Groups from Russia, China and Iran have stepped up cyberattacks in an effort to disrupt the U.S. presidential election in November, a Microsoft Corp. investigation found.
The groups have increased cyberattacks targeting the political campaigns of Democratic presidential nominee Joe Biden and U.S. President Donald Trump, advocacy groups, political parties, academics and leaders in the international affairs community, according to a blog post by Tom Burt, corporate vice president of customer security and trust at Microsoft, on Thursday.
SKDKnickerbocker, a public affairs and political consulting firm working with Biden’s campaign, was recently targeted in an unsuccessful hack by suspected Russian state-backed hackers, according to a Thursday report by Reuters, which said that Microsoft had alerted the firm.
The attempted hack on SKDKnickerbocker reflects a broader trend that was documented by Microsoft, that a Russia-based group had attacked “political campaigns, advocacy groups, parties, and political consultants.”
Microsoft reported that more than 200 organizations directly or indirectly tied to the U.S. election and political organizations in Europe were affected by a Russian-operated group, called Strontium, including U.S.-based consultants serving Republicans and Democrats. The same group was also identified in the report by Special Counsel Robert Mueller as being responsible for the attacks on the Democratic presidential campaign in 2016, according to Microsoft. (Strontium is also known as APT28, or Fancy Bear.)
Microsoft also reported unsuccessful cyberattacks from Iran on people associated with the Trump campaign, and attempted attacks from China on people associated with the Biden campaign, as well as a “prominent” individual formerly associated with the Trump administration. The people who were targeted weren’t named. The Chinese group, referred to as Zirconium, has mounted thousands of attacks from March through September on campaign officials as well as prominent academics and others in international affairs. Of those attempts, about 150 were successful breaches, but Microsoft didn’t identify the victims other than to say they weren’t associated with the presidential campaigns.
Microsoft’s findings echo those of U.S. government officials.
