Russia, China and Iran hackers target Trump and Biden, Microsoft says

  • Published
File photo of computerImage source, Getty Images
Image caption,
Both President Donald Trump and Democrat Joe Biden's campaigns have been targeted, Microsoft says

Hackers with ties to Russia, China and Iran are attempting to snoop on people and groups involved with the US 2020 presidential election, Microsoft says.

The Russian hackers who breached the 2016 Democratic campaign are again involved, said the US tech firm.

Microsoft said it was "clear that foreign activity groups have stepped up their efforts" targeting the election.

Both President Donald Trump and Democrat Joe Biden's campaigns are in the cyber-raiders' sights.

Russian hackers from the Strontium group have targeted more than 200 organisations, many of which are linked to US political parties - both Republicans and Democrats, Microsoft said in a statement.

The same attackers also targeted British political parties, said Microsoft, without specifying which ones.

Strontium is also known as Fancy Bear, a cyber-attack unit allegedly affiliated with Russia's GRU military intelligence service.

Russia and China have denied the reports. On Friday Dmitry Peskov, a spokesman for President Vladimir Putin, said the Kremlin had never tried to interfere in other countries' elections.

Chinese foreign ministry spokesman Zhao Lijian said Microsoft "should not make accusations against China out of nothing".

What else did Microsoft say?

"Similar to what we observed in 2016, Strontium is launching campaigns to harvest people's log-in credentials or compromise their accounts, presumably to aid in intelligence gathering or disruption operations," said Tom Burt, a Microsoft vice-president in charge of customer security and trust.

Most of the cyber-attacks had not been successful, according to Microsoft.

"What we've seen is consistent with previous attack patterns that not only target candidates and campaign staffers but also those they consult on key issues," Mr Burt said.

"These activities highlight the need for people and organisations involved in the political process to take advantage of free and low-cost security tools to protect themselves."

Microsoft also reported that Chinese groups had launched attacks on the personal email accounts of people affiliated with the Biden campaign, as well as "at least one prominent individual formerly associated with the Trump Administration".

"Prominent individuals" in the international affairs community, academic institutions and policy organisations were also said to have been targeted by a Chinese hacking group known as Zirconium.

An Iranian group known as Phosphorus had unsuccessfully sought to access accounts of White House officials and Mr Trump's campaign staff between May and June of this year, Microsoft added.

The firm was unable to determine the aims of the Russian, Chinese and Iranian hackers. In June Google also said it had detected cyber-hack attempts by China and Iran.

Trump campaign deputy press secretary Thea McDonald said: "We are a large target, so it is not surprising to see malicious activity directed at the campaign or our staff."

A Biden campaign official said: "We have known from the beginning of our campaign that we would be subject to such attacks and we are prepared for them."

The report comes a day after a whistleblower at the US Department of Homeland Security alleged he was put under pressure to downplay the threat of Russian interference in the US as it "made the president look bad".

Election interference a bipartisan issue

Analysis by Nada Tawfik, BBC North America reporter

In 2016, Russia's attempts to influence the election quickly became politicised and labelled a hoax by some of the president's supporters. Microsoft's findings highlight the fact that election interference is a bipartisan issue, with both Republicans and Democrats at risk.

Going into the 2020 vote, it is not just intelligence agencies, but also the private sector that is concerned and taking action to prevent threats to the democratic process.

But they can only do so much without government action. Tom Burt made a point in his post to encourage Congress to pass additional state funding to protect election infrastructure.

He then went further, encouraging countries to ensure peace and security in cyberspace through global initiatives, including one underway at the United Nations.

How did the Trump administration respond?

The Department of Homeland Security's top cyber-official, Christopher Krebs, said Microsoft's warning confirmed what the US intelligence community had already stated.

"It is important to highlight that none [of the targets] are involved in maintaining or operating voting infrastructure and there was no identified impact on election systems," Mr Krebs said.

Earlier on Thursday, the Trump administration charged a Russian national with plotting to interfere in the US political process.

The treasure department also imposed sanctions against a Moscow-linked Ukrainian lawmaker, Andrii Derkach, who is accused of similar meddling.

Mr Derkach allegedly released edited audio that was intended to smear Democrat Joe Biden. The recordings have been touted by President Donald Trump.

The Ukrainian met the US president's personal lawyer, Rudy Giuliani, last December.

Media caption,

Frank Luntz: "You cannot look at this election and feel good about it"

What has US intelligence said?

The US intelligence community said in August that China, Russia and Iran were actively trying to meddle in the forthcoming presidential election.

The assessment found that Russia was seeking to "denigrate" Mr Biden. It also found that China and Iran wanted Mr Trump to lose the vote.

Iran, US intelligence warned, could try to "undermine" US democratic institutions and the president through online content.

What happened in 2016?

US intelligence agencies concluded in 2016 that Russia was behind an effort to undermine Hillary Clinton's presidential run, with a state-authorised campaign of cyber attacks and fake news stories planted on social media.

Special Counsel Robert Mueller's investigation found Russian hackers gained access to Democratic National Committee systems as well as Clinton campaign chair John Podesta's personal email.

They leaked tens of thousands of emails from the campaign.

Facebook later testified that Russian-backed content sent out around the election reached up to 126 million Americans on the platform.

Mr Mueller did not determine that the Trump campaign had colluded with the alleged Russian election meddling.