Microsoft Detects Foreign Cyberattacks Targeting US Presidential Election
Groups from Russia, China and Iran have stepped up cyberattacks in an effort to disrupt the U.S. presidential election in November, a Microsoft Corp. investigation found.
The groups have increased cyberattacks targeting the political campaigns of Democratic presidential nominee Joe Biden and U.S. President Donald Trump, advocacy groups, political parties, academics and leaders in the international affairs community, according to a blog post by Tom Burt, corporate vice president of customer security and trust at Microsoft, on Thursday.
SKDKnickerbocker, a public affairs and political consulting firm working with Biden’s campaign, was recently targeted in an unsuccessful hack by suspected Russian state-backed hackers, according to a Thursday report by Reuters, which said that Microsoft had alerted the firm.
The attempted hack on SKDKnickerbocker reflects a broader trend that was documented by Microsoft, that a Russia-based group had attacked “political campaigns, advocacy groups, parties, and political consultants.”
Microsoft reported that more than 200 organizations directly or indirectly tied to the U.S. election and political organizations in Europe were affected by a Russian-operated group, called Strontium, including U.S.-based consultants serving Republicans and Democrats. The same group was also identified in the report by Special Counsel Robert Mueller as being responsible for the attacks on the Democratic presidential campaign in 2016, according to Microsoft. (Strontium is also known as APT28, or Fancy Bear.)
Microsoft also reported unsuccessful cyberattacks from Iran on people associated with the Trump campaign, and attempted attacks from China on people associated with the Biden campaign, as well as a “prominent” individual formerly associated with the Trump administration. The people who were targeted weren’t named. The Chinese group, referred to as Zirconium, has mounted thousands of attacks from March through September on campaign officials as well as prominent academics and others in international affairs. Of those attempts, about 150 were successful breaches, but Microsoft didn’t identify the victims other than to say they weren’t associated with the presidential campaigns.
Microsoft’s findings echo those of U.S. government officials. In August, William Evanina, head of the National Counterintelligence and Security Center, said Russia, China and Iran are trying to “use covert and overt influence measures in their attempts to sway U.S. voters’ preferences and perspectives, shift U.S. policies, increase discord in the United States, and undermine the American people’s confidence in our democratic process.” And on Wednesday, Chad Wolf, acting secretary of the Department of Homeland Security, said “the governments of China, Iran and Russia target our election systems, each with its own separate and nefarious motives and tactics.”
The recent attacks reveal that “foreign activity groups have stepped up their efforts targeting the 2020 election,” according to Microsoft. “What we’ve seen is consistent with previous attack patterns that not only target candidates and campaign staffers but also those who they consult on key issues.”
The majority of attacks were detected and stopped by security tools built into Microsoft’s software, Burt said.
Foreign groups used tactics including rotating IP addresses to disguise attacks, web bugs planted in purchased domain names and phishing, in an effort to harvest log-in credentials and gain information on targeted individuals and organizations. Phishing attacks can be for routine espionage against campaigns or, in some cases, to conduct hack and leak operations — a key feature in Russia’s campaign to help Trump and hurt Hillary Clinton in 2016.
Disinformation experts are on high alert for strategic leaks of real or fabricated documents in the weeks ahead of Nov. 3, a foreign influence tactic that could significantly harm the candidate targeted, particularly if there is not enough time for them to adequately respond ahead of Election Day.
“We disclose attacks like these because we believe it’s important the world knows about threats to democratic processes,” Burt said. He also said more federal funding is needed in the U.S. so states can better protect their election infrastructure.
©2020 Bloomberg News
Distributed by Tribune Content Agency, LLC.
In The News
WASHINGTON -- A powerful congressional committee is beginning an investigation into reports the Justice Department secretly subpoenaed information about members of Congress and journalists during the Trump administration. The committee’s chairman said he was concerned the Justice Department “used criminal investigations as a pretext to spy... Read More
ATLANTA (AP) — Amber McReynolds, CEO of The National Vote at Home Institute, helped state and local election officials prepare for the record number of mailed ballots cast during last year's presidential election. She also was recently confirmed by the Senate to serve on the Board... Read More
ELM GROVE, Wis. (AP) — Standing on the sidelines of her son's soccer practice in this upscale suburb, Laura Hahn looked skyward for answers when asked how she would rate President Joe Biden's first 100 days in office. Overall, Biden is doing well, she said after... Read More
Democrat Rita Hart threw in the towel Wednesday afternoon, giving up her bid to represent Iowa’s 2nd Congressional District, and effectively ending the 2020 election cycle. Hart, who had been challenging the outcome of the race before the Committee on House Administration, said in a brief... Read More
Dominion Voting Systems on Friday filed a $1.6 billion defamation lawsuit against Fox News, arguing the cable news company sought to boost faltering ratings by falsely claiming the voting machine company had rigged the 2020 election. The company, which is headquartered in Toronto, Canada and Denver,... Read More
MONTGOMERY, Ala. - Election systems in the Deep South in 2020 suffered from numerous shortcomings, making it harder for many voters -- particularly those from communities of color -- to safely cast their ballots, states a new analysis by the Southern Poverty Law Center. The report... Read More