Beautiful Virgin Islands

Tuesday, Jun 24, 2025

Russia, China Hackers Boost Election Attacks, Microsoft Says

Russia, China Hackers Boost Election Attacks, Microsoft Says

Russian, Chinese and Iranian hackers have stepped up efforts to disrupt the U.S. election by targeting the campaigns of President Donald Trump and Democratic nominee Joe Biden, a Microsoft Corp. investigation found.

Cyber-attacks have also been aimed at political parties, advocacy groups, academics and leaders in the international affairs community, according to a blog post Thursday from Tom Burt, corporate vice president of customer security and trust at Microsoft.

SKDKnickerbocker, a public affairs and political consulting firm working with Biden’s campaign, was also recently targeted in an unsuccessful hack by suspected Russian state-backed hackers, according to a Thursday report by Reuters, which said that Microsoft had alerted the firm.

The attempted hack on SKDKnickerbocker reflects a broader trend documented by Microsoft: that a Russia-based group had attacked “political campaigns, advocacy groups, parties and political consultants.”

Attempts by foreign adversaries to disrupt the Nov. 3 presidential election echo the efforts by Russia in 2016 to meddle in the campaign on Trump’s behalf. The president is trailing Biden in the 2020 race by more than 7 percentage points in a national average of polls.

The findings emerged hours after the U.S. sanctioned Andrii Derkach, a Ukrainian lawmaker who met with Trump’s personal lawyer last year, alleging he’s a Russian agent trying to influence the 2020 election.

Microsoft’s report also came a day after a Homeland Security Department official alleged that Trump administration appointees suppressed intelligence on Russian election interference while promoting China as the prime threat.

Microsoft reported that about 200 organizations directly or indirectly tied to the U.S. election and political organizations in Europe were affected by a Russian-operated group, called Strontium, including U.S.-based consultants serving Republicans and Democrats.

The same group was also identified in the report by Special Counsel Robert Mueller as being responsible for the attacks on the Democratic presidential campaign in 2016, according to Microsoft. Strontium is also known as APT28, or Fancy Bear.

Microsoft also reported unsuccessful cyber-attacks from Iran on people associated with the Trump campaign, and attempted attacks from China on people associated with the Biden campaign, as well as a “prominent” individual formerly associated with the Trump administration. The people who were targeted weren’t named.

The Chinese group, referred to as Zirconium, has mounted thousands of attacks from March through September on campaign officials as well as prominent academics and others in international affairs.

Of those attempts, about 150 were successful breaches, but Microsoft didn’t identify the victims other than to say they weren’t associated with the presidential campaigns.

According to John Hultquist, who serves as the senior director of analysis at cybersecurity firm FireEye Inc.’s Mandiant, the recent Russian activity poses the greatest threat to the election.

“It’s likely Iranian and Chinese actors targeted US campaigns to quietly collect intelligence, but APT28’s unique history raises the prospect of follow-on information operations or other devastating activity,” he said.

Microsoft’s findings echo those of U.S. government officials.

”Our adversaries are continuously looking for vulnerable U.S. networks to exploit, and networks associated with political organizations and campaigns are no exception,” the Federal Bureau of Investigation said in a statement on Thursday.

In August, William Evanina, head of the National Counterintelligence and Security Center, said Russia, China and Iran are trying to “use covert and overt influence measures in their attempts to sway U.S. voters’ preferences and perspectives, shift U.S. policies, increase discord in the United States, and undermine the American people’s confidence in our democratic process.”

And on Wednesday, Chad Wolf, acting secretary of the Department of Homeland Security, said “the governments of China, Iran and Russia target our election systems, each with its own separate and nefarious motives and tactics.”


‘Stepped Up’


The recent attacks reveal that “foreign activity groups have stepped up their efforts targeting the 2020 election,” according to Microsoft. “What we’ve seen is consistent with previous attack patterns that not only target candidates and campaign staffers but also those who they consult on key issues.”

The majority of attacks were detected and stopped by security tools built into Microsoft’s software, Burt said.

Foreign groups used tactics including rotating IP addresses to disguise attacks, web bugs planted in purchased domain names and phishing, in an effort to harvest log-in credentials and gain information on targeted individuals and organizations.

Phishing attacks can be for routine espionage against campaigns or, in some cases, to conduct hack and leak operations -- a key feature in Russia’s campaign to help Trump and hurt Hillary Clinton in 2016.

Disinformation experts are on high alert for strategic leaks of real or fabricated documents in the weeks ahead of election day, as a foreign influence tactic that could significantly harm a candidate’s chances, particularly if there isn’t enough time for them to adequately respond.

“We disclose attacks like these because we believe it’s important the world knows about threats to democratic processes,” Burt said. He also said more federal funding is needed in the U.S. so states can better protect their election infrastructure.

The Office of the Director of National Intelligence said in a statement Thursday that the “private sector plays a crucial role” in safeguarding elections and national security.

“We welcome their assistance and will continue partnering with them to combat foreign efforts to target political candidates, campaigns and others involved in the U.S. elections,” according to the statement.

Newsletter

Related Articles

Beautiful Virgin Islands
0:00
0:00
Close
Germany and Italy Under Pressure to Repatriate $245bn of Gold from US Vaults
Airlines Evaluate Flight Cancellations Amid Escalating US-Iran Tensions
Starmer Invites Innovators to Join Government Talent Scheme
UK Economy’s Strong Opening Quarter Shows Signs of Cooling
Harrods Seeks Court Order to Secure Al Fayed Estate for Victims
BA and Singapore Airlines Cancel Dubai Flights Amid Middle East Tensions
Trump Faces Backlash from MAGA Base Over Iran Strikes
Meta Bets $14 B on Alexandr Wang to Drive AI Ambitions
WATCH: Israeli forces show the aftermath of a massive airstrike at Iran's Isfahan nuclear site
FedEx Founder Fred Smith, ‘Heart and Soul’ of the Company, Dies at 80
Chinese Factories Shift Away from U.S. Amid Trump‑Era Tariffs
Pimco Seizes Opportunity in Japan’s Dislocated Bond Market
Labubu Doll Drives Pop Mart to Status as China’s Most Valuable Toy Maker
Global Coal Demand Defies Paris Accord Goals
We have new information and breaking details to share about what is shaping up to be a historic air campaign tonight
Six Massive Bombs Dropped on Fordow; Trump: 'A Historic Moment for the U.S., Israel, and the World'
Fordow: Deeply Buried Iranian Enrichment Site in U.S.–Israel Crosshairs
United States Conducts Precision Strikes on Iran’s Nuclear Sites
US strikes Iran nuclear sites, Trump says
Pakistan to nominate Trump for Nobel Peace Prize.
BBC Demands Perplexity AI Immediately Stop Using Its Content
Telegram Founder: I Will Leave My Fortune to Over 100 of My Children
Political Turmoil Resurfaces in Belgium Amid Economic Concerns
Fed policymakers divided on timing of interest rate cuts
Trump signals imminent agreement with Harvard University
Inheritance tax referendum alarms Swiss billionaire community
Japan cancels bilateral security meeting amid US defence demands
AI skeptic Emily Bender warns that ‘the emperor has no clothes’
Israel Confirms Assassination of Quds Force Commander in Tehran
16 Billion Login Credentials Leaked in Unprecedented Cybersecurity Breach
Senate hearing on who was 'really running' Biden White House kicks off
Iranian Military Officers Reportedly Seek Contact with Reza Pahlavi, Signal Intent to Defect
FBI and Senate Investigate Allegations of Chinese Plot to Influence the 2020 Election in Biden’s Favor Using Fake U.S. Driver’s Licenses
Vietnam Emerges as Luxury Yacht Destination for Ultra‑Rich
Plans to Sell Dutch Embassy in Bangkok Face Local Opposition
China's Iranian Oil Imports Face Disruption Amid Escalating Middle East Tensions
Trump's $5 Million 'Trump Card' Visa Program Draws Nearly 70,000 Applicants
DGCA Finds No Major Safety Concerns in Air India's Boeing 787 Fleet
Airlines Reroute Flights Amid Expanding Middle East Conflict Zones
Elon Musk's xAI Seeks $9.3 Billion in Funding Amid AI Expansion
Trump Demands Iran's Unconditional Surrender Amid Escalating Conflict
Israeli Airstrike Targets Iranian State TV in Central Tehran
President Trump is leaving the G7 summit early and has ordered the National Security Council to the Situation Room
Taiwan Imposes Export Ban on Chips to Huawei and SMIC
Israel has just announced plans to strike Tehran again, and in response, Trump has urged people to evacuate
Netanyahu Signals Potential Regime Change in Iran
Juncker Criticizes EU Inaction on Trump Tariffs
EU Proposes Ban on New Russian Gas Contracts
Analysts Warn Iran May Resort to Unconventional Warfare
Iranian Regime Faces Existential Threat Amid Conflict
×