Microsoft Report Discloses Russian, Chinese, and Iranian Hacks Targeting U.S. Elections

Threat Watch

Threat Watch Microsoft Report Discloses Russian, Chinese, and Iranian Hacks Targeting U.S. Elections

Microsoft Report Discloses Russian, Chinese, and Iranian Hacks Targeting U.S. Elections

Russia/China/Iran: A report released by Microsoft on Thursday confirmed what many have suspected since the 2016 presidential election: hackers haven’t stopped trying to hack U.S. elections, they’ve just shifted tactics. The report states that Russian hackers have moved from targeting organizations tied to the election with spear phishing campaigns to utilizing brute force attacks to log into targeted networks. So far, the Russian hackers have been seen rotating through 1,000 different IP addresses, and have been adding roughly 20 new ones each day. Chinese attackers have been focusing on compromising people rather than organizations and have been tied to approximately 150 compromised personal accounts to date. Chinese hackers have been focusing on utilizing known bugs on websites to target various individuals. Iranian hackers have kept their focus on members of the Trump campaign staff and administration officials between May and June. Some of these hackers are working at odds with each other according to a report from the Office of the Director of National Intelligence (ODNI). In a report from August, the ODNI outlines how Russian hackers had worked to sabotage Biden’s campaign, while China was targeting the Trump campaign.

ANALYST NOTES

: Influence operations, intelligence collection, and psychological operations have been heavily involved in international affairs for as long as countries have existed. As civilization advances, it would only make sense that the means by which these actions are carried out would advance as well. It is a fallacy to believe that just because a person’s level of access or position within an organization is lower that they will not be targeted. Anyone with access to networks desired by attackers can become a target, even if that access is through third party connections. It is important to regularly educate employees on current trends in phishing campaigns with training that is kept up to date.

More information on this topic can be found at: https://www.cnet.com/news/hackers-out-of-russia-china-iran-are-targeting-us-election-microsoft-finds/
The Microsoft report can be found at
https://blogs.microsoft.com/on-the-issues/2020/09/10/cyberattacks-us-elections-trump-biden/?ranMID=24542&ranEAID=je6NUbpObpQ&ranSiteID=je6NUbpObpQ-YeiDHHm18bYPKLAxY1e8Ww&epi=je6NUbpObpQ-YeiDHHm18bYPKLAxY1e8Ww&irgwc=1&OCID=AID2000142_aff_7593_1243925&tduid=%28ir__310qvakwq0kfth0vkk0sohzg2m2xicjsr1zoue1e00%29%287593%29%281243925%29%28je6NUbpObpQ-YeiDHHm18bYPKLAxY1e8Ww%29%28%29&irclickid=_310qvakwq0kfth0vkk0sohzg2m2xicjsr1zoue1e00

The war in Ukraine and its impact on how China views Taiwan

Digging through Rust to find Gold: Extracting Secrets from Rust Malware

5 Critical Criteria for evaluating Managed Detection & Response (MDR)

How Ransomware Capabilities Are Evolving and What You Can Do to Keep Your Organization Secure

Threat Watch