According to a new security report from Microsoft hackers from Russia, China, and Iran are targeting individuals and organizations involved in both Donald Trump and Joe Biden’s presidential campaigns. The tech giant says the majority of the attacks it’s detected have been unsuccessful, but it’s working with targets who have been compromised.
Microsoft says that the Russian hacking group known variously as Fancy Bear, Strontium, or APT28, which successfully targeted Hillary Clinton’s presidential campaign in 2016, has returned to look for new targets in the upcoming 2020 election.
The company said Strontium has targeted more than 200 organizations in total, including political consultants working for both Republicans and Democrats and think tanks like The German Marshall Fund of the United States.
According to a report from Reuters, the hacking group also targeted a campaign strategy and communications firm named SKDKnickerbocker that is working with Biden and other prominent Democrats.
Biden’s campaign confirmed to Reuters it was aware that a foreign actor had unsuccessfully tried to access non-campaign email accounts of individuals affiliated with the campaign. Reuters says Microsoft alerted Biden’s campaign to the attack.
Apart from the attacks from in Russia, Microsoft also said hackers from China had targeted high-profile individuals associated with the election, including people associated with the Joe Biden for President campaign, while hackers from Iran continued to attack the personal accounts of people associated with the Donald J. Trump for President campaign.
Microsoft says the Chinese group, known as Zirconium or APT31, has successfully compromised nearly 150 targets. The Iranian group, known as Phosphorous or APT35, seems to have been less successful, with Microsoft saying it has tried and failed to log into the accounts of administration officials and Donald J. Trump for President campaign staff.
In a blog post Microsoft wrote: “The activity we are announcing today makes clear that foreign activity groups have stepped up their efforts targeting the 2020 election as had been anticipated. What we’ve seen is consistent with previous attack patterns that not only target candidates and campaign staffers but also those they consult on key issues.”
Cybersecurity firm FireEye said that out of all these recently disclosed attacks, it was most concerned about the Russian group. In a note which was reported by Wired FireEye said: “We remain most concerned by Russian military intelligence. We believe it poses the greatest threat to the democratic process.”
