Russian hackers increase targeting of U.S. political groups: Microsoft

A man wearing a mask looks at this phone outside the Microsoft office in Beijing, China on Friday, Aug. 7, 2020.

A man wearing a mask looks at this phone outside the Microsoft office in Beijing, China on Friday, Aug. 7, 2020.

AP Photo/Ng Han Guan

The same Russian military intelligence outfit that hacked the Democrats in 2016 has attempted similar intrusions into the computer systems of more than 200 organizations including political parties and consultants, Microsoft said Thursday.

Those efforts reflect a broader increase in targeting of U.S. political campaigns and related groups, the company said. “What we’ve seen is consistent with previous attack patterns that not only target candidates and campaign staffers but also those who they consult on key issues,” Tom Burt, a Microsoft vice-president, said in a blog post. U.S. political organizations were also probed, the company said.

Most of the infiltration attempts by Russian, Chinese and Iranian agents were halted by Microsoft security software and the targets notified, he said. The company would not comment on who may have been successfully hacked or the impact.

Although U.S. intelligence officials said last month that the Russians favour U.S. President Donald Trump and the Chinese prefer his Democratic challenger, former U.S. Vice-President Joe Biden, Microsoft noted Thursday that Chinese state-backed hackers have targeted “high profile individuals associated with the election,” including people associated with the Biden campaign.

China’s hackers largely gather intelligence for the nation’s economic and political advantage, while Russia tends to weaponize stolen data to destabilize other governments.

Microsoft did not assess which foreign adversary poses the greater threat to the integrity of the November presidential election. The consensus among cybersecurity experts is that Russian interference is the gravest. Senior Trump administration officials have disputed that, although without offering any evidence.

“This is the actor from 2016, potentially conducting business as usual,” said John Hultquist, director of intelligence analysis at the cybersecurity firm FireEye. “We believe that Russian military intelligence continues to pose the greatest threat to the democratic process.”

The Microsoft post shows that Russian military intelligence continues to pursue election-related targets undeterred by U.S indictments, sanctions and other countermeasures, Hultquist said. It interfered in the 2016 campaign seeking to benefit the Trump campaign by hacking the Democratic National Committee and emails of John Podesta, the campaign manager of Hillary Clinton, and dumping embarrassing material online, congressional and FBI investigators have found.

The same GRU military intelligence unit, known as Fancy Bear, that Microsoft identifies as being behind the current election-related activity also broke into voter registration databases in at least three states in 2016, though there is no evidence it tried to interfere with voting.

Microsoft, which has visibility into these efforts because its software is both ubiquitous and highly rated for security, did not address whether U.S. officials who manage elections or operate voting systems have been targeted by state-backed hackers this year. U.S. intelligence officials say they have so far not seen no evidence of infiltrations.

Thomas Rid, a Johns Hopkins geopolitics expert, said he was disappointed by Microsoft’s refusal to differentiate threat level by state actor. “They’re lumping in actors that operate in a very different fashion, probably to make this sound more bipartisan,” he said. “I just don’t understand why.”

Trending Stories

  • The Oscars are changing inclusion standards, and some actors aren't happy about it

  • Toronto Raptors force Game 7 against Boston Celtics with double overtime thriller

Microsoft said in the past year it has observed attempts by Fancy Bear to break into the accounts of people directly and indirectly affiliated with the U.S. election, including consultants serving Republican and Democratic campaigns and national and state party organizations — more than 200 groups in all.

Also targeted was the centre-right European People’s Party, the largest grouping in the European Parliament. A party spokesperson said the hacking attempts were unsuccessful. The German Marshall Fund of the United States, a think-tank , was another target. A spokesperson said there was no evidence of intrusion.

Microsoft did not say whether Russian hackers had attempted to break into the Biden campaign but did say that Chinese hackers from the state-backed group known as Hurricane Panda “appears to have indirectly and unsuccessfully” targeted the Biden campaign through non-campaign email accounts belonging to people affiliated with it.

The Biden campaign did not confirm the attempt, although it said in a statement that it was aware of the Microsoft report.

The blog post said Iranian state-backed hackers have unsuccessfully tried to log into accounts of Trump campaign and administration officials between May and June of this year. “We are a large target, so it is not surprising to see malicious activity directed at the campaign or our staff,” Trump campaign deputy press secretary Thea McDonald said. She declined further comment.

Tim Murtaugh, the campaign’s communications director, said: “President Trump will beat Joe Biden fair and square and we don’t need or want any foreign interference.”

In June, Google disclosed that Hurricane Panda had targeted Trump campaign staffers while Iranian hackers tried to breach accounts of Biden campaign workers. Such phishing attempts typically involve forged emails with links designed to harvest passwords or infect devices with malware.

Although both Attorney General William Barr and National Security Advisor Robert O’Brien have both said China represents the greatest threat to U.S. elections, the only mention of a Trump administration official targeted by Chinese hackers is “at least one prominent individual formerly associated” with the administration.

Graham Brookie, director of digital forensic research at The Atlantic Council, disputes Barr and O’Brien’s claim that China poses the greater threat to this year’s election. His lab is at the forefront of unearthing and publicizing Russian disinformation campaigns.

Brookie confirmed that his employer was among targets of Hurricane Panda but said there was no evidence the hacking attempts, which he said were unsuccessful, had anything to do with the 2020 election.

“We have every indication that this was an instance of cyber-espionage, information gathering, as opposed to electoral interference,” he said.

By contrast, Brookie said, “it’s pretty evident that the Russian attempts (Microsoft disclosed) were focused on electoral processes and groups working on that.”

Microsoft noted a shift toward greater automation in Fancy Bear methods for trying to steal people’s log-in credentials, which previously largely relied on phishing. In recent months, the group has employed so-called brute-force attacks that barrage an account login with short rapid bursts of potential passwords.

Fancy Bear has also stepped up its use of the Tor anonymizing service to hide its hacking, Microsoft said.

© 2020 The Canadian Press

Related news

Thousands rally in Thailand’s capital, call for democratic reform.

Organizers predicted that as many as 50,000 people would take part in the two-day protest in an area of Bangkok historically associated with political protests. A march is planned for Sunday.

Walmart, Amazon among donors to U.S. lawmaker promoting QAnon conspiracy theories

The corporate support for a QAnon-promoting politician is another example of how the conspiracy theory has penetrated mainstream politics, spreading beyond its origins on internet message boards popular with right-wing extremists.

1 1

«A Guy Whose Legs Tremble» : Alexei Navalny Posts Photo Of Him Walking.

Russia's leading opposition politician Alexei Navalny announced Saturday that he could now walk with a "tremble", and gave the first detailed account of his recovery nearly a month after being...

‘Move into the 21st century:’ George Floyd trial ignites push to allow courtroom cameras.

The judge overseeing the case has yet to decide whether cameras will be allowed. Supporters of audio and visual coverage say the high-profile nature of Floyd's death, the outrage that led to worldwide protests, and courtroom restrictions caused by...

Ruth Bader Ginsburg death: Here’s what could happen with the U.

The death of Supreme Court Justice Ruth Bader Ginsburg has thrust the Senate into uncharted political terrain, with no recent precedent for a vacancy on the high court so close to a presidential election.

Pakistan's Ex-PM Nawaz Sharif Planning Comeback In Politics: Pak Media.

Pakistan's deposed Prime Minister Nawaz Sharif is set to make a comeback in active politics following a year-long absence after Pakistan Peoples Party chairman Bilawal Bhutto Zardari invited him to...

1 1

How death of Ruth Bader Ginsburg could reshape the U.

A presidential campaign that was already tugging at the nation’s most searing divides has been jolted by the death of Supreme Court Justice Ruth Bader Ginsburg, potentially reshaping the election at a moment when some Americans were beginning to c...

Putin critic Navalny says he’s recovering at German hospital after poisoning.

Russian opposition leader Alexei Navalny said he is recovering his verbal and physical abilities at the German hospital where he is being treated for suspected nerve agent poisoning but that he at first felt despair over his condition.

Protests resume in Portland after smoke from wildfire clears.

Protesters returned to the streets of Portland, Oregon, following a dayslong pause largely due to poor air quality from wildfires on the West Coast.

Southern California rattled by 4.5 magnitude earthquake

There were no immediate reports of damage or injuries.

2 1

By continuing to browse World News (UAZMI), you acknowledge that you have read the Terms of Use and agree to the use of cookies