Microsoft has raised concerns over international hacking groups from Russia, China, and Iran ‘targeting’ American politicians ahead of the 2020 United States presidential election. Microsoft says it has detected cyberattacks targeting people and organizations involved in the upcoming presential election. Some of the attempted cyberattacks targeting people associated with both the Republican and Democratic candidates went unsuccessful.
Microsoft detects foreign interference into U.S election campaigns
“We have and will continue to defend our democracy against these attacks through notifications of such activity to impacted customers, security features in our products and services, and legal and technical disruptions. The activity we are announcing today makes clear that foreign activity groups have stepped up their efforts targeting the 2020 election as had been anticipated, and is consistent with what the U.S. government and others have reported,” said Microsoft.
According to Microsoft, three major foreign hacking groups Strontium, Zirconium, and Phosphorus continue to indulge in cyberattacks targeting political campaigns associated with Democratic candidate Joe Biden and Republican candidate Donald J. Trump. While Strontium is operating from Russia, Zirconium and Phosphorus are operating from China and Iran, respectively.
So far, Russia’s Strontium has attacked more than 200 organizations related to the election. China’s Zirconium has attacked individuals associated with the Biden campaign. Meanwhile, Iran’s Phosphorus has targeted the Trump campaign. Microsoft says it managed to detect and block the majority of these cyberattacks, courtesy of the built-in security tools in its products and services.
Microsoft has also shed light on the involvement of Russia’s Strontium, which was also held responsible in the Mueller report for causing disruptions to the Democratic presidential campaign in 2016. According to Microsoft’s Threat Intelligence Center (MSTIC), Strontium has been active once again since September 2019. Strontium aims to harvest login credentials by compromising accounts and disrupt both the presidential campaigns.
Similarly, China’s Zirconium has “attempted to gain intelligence on organizations associated with the upcoming U.S. presidential election.” Microsoft has detected more than a thousand attacks from Zirconium between March and September 2020. According to Microsoft, Zirconium appears to have indirectly and unsuccessfully the Joe Biden campaign, courtesy of non-campaign email accounts associated with the campaign.
Last but not least, Iran’s Phosphorus continues to be on Microsoft’s radar for the past several years. Phosphorus has operated espionage campaigns targeting a wide range of organizations, Microsoft has warned. Between May and June 2020, Phosphorus unsuccessfully tried to hack into the accounts of administration officials and staff associated with the Donald J. Trump campaign.
Microsoft has already notified those impacted by these attacks.