But they had been thwarted when its security staff had won control of six net domains mimicking their websites.
Microsoft said the Fancy Bear hacking group had been behind the attacks.
"We're concerned that these and other attempts pose security threats to a broadening array of groups connected with both American political parties in the run-up to the 2018 elections," Microsoft said in its blog detailing its work.
The thwarted attack was likely the start of a "spear phishing" campaign, said Microsoft. This would involve tricking people into visiting the mimicked domains allowing the Fancy Bear group to see and steal login information that people use.
As well as the two think-tanks, the domains seized were associated with several Senate offices and services. One domain sought to mimic Microsoft's Office 365 online service.