Microsoft is warning that hackers from Russia, China, and Iran have been busy for months now targeting online accounts tied to the presidential campaigns of Joe Biden and Donald Trump.
Hacking attempts against people associated with the Biden and Trump campaigns were unsuccessful, Microsoft says, but the company is urging everyone involved in the 2020 elections to stay on guard.
“The activity we are announcing today makes clear that foreign activity groups have stepped up their efforts targeting the 2020 election as had been anticipated,” Tom Burt, Microsoft’s Corporate Vice President for Customer Security, wrote in the announcement.
The company sourced the attacks to three state-sponsored hacking organizations:
Russia's Strontium
Also known as Fancy Bear, the group is best known for hacking into servers belonging to the Democratic National Committee during the 2016 election.
According to Microsoft, the Russian hackers have been busy in the past year trying to infiltrate more than 200 organizations directly or indirectly tied to the US election or other political groups. For instance, some targets have included US-based consultants who serve Democrats and the Republicans.
To break in, the hackers will try to guess the passwords of the person's online accounts. The process is sped up with the use of automated tools, which can input the login attempt from a constantly rotating list of IP addresses.
“Similar to what we observed in 2016, Strontium is launching campaigns to harvest people’s log-in credentials or compromise their accounts, presumably to aid in intelligence gathering or disruption operations,” Burt added.
China's Zirconium
Microsoft says this Chinese group has been engaged in gathering intelligence on organizations associated with the presidential campaigns. The hackers have done so by creating web pages that can be sent in an email message; if the recipient opens the email, and visits the web page, the hacker will be alerted.
“For nation-state actors, this is a simple way to perform reconnaissance on targeted accounts to determine if the account is valid or the user is active,” Burt wrote.
According to Microsoft, the group unsuccessfully tried to target non-campaign email accounts belonging to people associated with Biden’s team. The Chinese suspected hackers also targeted “at least one prominent individual formerly associated with the Trump Administration.”
“We’ve detected thousands of attacks from Zirconium between March 2020 and September 2020 resulting in nearly 150 compromises,” Burt added without elaborating.
Iran's Phosphorus
A year ago, Microsoft noticed the group attempting to hack into customer accounts tied to Trump’s campaign, and it hasn’t stopped trying. “Between May and June 2020, Phosphorus unsuccessfully attempted to log into the accounts of administration officials and Donald J. Trump for President campaign staff,” Burt wrote.
The findings align with US intelligence, which also concludes Russia, China, and Iran are making covert attempts to interfere in the upcoming election. The good news is that Microsoft says it foiled most of the hacking attempts it uncovered. The company has also notified those who were targeted.
“It is critical that everyone involved in democratic processes around the world, both directly or indirectly, be aware of these threats and take steps to protect themselves in both their personal and professional capacities,” Burt said. He suggests campaign staff and election workers take advantage of the company’s free security tools. (To stop potential hijacking, it's also a good idea to turn on the multi-factor authentication with your online accounts.)
In response to the warning, the Trump campaign said it's working closely with partners including Microsoft to mitigate the security threats. "As President Trump’s re-election campaign, we are a large target, so it is not surprising to see malicious activity directed at the campaign or our staff," said Thea McDonald, deputy national press secretary with the campaign.
The Biden campaign did not immediately respond to a request for comment.
Further Reading
- Portland, Oregon Imposes Strict Ban on Facial-Recognition Technology
- Yubico Security Key That Supports USB-C and NFC Is Finally Here for $55
- Is That Call Legit or Spam? 'Verified Calls' From Google Will Tell You
- Twitter Restores Ability to Download Your Account Data
- More in Security