MSFT Microsoft Corporation

By Dustin Volz 

WASHINGTON -- Russian government hackers have targeted at least 200 organizations tied to the 2020 presidential election in recent weeks, including national and state political parties and political consultants working for both Republicans and Democrats, according to Microsoft Corp.

China has also engaged in cyberattacks against "high-profile individuals" linked to Democratic nominee Joe Biden's campaign, while Iranian actors have continued targeting personal accounts of people associated with President Trump's campaign, Microsoft said in a blog post published Thursday.

The software giant's threat intelligence team is able to track suspected cyberattacks against people and organizations that use its email platform and other Microsoft services. The findings don't portray the full scope of foreign cyberattacks to the U.S. election because Microsoft is largely limited to analyzing threats to its own customers, but echo recent assessments from the U.S. intelligence community and other security experts.

Most of the attempted intrusions haven't been successful, and those who were targeted or compromised have been directly notified of the malicious activity, Microsoft said. Russian, Chinese and Iranian officials didn't immediately respond to a request for comment.

The breadth of the attacks underscore widespread concerns among U.S. security officials and within Silicon Valley about the threat of foreign interference in the presidential election less than two months away.

"It is critical that everyone involved in democratic processes around the world, both directly or indirectly, be aware of these threats and take steps to protect themselves in both their personal and professional capacities," Tom Burt, Microsoft's vice president of consumer safety and trust, said.

The Russian actor tracked by Microsoft is affiliated with a military intelligence unit and is the same group that hacked and leaked Democratic emails during the 2016 presidential contest. In addition to political consultants and state and national parties, its recent targets have included advocacy organizations and think tanks, such as the German Marshall Fund, as well as political parties in the U.K., Microsoft said.

Russia's tactics have evolved since 2016 to include new reconnaissance tools and methods to cloak its operations, according to Microsoft. While the hackers four years ago primarily relied on spearphishing -- an attack that involves posing as another person to trick an email recipient to click on a malicious link -- to steal login credentials they have more recently deployed so-called brute force attacks and password sprays, which target a wider net of people with automated attempts to essentially guess passwords.

Since March of this year, Microsoft said it had detected thousands of attempted attacks linked to a Chinese hacking group and nearly 150 account compromises. The widespread operations included attempts to compromise people close to the presidential campaigns and candidates themselves, including an unsuccessful effort to target Mr. Biden's campaign through "non-campaign email accounts belonging to people affiliated with the campaign."

China also has targeted at least one prominent person described by Microsoft as formerly associated with the Trump administration.

The Chinese hackers also have targeted academics in international affairs at more than 15 universities and accounts linked to 18 international affairs policy organizations, including the Atlantic Council and the Stimson Center, Microsoft said. The company didn't say if those attempts were successful.

Iran, meanwhile, has unsuccessfully tried in recent months to log into accounts belonging to Trump administration officials and staff working for Mr. Trump's re-election campaign, Microsoft said.

A warning last month from U.S. intelligence agencies -- released after pressure from Democratic lawmakers pushing for more public transparency -- said Russia has undertaken a broad effort to damage Democratic Joe Biden's bid for the presidency. It also said China prefers that Mr. Trump not win re-election and that Iran is also seeking to undermine U.S. democratic institutions and Mr. Trump.

In recent weeks, some senior Trump officials have said that China is a larger threat to the election than Russia. But Democratic lawmakers and several administration officials familiar with the matter have said that Russia poses a far more immediate threat.

A senior Department of Homeland Security official filed a whistleblower complaint this week alleging that agency leadership instructed to stop disseminating intelligence memos on threats posed by Russia to the presidential election because doing so would be harmful to Mr. Trump. A spokesman for DHS disputed the allegations.

Hackers working for Russia, China and others have for years targeted presidential campaigns and the politically influential groups in their orbit, typically to gain insight into a campaign's inner workings and policy priorities.

But such operations took on new significance in 2016, when Russia interfered in the 2016 election to boost Mr. Trump's campaign and harm Democratic nominee Hillary Clinton, according to U.S. intelligence agencies. That conclusion was later corroborated by former special counsel Robert Mueller and a recent bipartisan report by the Senate Intelligence Committee. Russia has denied the attacks.

Microsoft's analysis doesn't include cyberattacks on election infrastructure, such as state voter registration databases -- a key area of concern after it was discovered Russia had also targeted those systems in 2016. Chris Krebs, the top cybersecurity official at the Department of Homeland Security, said this week at the Billington CyberSecurity Summit that he hadn't seen evidence of those kinds of attacks.

John Hultquist, director of intelligence analysis at the U.S.-based cybersecurity company FireEye Inc, said that the threat to the election posed by Russia's military intelligence exceeded that from other nations, given its tendency toward "brash and aggressive cyber operations."

As in previous elections, China and Iran are likely targeting campaigns to quietly collect intelligence, Mr. Hultquist said. But Russia's "unique history raises the prospect of follow-on information operations or other devastating activity."

Write to Dustin Volz at dustin.volz@wsj.com

(END) Dow Jones Newswires

September 10, 2020 14:59 ET (18:59 GMT)

Microsoft (NASDAQ:MSFT)
Historical Stock Chart
From Mar 2024 to Apr 2024

Microsoft (NASDAQ:MSFT)
Historical Stock Chart
From Apr 2023 to Apr 2024