Budapest Post

Cum Deo pro Patria et Libertate
Budapest, Europe and world news

Russia, China and Iran trying to hack US presidential race, Microsoft says

Russia, China and Iran trying to hack US presidential race, Microsoft says

Hundreds of organisations and individuals targeted, including Trump and Biden campaigns, political parties, consultants and think tanks.

This story is published in a content partnership with POLITICO. It was originally reported by Tim Starks on politico.com
on September 10, 2020.

Russian, Chinese and Iranian hackers have mounted cyberattacks against hundreds of organisations and people involved in the 2020 presidential race and US-European policy debates, with targets including the campaigns of both Donald Trump and Joe Biden, Microsoft said on Thursday.

The report is the most expansive public warning to date about the rapid spread of foreign governments' efforts to wield hackers to undermine US democracy.

The perpetrators include the same Kremlin-aligned Russian hacking group whose thefts and leaks of confidential Democratic Party documents helped torpedo Hillary Clinton’s presidential hopes in 2016, said Microsoft, which offers products designed to detect such attacks.


Supporters, one wearing a shirt with US President Donald Trump's face on it, attend a campaign event in North Carolina on Tuesday.


Targets this time include the Trump and Biden campaigns, administration officials and an array of national and state parties, political consultants and think tanks, as well as groups such as the German Marshall Fund and Stimson Centre that promote international cooperation.

“The activity we are announcing today makes clear that foreign activity groups have stepped up their efforts targeting the 2020 election as had been anticipated,” Microsoft said in a blog post. It added that its security tools detected and blocked “the majority of these attacks”.

The company did not answer numerous questions from POLITICO seeking more details about the attacks.

The revelations come amid a feud between congressional Democrats and the administration over what it knows about foreign threats against the election, in particular the Democrats' accusations that Trump's intelligence leaders are failing to alert the public about the Kremlin's activities.

Trump and his supporters have pushed a message that the Chinese are trying to help Biden – a claim not supported by intelligence officials, who have told POLITICO that Russia's efforts pose the most active and acute danger.

An official intelligence community statement last month said China prefers that Trump not be re-elected, that Russia is denigrating Biden and that Iran is undermining the president.

Some of the hackers' targets confirmed Microsoft's reporting, though none said the cyberattacks had succeeded.

“As President Trump’s re-election campaign, we are a large target, so it is not surprising to see malicious activity directed at the campaign or our staff,” said Thea McDonald, deputy press secretary for the president's campaign team.

“We work closely with our partners, Microsoft and others, to mitigate these threats. We take cybersecurity very seriously and do not publicly comment on our efforts.”

Likewise, the Republican National Committee has “been informed that foreign actors have made unsuccessful attempts to penetrate the technology of our staff members,” an RNC spokesperson said.

Biden's campaign did not immediately respond to a request for comment.

Microsoft has also alerted SKDKnickerbocker, one of Biden’s chief communications and strategy firms, that Russian hackers had unsuccessfully targeted its networks, Reuters said early on Thursday ahead of the report's release. Those attempts also failed, Reuters reported. The firm did not respond to later requests for comment.

The attacks on the Stimson Centre were first observed in May, spokesperson David Solimini said, and Microsoft notified the think tank about the nature and source in late July. He and German Marshall Fund spokesperson Sydney Simon both said they had seen no evidence that the attacks succeeded.

Christopher Krebs, director of the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency, said Microsoft's findings are “consistent with earlier statements by the Intelligence Community on a range of malicious cyber activities targeting the 2020 campaign”.

“It is important to highlight that none [of the targets] are involved in maintaining or operating voting infrastructure and there was no identified impact on election systems,” Krebs said in a statement. He added, “Everyone involved in the political process should stay alert against these sorts of attacks.”

The Treasury Department announced its own steps to combat Kremlin interference Thursday, saying it had designated the pro-Russian Ukrainian lawmaker Andriy Derkach for sanctions for promoting discredited allegations against Biden.

Graham Brookie, director of the Atlantic Council's Digital Forensic Research Lab, confirmed that his group had been the target of apparently unsuccessful attacks from Chinese hackers, but cautioned that those did not appear election-related.

“It is not surprising that we would be targeted by China, based on the substance of our work,” Brookie said. “This appeared to be about information gathering and espionage as opposed to election interference of any kind.”

Among other details, Microsoft reported that:


The hacking group popularly known as Fancy Bear, which is linked to Russian military intelligence and played a major role in the 2016 attacks on Democrats, has gone after more than 200 organisations in recent months. The targets include political campaigns, national and state party organisations, consultants for both parties and think tanks. (The group is also known as APT28, and Microsoft refers to it as Strontium.)

A Chinese hacking group called Zirconium or APT31 has attacked high-profile people in Biden’s campaign and at least one prominent person in Trump’s campaign, the tech giant said.

Phosphorus, an Iranian hacker group often called Charming Kitten, has gone after Trump campaign staffers and administration officials.


Democratic presidential nominee Joe Biden speaks in a supporter’s backyard in Detroit on Wednesday.


Microsoft’s blog post said that it had blocked most of the attacks. The company’s analysis offered some new details on the hackers’ methods.

For instance, in 2016 the Russian group primarily relied on so-called spearphishing, which tricks victims into clicking on malicious email links to gain access to documents that it later released through outlets like WikiLeaks. But in recent months, Russia has shifted toward more crude “brute force” attacks and a technique called password spray, in which hackers input many passwords in a bid to guess their way into a system.

“Strontium also disguised these credential harvesting attacks in new ways, running them through more than 1,000 constantly rotating IP addresses, many associated with the Tor anonymising service,” wrote Tom Burt, corporate vice-president for customer security and trust.

“Strontium even evolved its infrastructure over time, adding and removing about 20 IPs per day to further mask its activity.”

This is far from the first time that a company in the cybersecurity business, not the federal government, has been the first to go public with details about major attacks against their customers by nation-states.

Previous examples include a landmark 2013 report by the cyber firm Mandiant on Chinese Army-connected hackers conducting cyber espionage against US critical infrastructure like the electrical power grid.

AI Disclaimer: An advanced artificial intelligence (AI) system generated the content of this page on its own. This innovative technology conducts extensive research from a variety of reliable sources, performs rigorous fact-checking and verification, cleans up and balances biased or manipulated content, and presents a minimal factual summary that is just enough yet essential for you to function as an informed and educated citizen. Please keep in mind, however, that this system is an evolving technology, and as a result, the article may contain accidental inaccuracies or errors. We urge you to help us improve our site by reporting any inaccuracies you find using the "Contact Us" link at the bottom of this page. Your helpful feedback helps us improve our system and deliver more precise content. When you find an article of interest here, please look for the full and extensive coverage of this topic in traditional news sources, as they are written by professional journalists that we try to support, not replace. We appreciate your understanding and assistance.
Newsletter

Related Articles

0:00
0:00
Close
Polish MEP: “Dear Leftists - China is laughing at you, Russia is laughing, India is laughing”
Western Europe Records Hottest June on Record
BRICS Expands Membership with Indonesia and Ten New Partner Countries
Elon Musk Founds a Party Following a Poll on X: "You Wanted It – You Got It!"
China’s Central Bank Consults European Peers on Low-Rate Strategies
France Requests Airlines to Cut Flights at Paris Airports Amid Planned Air Traffic Controller Strike
Poland Implements Border Checks Amid Growing Migration Tensions
Emirates Airline Expands Market Share with New $20 Million Campaign
Amazon Reaches Milestone with Deployment of One Millionth Robot
Yulia Putintseva Calls for Spectator Ejection at Wimbledon Over Safety Concerns
House Oversight Committee Subpoenas Former Jill Biden Aide Amid Investigation into Alleged Concealment of President Biden's Cognitive Health
Amazon Reaches Major Automation Milestone with Over One Million Robots
Extreme Heat Wave Sweeps Across Europe, Hitting Record Temperatures
Meta Announces Formation of Ambitious AI Unit, Meta Superintelligence Labs
Robots Compete in Football Tournament in China Amid Injuries
China Unveils Miniature Insect-Like Surveillance Drone
Marc Marquez Claims Victory at Dutch Grand Prix Amidst Family Misfortune
Germany Votes to Suspend Family Reunification for Asylum Seekers
Budapest Pride Parade Draws 200,000 Participants Amid Government Ban
Southern Europe Experiences Extreme Heat
Xiaomi's YU7 SUV Launch Garners Record Pre-Orders Amid Market Challenges
Jeff Bezos and Lauren Sanchez's Lavish Wedding in Venice
Russia Launches Largest Air Assault on Ukraine Since Invasion
Massive Anti-Government Protests Erupt in Belgrade
Iran Executes Alleged Israeli Spies and Arrests Hundreds Amid Post-War Crackdown
Hungary's Prime Minister Criticizes NATO's Role in Ukraine
EU TO HUNGARY: LET THEM PRIDE OR PREP FOR SHADE. ORBÁN TO EU: STAY IN YOUR LANE AND FIX YOUR OWN MESS.
Hungarian Scientist to Conduct 30 Research Experiments on the International Space Station
NATO Members Agree to 5% Defense Spending Target by 2035
NATO Leaders Endorse Plan for Increased Defence Spending
U.S. Crude Oil Prices Drop Below $65 Amid Market Volatility
International Astronaut Team Launched to Space Station
Macron and Merz: Europe must arm itself in an unstable world
Germany and Italy Under Pressure to Repatriate $245bn of Gold from US Vaults
Iran Intensifies Crackdown on Alleged Mossad Operatives After Sabotage Claims
Trump Praises Iran’s ‘Very Weak’ Response After U.S. Strikes and Presses Israel to Pursue Peace
Oil Prices Set to Surge After US Strikes Iran
BA and Singapore Airlines Cancel Dubai Flights Amid Middle East Tensions
Trump Faces Backlash from MAGA Base Over Iran Strikes
Meta Bets $14 B on Alexandr Wang to Drive AI Ambitions
FedEx Founder Fred Smith, ‘Heart and Soul’ of the Company, Dies at 80
Chinese Factories Shift Away from U.S. Amid Trump‑Era Tariffs
Pimco Seizes Opportunity in Japan’s Dislocated Bond Market
Labubu Doll Drives Pop Mart to Status as China’s Most Valuable Toy Maker
Global Coal Demand Defies Paris Accord Goals
United States Conducts Precision Strikes on Iran’s Nuclear Sites
US strikes Iran nuclear sites, Trump says
Telegram Founder: I Will Leave My Fortune to Over 100 of My Children
16 Billion Login Credentials Leaked in Unprecedented Cybersecurity Breach
Senate hearing on who was 'really running' Biden White House kicks off
×