UPDATED 14:48 EDT / AUGUST 09 2024

SECURITY

Microsoft uncovers Iranian cyber activities designed to influence US elections

Microsoft Corp. researchers have uncovered several Iranian cyber operations designed to influence the U.S. elections.

The company detailed its findings in a report published today. The research was carried out by its MTAC, or Microsoft Threat Analysis Center, unit. MTAC focuses on tracking online influence operations run by state-backed actors.

The cyber campaigns detailed in the report are run by four Iranian groups. Two of the groups focus on stirring controversy and swaying U.S. voters. The other two are seeking to collect intelligence about political campaigns with the goal of influencing the elections.

The first group uncovered by Microsoft’s MTAC unit created a set of fake news websites focused on political topics. One of the websites, called Nio Thinker, targeted left-leaning voters. Another website called the Savannah Time positioned itself as the “trusted source for conservative news in the vibrant city of Savannah.” Microsoft’s researchers determined that the websites included content plagiarized from U.S. publications using artificial intelligence.

MTAC also identified a second Iranian group focused on carrying out influence operations. “We believe this group may be setting itself up for activities that are even more extreme, including intimidation or inciting violence against political figures or groups, with the ultimate goals of inciting chaos, undermining authorities, and sowing doubt about election integrity,” Microsoft’s researchers detailed. The company believes that the group has been been laying the groundwork for this influence campaign since March.

The two other Iranian cyber groups detailed in today’s report have a different goal: collecting intelligence about U.S. political campaigns.

One of those groups recently sent a spear phishing email to a high-ranking official on a presidential campaign. According to MTAC, the message was sent from the compromised email account of a former senior advisor. The message contained a website link that rerouted the user’s traffic through a domain controlled by the hackers.

The second intelligence gathering group identified by Microsoft compromised an “account of a county-level government employee in a swing state.” The company didn’t specify the service in which the compromised account was created. Microsoft says that the breach was part of a broader password spraying attack, which is a type of cyberattack in which a hacker attempts to take over multiple accounts using a single stolen password.

Today’s report comes about five months after Microsoft’s MTAC unit detailed two China-backed disinformation campaigns targeted at voters in the U.S. and abroad. One of the campaigns spread disinformation using a network of social media accounts designed to impersonate U.S. voters. The other influence operation spread fake news about trending topics.

Image: Unsplash

A message from John Furrier, co-founder of SiliconANGLE:

Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.

  • 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
  • 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.

Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.