With just over two months to go until midterm elections, the Russian military intelligence unit that meddled in the 2016 election has set its sights on a new target. Microsoft has detected and seized Web sites created by Russian government hackers targeting conservative American think tanks that have broken with Donald Trump and emerged as anti-Russia, The New York Times reports. The sites, created by hackers linked to the entity formerly known as the G.R.U., were reportedly designed to look like Web pages hosted by the Hudson Institute and the International Republican Institute, but in reality were made to steal passwords and other sensitive information. Microsoft said it discovered Web sites mimicking the U.S. Senate, too, though no particular Senator or campaign was implicated.

If the attacks themselves were predictable—officials have repeatedly warned that Russia had by no means dialed down its attempts to interfere in American electoral proceedings—their targets were less so. So far, Russian operatives have zeroed in on specific candidates, attempting to access Democratic Senator Claire McCaskill’s campaign’s data using a spear-phishing campaign, reportedly going after three other congressional candidates, and potentially targeting an opponent of ardent pro-Russia congressman Dana Rohrabacher. This new effort, however, seems to indicate that Russia is willing to target any U.S. institution, no matter its political affiliation, that opposes its worldview. Both the Hudson Institute and the International Republican Institute have been critical of Vladimir Putin, pushing for continued sanctions against Moscow, and raising questions about Russia’s record on human rights and the Kremlin’s political double-dealing. “This is another demonstration of the fact that the Russians aren’t really pursuing partisan attacks, they are pursuing attacks that they perceive in their own national self-interest,” Eric Rosenbach, director of Harvard University’s Defending Digital Democracy project, told the Times. “It’s about disrupting and diminishing any group that challenges how Putin’s Russia is operating at home and around the world.”

In effect, these new attacks on G.O.P. institutions represent a new prong in Russia’s multi-part strategy to disrupt U.S. elections. “We are now seeing another uptick in attacks,” Microsoft president Brad Smith told the Times. “We see [Russia] broadening beyond the sites they have targeted in the past.” In addition to the attack on McCaskill, which mirrored the password-stealing technique employed by “Fancy Bear” hackers who targeted Hillary Clinton campaign chairman John Podesta, Facebook announced that it had discovered new, malicious Facebook and Instagram accounts designed to influence elections by targeting divisive social issues. Though the identity of the hackers is still unknown, their efforts were similar to past campaigns by the Russia-linked Internet Research Agency. This time, however, the chaos agents had seemingly gotten smarter: the operators behind the 17 profiles and 8 Pages, which were set up between March 2017 and May 2018, appeared to be more sophisticated, disguising their identities more effectively than the I.R.A.

Absent any broader government initiative to mitigate these attacks, tech companies like Microsoft are going on the defensive, trying to extinguish attempts at interference and hacking when they spot them. The White House, meanwhile, has done relatively little to head off the barrage, leaving key agencies like the N.S.A. and Cyber Command to fend for themselves. And despite his insistence to the contrary, the president seems wholly uninterested in so much as entertaining the possibility that Russia could have interfered in the 2016 elections. In an interview with Reuters on Monday, Trump blamed the Mueller investigation for pouring cold water on his efforts to rekindle America’s relationship with Russia; the investigation, he said, “played right into the Russians—if it was Russia—they played right into the Russians’ hands.”