Russian hackers targeting US election campaigns, says Microsoft

The same Russian military intelligence outfit that hacked the Democrats in 2016 has renewed vigorous US election-related targeting, trying to breach computers at more than 200 organisations including political campaigns and their consultants, Microsoft said Thursday.

The intrusion attempts reflect a stepped up effort to infiltrate the US political establishment, the company said.

“What we’ve seen is consistent with previous attack patterns that not only target candidates and campaign staffers but also those who they consult on key issues,” Tom Burt, a Microsoft vice president, said in a blog post.

UK and European political groups were also probed, he added.

Most of the hacking attempts by Russian, Chinese and Iranian agents were halted by Microsoft security software and the targets notified, he said.

The company would not comment on who may have been successfully hacked or the impact.

Although US intelligence officials said last month that the Russians favour President Donald Trump and the Chinese prefer his Democratic challenger, former Vice President Joe Biden, Microsoft noted Thursday that Chinese state-backed hackers have targeted “high profile individuals associated with the election,” including people associated with the Biden campaign.

China’s hackers largely gather intelligence for economic and political advantage, while Russia tends to weaponise stolen data to destabilize other governments.

Microsoft did not assess which foreign adversary poses the greater threat to the integrity of the November presidential election.

The consensus among cybersecurity experts is that Russian interference is the gravest. Senior Trump administration officials have disputed that, although without offering any evidence.

“This is the actor from 2016, potentially conducting business as usual,” said John Hultquist, director of intelligence analysis at the cybersecurity firm FireEye.

“We believe that Russian military intelligence continues to pose the greatest threat to the democratic process.”

The Microsoft post shows that Russian military intelligence continues to pursue election-related targets undeterred by US indictments, sanctions and other countermeasures, Hultquist said.

It interfered in the 2016 campaign seeking to benefit the Trump campaign by hacking the Democratic National Committee and emails of John Podesta, the campaign manager of Hillary Clinton, and dumping embarrassing material online, congressional and FBI investigators have found.

Read: Russian state hackers suspected in targeting Joe Biden campaign firm, say sources

The same GRU military intelligence unit, known as Fancy Bear, that Microsoft identifies as being behind the current election-related activity also broke into voter registration databases in at least three states in 2016, though there is no evidence it tried to interfere with voting.

Microsoft, which has visibility into these efforts because its software is both ubiquitous and highly rated for security, did not address whether U.S. officials who manage elections or operate voting systems have been targeted by state-backed hackers this year.

US intelligence officials say they have so far not seen no evidence of infiltrations.

Thomas Rid, a Johns Hopkins geopolitics expert, said he was disappointed by Microsoft’s refusal to differentiate threat level by state actor.

Read: Trump says he is willing to spend his own money to win re-election

“They’re lumping in actors that operate in a very different fashion, probably to make this sound more bipartisan,” he said.

“I just don’t understand why.”

Microsoft said in the past year it has observed attempts by Fancy Bear to break into the accounts of people directly and indirectly affiliated with the U.S. election, including consultants serving Republican and Democratic campaigns and national and state party organizations — more than 200 groups in all.

Also targeted was the center-right European People’s Party, the largest grouping in the European Parliament. A party spokesperson said the hacking attempts were unsuccessful.

The German Marshall Fund of the United States, a think tank, was another target. A spokesperson said there was no evidence of intrusion.

Read: Trump on defensive as critics seize on reports he insulted US veterans

Microsoft did not say whether Russian hackers had attempted to break into the Biden campaign but did say that Chinese hackers from the state-backed group known as Hurricane Panda “appears to have indirectly and unsuccessfully” targeted the Biden campaign through non-campaign email accounts belonging to people affiliated with it.

The Biden campaign did not confirm the attempt, although it said in a statement that it was aware of the Microsoft report.

Iranian state-backed hackers have unsuccessfully tried to log into accounts of Trump campaign and administration officials between May and June of this year, the blog said.

“We are a large target, so it is not surprising to see malicious activity directed at the campaign or our staff,” Trump campaign deputy press secretary Thea McDonald said. She declined further comment.

Tim Murtaugh, the campaign’s communications director, said: “President Trump will beat Joe Biden fair and square and we don’t need or want any foreign interference.”

Also Read | Twitter to label or remove misleading claims on vote results

Also Read | US blacklists four Russia-linked individuals over election interference

Also Watch | Joe Biden accepts Democratic presidential nomination

Russian hackers targeting US election campaigns, says Microsoft