11 Sep 2020

Russia, China and Iran hackers target Trump and Biden, Microsoft says

3:01 pm on 11 September 2020

Hackers with ties to Russia, China and Iran are attempting to spy on people and groups involved with the US 2020 presidential election, Microsoft says.

Hacker, cyber attack, (File photo)

Photo: 123RF

The Russian group which hacked the 2016 Democratic campaign is again involved in cyber-attacks, said the tech firm.

Microsoft said it was "clear that foreign activity groups have stepped up their efforts" targeting the election. Both President Donald Trump and Democrat Joe Biden's campaigns are being targeted.

Russian hackers from the Strontium group have targeted more than 200 organisations, many of which are linked to US political parties - both Republicans and Democrats, Microsoft said in a statement.

"Similar to what we observed in 2016, Strontium is launching campaigns to harvest people's log-in credentials or compromise their accounts, presumably to aid in intelligence gathering or disruption operations," said Tom Burt, a Microsoft vice-president in charge of customer security and trust.

The firm said Chinese hackers had launched attacks targeting individuals connected to Biden's campaign, while Iranian hackers had continued efforts targeting people associated with the Trump campaign.

Most of the cyber-attacks had not been successful, according to Microsoft. The attacks have also not been launched on groups that handle the voting systems themselves.

"What we've seen is consistent with previous attack patterns that not only target candidates and campaign staffers but also those they consult on key issues," Burt said.

"These activities highlight the need for people and organisations involved in the political process to take advantage of free and low-cost security tools to protect themselves as we get closer to election day."

File photo June 4, 2018. Microsoft logo displayed outside the Microsoft Technology Center, New York City.

Photo: AFP / Getty

Though the director of US counter-intelligence said in August that China favoured Biden, Microsoft reported that Chinese groups had launched attacks on the personal email accounts of people affiliated with the Biden campaign, as well as "at least one prominent individual formerly associated with the Trump Administration".

"Prominent individuals" in the international affairs community, academic institutions and policy organisations were also said to have been targeted by the Chinese hacking group, known as Zirconium.

The Iranian group known as Phosphorus has unsuccessfully sought to access accounts of White House officials and Trump's campaign staff between May and June of this year.

The report comes a day after a whistleblower at the US Department of Homeland Security alleged he was put under pressure to downplay the threat of Russian interference in the election as it "made the president look bad".

How did the Trump administration respond?

The Department of Homeland Security's top cyber-official, Christopher Krebs, said Microsoft's warning confirmed what the American intelligence community had already stated publicly about Russian, Chinese and Iranian attempted meddling on election-related targets.

"It is important to highlight that none are involved in maintaining or operating voting infrastructure and there was no identified impact on election systems," Krebs said.

Earlier on Thursday, the Trump administration charged a Russian national with plotting to interfere in the US political process.

The US Department of Treasury also imposed sanctions against a Moscow-linked Ukrainian lawmaker, Andrii Derkach, who is accused of similar meddling.

Derkach allegedly released edited audio that was intended to smear Democrat Joe Biden. The recordings have been touted by President Donald Trump.

What happened in the US 2016 elections?

US intelligence agencies concluded in 2016 that Russia was behind an effort to undermine Hillary Clinton's presidential run, with a state-authorised campaign of cyber attacks and fake news stories planted on social media.

Special Counsel Robert Mueller's investigation found Russian hackers gained access to Democratic National Committee systems as well as Clinton campaign chair John Podesta's personal email.

They leaked tens of thousands of emails from the campaign.

Facebook later testified that Russian-backed content sent out around the election reached up to 126 million Americans on the platform.


Get the RNZ app

for ad-free news and current affairs