Hackers from Russia , China, and Iran are threatening individuals and organisations participating in both Donald Trump and Joe Biden's presidential campaigns, according to Microsoft's latest security report. The tech giant says the "best" of the threats it has detected has been ineffective, but it deals with targets that have been hacked.
Notably, Microsoft reports that the Russian hacker community known as Fancy Bear, Strontium, or APT28, which successfully attacked Hillary Clinton's presidential campaign in 2016, has returned to hunt for new targets in the upcoming 2020 election.
President Trump downplayed Russia's link to Clinton hackers during the 2016 campaign, and new reports suggest that he has deliberately ignored US intelligence information on Russian threats to the US election.
Microsoft says Strontium has threatened more than 200 groups in total, including policy analysts working with both Republicans including Democrats, including think tanks including the German Marshall Fund of the United States. According to a report from Reuters, the hacking community also threatened SKDKnickerbocker, a political planning and marketing company associated with Biden and other influential democrats.
Biden's campaign reported to Reuters that a foreign agent had unsuccessfully attempted to hack non-campaign email addresses of campaign-affiliated individuals. Reuters said that Microsoft had alerted Biden's campaign to the attack.
In addition to attacks originating in Russia, Microsoft claimed that hackers from China attacked high-profile election-related persons, including those affiliated with Joe Biden's presidential campaign, while hackers from Iran continued to threaten the personal accounts of people connected with Donald J. Trump's presidential campaign.
Microsoft reports that the Chinese party , known as Zirconium or APT31, has effectively breached almost 150 targets. The Iranian party , known as Phosphorous or APT35, seems to have been less successful, with Microsoft claiming that it has attempted and struggled to log in the accounts of the administration officials & Donald J. Trump for the President's campaign team.
The operation we are reporting today makes it clear that international intervention groups have stepped up their activities for the 2020 election as planned, says Microsoft in a blog post. What we've seen is consistent with recent attack trends that not only threaten politicians and campaign workers, but also those they contact on important topics.
Cybersecurity company FireEye said that the Russian party was the most upset over all these recent attacks. In a note sent by FireEye to its clients, as Wired reported, the firm claimed that it was Strontium's previous experience of follow-on intelligence activities that made it most risky. This entails not only targeting intelligence targets, but rather exchanging information for political reasons.
We remain most concerned about Russian military intelligence, FireEye said in his note, who we believe poses the greatest threat to the democratic process.