According to Microsoft, Russian hackers target the upcoming US election. The company mentioned that three groups of hackers from Russia, China and Iran launched cyberattacks. They have been “targeting people and organizations involved in the upcoming presidential election”.
Microsoft also mentioned that there were “unsuccessful attacks on people associated with both the Trump and Biden campaigns.”
They involved in the 2016 US election campaign
Microsoft observed the Strontium group, from Russia, that attacked over 200 organizations – “political campaigns, advocacy groups, parties and political consultants.”
The software company has tracked Strontium’s activities, which was responsible for the attacks on the Democratic presidential campaign in 2016.
“Microsoft’s Threat Intelligence Center (MSTIC) has observed a series of attacks conducted by Strontium between September 2019 and today,” they mentioned.
The campaigns are similar to what happened in 2016, as the Russian hackers try to harvest log-in credentials or compromise accounts. And they do this in order to help the secret services or disrupt the operations of their targets.
The main targets are: US consultants serving both Republicans and Democrats, advocacy organizations, national and state parties and also the European People’s Party and political parties in the UK.
According to the company, “foreign activity groups have stepped up their efforts targeting the 2020 election as had been anticipated.”
China and Iran are there, too
Besides the Russian group, there are also groups from China and Iran that are performing attacks linked to the US presidential election.
Thus, the Zirconium group, operating from China, targeted high-profile individuals. Most of them have a role in Joe Biden’s campaign, while some of them are also leaders in the international affairs community.
They were trying to gain valuable information mainly from people involved in the campaign and candidates. Also, they targeted important individuals in the international affairs community and universities.
Other important targets such as the Atlantic Council and 17 other international affairs and policy organizations are on the list.
“We’ve detected thousands of attacks from Zirconium between March 2020 and September 2020 resulting in nearly 150 compromises,” the company explained.
Iran did not stay aside, either. So, Phosphorus has continued targeting personal accounts of people associate with Donald Trump’s campaign.
“Between May and June 2020, Phosphorus unsuccessfully attempted to log into the accounts of administration officials and Donald J. Trump for President campaign staff,” Microsoft explained.
