By Tom Kingsbury | Political Editor
Hackers operating in Russia, China and Iran have been found to be actively targeting individuals and groups involved in the 2020 US election, according to Microsoft.
The hackers were said to be targeting members from both major US political parties, as well as US and international organisations. Microsoft found that their recent activity “makes clear that foreign activity groups have stepped up their efforts targeting the 2020 election”.
The Russian hacking group, Strontium, is the same one which the Mueller report said had attacked the 2016 Democratic presidential campaign. Microsoft found the targets of its recent attacks include UK political parties.
Russia has denied the reports, a spokesperson said that the Kremlin has never tried to interfere in the elections of other countries.
Russia’s hacking group
Strontium, also known as ‘Fancy Bear’, is a cyber espionage group operating from Russia. A 2018 US indictment identified working under Russian military intelligence agency GRU.
It has reportedly attacked over 200 organisations in total, including UK political parties and the European People’s Party, one of the largest parties in the European Parliament.
Microsoft stated there have been “a series of attacks conducted by Strontium between September 2019 and today, “we can attribute the activity to Strontium with high confidence.”
It added that “Strontium is launching campaigns to harvest people’s log-in credentials or compromise their accounts” and noted that they “not only target candidates and campaign staffers but also those they consult on key issues.”
Strontium has targeted the private sector too, Microsoft states, its targets including businesses in the entertainment, hospitality, and manufacturing industries, financial services, and physical security industries.
The group has evolved its infrastructure over time, developing “new reconnaissance tools and new techniques to obfuscate [its] operations.”
With the group’s alleged ties to the Russia state, and conclusions of the UK’s Russia Report, which calls Russia “an all-encompassing security threat”, the Kremlin certainly seems a noteworthy threat to the US election, as the US’ head of counterintelligence stated.
China’s hacking group
The Chinese group, labelled Zirconium by Microsoft, has reportedly made thousands of attacks between March and September 2020.
The group “appears to have indirectly and unsuccessfully targeted the Joe Biden for President campaign. It has also been alleged that the group targeted at least one prominent individual formerly associated with the Trump administration.
Zirconium has also reportedly taken aim at academics and organisations in the international affairs field.
Iran’s hacking group
Phosphorus is the name Microsoft has given to a group operating out of Iran, which it previously noted significant activity from. It stated:
“Phosphorus has attempted to access the personal or work accounts of individuals involved directly or indirectly with the U.S. presidential election.”
The blog also noted the group had undergone “espionage campaigns targeting a wide variety of organisations traditionally tied to geopolitical, economic or human rights interests in the Middle East region.”
The tech firm recommended that the US up its funding of cyber security. It said, “more federal funding is needed in the U.S. so states can better protect their election infrastructure.”
It also highlighted how in the COVID-19 pandemic resources are stretched thinly, further increasing the need for government intervention.
The report comes after an intelligence analyst in the US Department of Homeland Security (DHS) said he was put under pressure to downplay Russia’s electoral threat since it “made the President look bad”.
The complaint, made by Brian Murphy, states that he was effectively demoted and was removed from meetings because he refused to alter reports on this issue, as well as others such as white supremacy, migrant terrorism and antifa, to better suit the President’s agenda.
The White House and DHS both deny the allegations of Mr Murphy, who has been asked to testify before Congress later this month.
In response to Microsoft’s findings, DHS official Christopher Krebs highlighted that the report had noted the US’ electoral infrastructure was not directly threatened, though Microsoft stated:
“While the political organisations targeted in attacks from these actors are not those that maintain or operate voting systems, this increased activity relating to the U.S. electoral process is concerning for the whole ecosystem.”
twitter Follow @gairrhyddpol for all of the latest updates from the world of politics.