sites and one of the fake sites spoofed Microsoft\u2019s online products.After obtaining a court order to disrupt and transfer control of the six domains, Microsoft\u2019s Digital Crimes Unit seized the following six sites which the Russian hacking group intended to use for cyberattacks: my-iri.org, hudsonorg-my-sharepoint.com, senate.group, adfs-senate.services, adfs-senate.email and office365-onedrive.com.Microsoft\u2019s president and chief legal officer Brad Smith wrote, \u201cWe have now used this approach 12 times in two years to shut down 84 fake websites associated with this group. Attackers want their attacks to look as realistic as possible and they therefore create websites and URLs that look like sites their targeted victims would expect to receive email from or visit.\u201dAlthough Microsoft brought down the hammer on this spear phishing campaign, the company said it had \u201cno evidence these domains were used in any successful attacks before the DCU transferred control of them, nor do we have evidence to indicate the identity of the ultimate targets of any planned attack involving these domains.\u201dSmith said Microsoft is \u201cconcerned by the continued activity targeting these and other sites and directed toward elected officials, politicians, political groups and think tanks across the political spectrum in the United States. Taken together, this pattern mirrors the type of activity we saw prior to the 2016 election in the United States and the 2017 election in France.\u201dMicrosoft expands Defending Democracy Program and launches AccountGuardIt\u2019s clear that we all need to do more to help protect democracies from cyberthreats. That\u2019s why we are expanding our Defending Democracy Program with a new initiative called Microsoft #AccountGuard. https:\/\/t.co\/ulh0JJWid8\u2014 Brad Smith (@BradSmi) August 21, 2018Since Russian cyberattacks aimed at the elections are \u201clikely to continue\u201d and \u201cbroaden further,\u201d Microsoft is \u201cexpanding Microsoft\u2019s Defending Democracy Program with a new initiative called Microsoft AccountGuard. This initiative will provide state-of-the-art cybersecurity protection at no extra cost to all candidates and campaign offices at the federal, state and local level, as well as think tanks and political organizations we now believe are under attack. The technology is free of charge to candidates, campaigns and related political institutions using Office 365.\u201dThe three services associated with AccountGuard are threat notifications of detected attacks, security education and guidance to make networks and email systems more secure and previews of upcoming security features such as Microsoft provides for government and large corporate customers.