Microsoft warns Russia, China and Iran targeting US election

  • 9/11/2020
  • 00:00
  • 10
  • 0
  • 0
news-picture

WASHINGTON — Microsoft on Thursday reported that it is seeing “increasing” cyberattacks originating in Russia, China and Iran targeting its customers, including attacks against political groups and the presidential campaigns of US President Trump and former US Vice President Joe Biden. Tom Burt, corporate vice president of customer security and trust at Microsoft, detailed in a blog post the efforts by three major foreign hacking groups to target the campaigns, along with other political organizations and individuals. “The activity we are announcing today makes clear that foreign activity groups have stepped up their efforts targeting the 2020 election as had been anticipated, and is consistent with what the US government and others have reported,” Burt wrote. Russian hackers from the Strontium group have targeted more than 200 organizations, many of which are linked to US political parties — both Republicans and Democrats, Microsoft said in a statement. "Similar to what we observed in 2016, Strontium is launching campaigns to harvest people"s log-in credentials or compromise their accounts, presumably to aid in intelligence gathering or disruption operations," Burt added. Strontium, also known as “Fancy Bear,” is the same group that hacked into the Democratic National Committee networks in 2016. Microsoft took legal action against the group in 2017, with a federal court ordering the group to stop targeting Microsoft customers and using Microsoft logos in malicious email phishing campaigns. “Strontium has evolved its tactics since the 2016 election to include new reconnaissance tools and new techniques to obfuscate their operations,” Burt wrote. “In 2016, the group primarily relied on spear-phishing to capture people’s credentials. In recent months, it has engaged in brute force attacks and password spray, two tactics that have likely allowed them to automate aspects of their operations.” Microsoft also said that Chinese hackers had launched attacks targeting individuals connected to Biden"s campaign, while Iranian hackers had continued efforts targeting people associated with the Trump campaign. Most of the cyber-attacks had not been successful, according to the firm. The attacks have also not been launched on groups that handle the voting systems themselves. Though the director of US counter-intelligence said in August that China favored Biden, Microsoft reported that Chinese groups had launched attacks on the personal email accounts of people affiliated with the Biden campaign, as well as "at least one prominent individual formerly associated with the Trump Administration". "Prominent individuals" in the international affairs community, academic institutions, and policy organizations were also said to have been targeted by the Chinese hacking group, known as Zirconium. The Iranian group known as Phosphorus has unsuccessfully sought to access accounts of White House officials and Trump"s campaign staff between May and June of this year. The report comes a day after a whistleblower at the US Department of Homeland Security alleged he was put under pressure to downplay the threat of Russian interference in the election as it "made the president look bad". — Agencies

مشاركة :