U.S. election site vulnerabilities targeted by Iranian cyber intruders, according to Microsoft's disclosure
Various federal agencies are scrutinizing Iran's activities closely, as reported by a US official to CNN.
Microsoft analysts detected hacking activities in April, but it wasn't until recently that they were uncovered. The cybercriminals conducted surveys of major U.S. media outlets in May, as per Microsoft's claims.
U.S. intelligence agencies suspect that Iran has attempted to instigate disharmony during the 2024 election via hacking activities, targeting former President Donald Trump's campaign, and promoting protests against U.S. policy towards Israel.
Microsoft predicts that the Iranian hacking group will increase its activities as the election approaches, given its operational pace and historical interference in elections. The tech firm expressed this in its report released on Wednesday.
This latest development indicates the efforts of multiple Iranian, Russian, and Chinese groups to interfere with or monitor the U.S. election in its final stages of the presidential race.
There is no indication that the Iranian reconnaissance and probing, which usually entails searching for vulnerabilities on websites, have progressed to actual hacking attempts. Sources with knowledge of the probe told CNN that the activity doesn't pose a threat to voting integrity, which is safeguarded by multiple measures.
However, US officials and private analysts worry that this could be another foreign-backed attempt to intensify American concerns about voting. Hackers could disclose publicly available voter registration data, for instance, to persuade people that they can access more sensitive election systems.
The report follows a day after US intelligence agencies accused Russian operatives of producing and propagating viral audio content on X that defamed Democratic vice presidential candidate Tim Walz, and was amplified by right-wing influencers. US intelligence officials are also concerned that Russia and Iran might manipulate information to provoke violence during the period between Election Day and the certification of votes.
According to Microsoft, one Russian group shifted from Telegram to X in September, where manipulated videos against Kamala Harris gained more traction. One such video, using AI, falsely depicted Harris making light of one of Trump's assassination attempts and received tens of thousands of views on X, as per the report.
Microsoft analysts label the hacking group responsible for probing election-related websites as Cotton Sandstorm and believe it is backed by Iran's Islamic Revolutionary Guard Corps. Despite not launching a 2024 election-focused influence campaign as of now, Microsoft warns of the group's history as a cause of concern for US officials.
The same Iranian group pretended to be the far-right Proud Boys group to intimidate voters in the 2020 election. In 2020, Iranian hackers also explored election-related websites in multiple states, and in one instance, accessed voter registration data for an attempt to influence and disrupt the U.S. presidential election.
Another IRGC-supported group hacked documents belonging to Trump's presidential campaign and released them to media outlets this summer.
Unlike China, which hasn't launched a concentrated effort to influence the presidential election, it has targeted at least 10 congressional, state, or local election races with covert social media campaigns, according to US intelligence agencies.
The new Microsoft report provides proof of Chinese operatives attempting to severely discredit Senate and House candidates using X.
Chris Krebs, who was head of the federal Cybersecurity and Infrastructure Security Agency during the 2020 election, agreed with the evaluation that more can be expected from Iran, even if it's ineffective like their 2020 actions.
“We continue to see — whether it’s the Iranians, Russians, or Chinese — that information operations are more of a nuisance than game changers,” Krebs said. “But they’re cheap, they’re scalable, and there’s not a lot in terms of consequences.”
American voters, Krebs advised, should anticipate a tumultuous information environment in the coming months and avoid getting entangled in the confusion.
The U.S. intelligence agencies are concerned that Iran might use politics as a tool to sow discord during the 2024 election, similar to their alleged attempts in the past. Microsoft warns of the continued activities of the Cotton Sandstorm group, believed to be backed by Iran's Islamic Revolutionary Guard Corps, and their potential impact on the upcoming election.
