Hackers from Russia, China and Iran are targeting individuals and organizations involved in both Donald Trump and Joe Biden’s presidential campaigns, according to a new security report from Microsoft. The tech giant says the “majority” of the attacks it has discovered have been unsuccessful, but it works with targets that have been compromised.
According to Microsoft, the Russian hacking group Fancy Bear, Strontium or APT28, which successfully targeted Hillary Clinton’s 2016 presidential campaign, has returned to look for new targets in the upcoming 2020 election. President Trump downplayed Russia̵
According to Microsoft, Strontium has targeted more than 200 organizations in total, including political advisors who work for both Republicans and Democrats, as well as think tanks like the United States’ German Marshall Fund. According to a report by ReutersThe hacking group also targeted a campaign strategy and communications firm called SKDKnickerbocker, which works with Biden and other “prominent Democrats”.
Biden’s campaign confirmed Reuters A foreign actor was known to have tried unsuccessfully to “access non-campaign email accounts of people connected to the campaign”. Reuters According to Microsoft, Biden’s campaign drew attention to the attack.
In addition to attacks originating in Russia, Microsoft said hackers from China “targeted high-profile people in connection with the elections, including people connected to the Joe Biden for President” campaign, while hackers from the country were hacking out Iran “continues to attack the personal accounts of people linked to Donald J. Trump’s campaign for president. “
According to Microsoft, the Chinese group known as Zirconium or APT31 has successfully compromised nearly 150 targets. The Iranian group, known as Phosphorus or APT35, appears to have been less successful. Microsoft said it tried and failed to log into the accounts of administrative officials and Donald J. Trump for presidential campaign staff.
“The activity we are announcing today makes it clear that foreign activity groups have stepped up their efforts in the 2020 elections as expected,” Microsoft wrote in a blog post. “What we’ve seen is consistent with previous attack patterns that target not only candidates and campaign staff, but those they consult on key issues.”
Cyber security firm FireEye said that of all of these recently announced attacks, it was the Russian group that was most concerned about it. In a note sent by FireEye to its customers reported by WiredThe company said it was Strontium’s past “follow-up intelligence operations” that made it the most dangerous. This means not only hacking targets for intelligence agencies, but then sharing that information for political purposes.
“We are still most concerned about Russian military intelligence,” FireEye said in his note, “which we believe is the greatest threat to the democratic process.”