By Dustin Volz
WASHINGTON -- Russian government hackers have targeted at least
200 organizations tied to the 2020 U.S. election in recent weeks,
including national and state political parties and political
consultants working for both Republicans and Democrats, according
to Microsoft Corp.
China has also engaged in cyberattacks against "high-profile
individuals" linked to Democratic nominee Joe Biden's campaign,
while Iranian actors have continued targeting personal accounts of
people associated with President Trump's campaign, Microsoft said
in a blog post published Thursday.
The software giant's threat intelligence team is able to track
suspected cyberattacks against people and organizations that use
its email platform and other Microsoft services. The findings don't
portray the full scope of foreign cyberattacks when it comes to the
U.S. election because Microsoft is largely limited to analyzing
threats to its own customers, but echo recent assessments from the
U.S. intelligence community and other security experts.
Most of the attempted intrusions haven't been successful, and
those who were targeted or compromised have been directly notified
of the malicious activity, Microsoft said.
A spokesman for the Russian Embassy in Washington denied
Thursday's allegations and said, "The time has come to stop
poisoning the atmosphere of relations with baseless allegations."
Chinese and Iranian officials didn't respond to requests for
comment.
The breadth of the attacks underscore widespread concerns among
U.S. security officials and within Silicon Valley about the threat
of foreign interference in the presidential election less than two
months away.
"It is critical that everyone involved in democratic processes
around the world, both directly or indirectly, be aware of these
threats and take steps to protect themselves in both their personal
and professional capacities," said Tom Burt, Microsoft's vice
president of consumer safety and trust.
The Russian actor tracked by Microsoft is affiliated with a
military intelligence unit and is the same group that hacked and
leaked Democratic emails during the 2016 presidential contest. In
addition to political consultants and state and national parties,
its recent targets have included advocacy organizations and think
tanks, such as the German Marshall Fund, as well as political
parties in the U.K., Microsoft said.
Russia's tactics have evolved since 2016 to include new
reconnaissance tools and methods to cloak its operations, according
to Microsoft. While the hackers four years ago primarily relied on
spearphishing -- an attack that involves posing as another person
to trick an email recipient to click on a malicious link -- to
steal login credentials, they have more recently deployed so-called
brute-force attacks and password sprays, which target a wider net
of people with automated attempts to essentially guess
passwords.
Since March of this year, Microsoft said it had detected
thousands of attempted attacks linked to a Chinese hacking group
and nearly 150 account compromises. The widespread operations
included attempts to compromise people close to the presidential
campaigns and candidates themselves, including an unsuccessful
effort to target Mr. Biden's campaign through "non-campaign email
accounts belonging to people affiliated with the campaign."
China also has targeted at least one prominent person described
by Microsoft as formerly associated with the Trump
administration.
The Chinese hackers also have targeted academics in
international affairs at more than 15 universities and accounts
linked to 18 international affairs policy organizations, including
the Atlantic Council and the Stimson Center, Microsoft said. The
company didn't say if those attempts were successful.
Iran, meanwhile, has unsuccessfully tried in recent months to
log into accounts belonging to Trump administration officials and
staff working for Mr. Trump's re-election campaign, Microsoft
said.
A warning last month from U.S. intelligence agencies -- released
after pressure from Democratic lawmakers pushing for more public
transparency -- said Russia has undertaken a broad effort to damage
Mr. Biden's bid for the presidency. It also said China prefers that
Mr. Trump not win re-election and that Iran is also seeking to
undermine U.S. democratic institutions and Mr. Trump.
In recent weeks, some senior Trump officials have said that
China is a larger threat to the election than Russia. But
Democratic lawmakers and several administration officials familiar
with the matter have said that Russia poses a far more immediate
threat.
A senior Department of Homeland Security official filed a
whistleblower complaint this week alleging that agency leadership
gave instructions to halt the dissemination of intelligence memos
on threats posed by Russia to the presidential election because
doing so would be harmful to Mr. Trump. A spokesman for DHS
disputed the allegations.
Hackers working for Russia, China and others have for years
targeted presidential campaigns and the politically influential
groups in their orbit, typically to gain insight into a campaign's
inner workings and policy priorities.
But such operations took on new significance in 2016, when
Russia interfered in that year's election to boost Mr. Trump's
campaign and harm Democratic nominee Hillary Clinton, according to
U.S. intelligence agencies. That conclusion was later corroborated
by former special counsel Robert Mueller and a recent bipartisan
report by the Senate Intelligence Committee. Russia has denied the
attacks.
Microsoft's analysis doesn't include cyberattacks on election
infrastructure, such as state voter registration databases -- a key
area of concern after it was discovered Russia had also targeted
those systems in 2016. Chris Krebs, the top cybersecurity official
at the Department of Homeland Security, said this week at the
Billington CyberSecurity Summit that he hadn't seen evidence of
those kinds of attacks.
John Hultquist, director of intelligence analysis at the
U.S.-based cybersecurity company FireEye Inc., said that the threat
to the election posed by Russia's military intelligence exceeded
that from other nations, given its tendency toward "brash and
aggressive cyber operations."
As in previous elections, China and Iran are likely targeting
campaigns to quietly collect intelligence, Mr. Hultquist said. But
Russia's "unique history raises the prospect of follow-on
information operations or other devastating activity."
Write to Dustin Volz at dustin.volz@wsj.com
(END) Dow Jones Newswires
September 10, 2020 20:17 ET (00:17 GMT)
Copyright (c) 2020 Dow Jones & Company, Inc.
Microsoft (NASDAQ:MSFT)
Historical Stock Chart
From Mar 2024 to Apr 2024
Microsoft (NASDAQ:MSFT)
Historical Stock Chart
From Apr 2023 to Apr 2024