Security News > 2020 > September > China, Russia and Iran all attacking US elections and using some nasty new tactics, says Microsoft
Microsoft believes there have been extensive "Cyberattacks targeting people and organizations involved in the upcoming presidential election," and that foreign government hackers responsible for attacks ahead of the 2016 vote are back with new and nastier tactics.
The Windows giant's corporate veep for Customer Security & Trust Tom Burt said both sides of US politics are being attacked, that China, Russia and Iran are all active, and that the spies are also actively targeting UK political parties and other international institutions.
Strontium has largely abandoned phishing and is now using brute-force attacks and password spray, Microsoft suggests.
Microsoft has code-named China's attackers Zirconium, and Burt wrote that the team has conducted "Thousands of attacks. between March 2020 and September 2020 resulting in nearly 150 compromises."
"While the political organizations targeted in attacks from these actors are not those that maintain or operate voting systems, this increased activity related to the US electoral process is concerning for the whole ecosystem. We continue to encourage state and local election authorities in the US to harden their operations and prepare for potential attacks. But as election security experts have noted, additional funding is still needed, especially as resources are stretched to accommodate the shift in COVID-19-related voting."
News URL
Related news
- US warns of last-minute Iranian and Russian election influence ops (source)
- China's Volt Typhoon reportedly breached Singtel in 'test-run' for US telecom attacks (source)
- Reminder: China-backed crews compromised 'multiple' US telcos in 'significant cyber espionage campaign' (source)
- T-Mobile US 'monitoring' China's 'industry-wide attack' amid fresh security breach fears (source)
- Hackers breach US firm over Wi-Fi from Russia in 'Nearest Neighbor Attack' (source)
- China has utterly pwned 'thousands and thousands' of devices at US telcos (source)
- Microsoft: Another Chinese cyberspy crew targeting US critical orgs 'as of yesterday' (source)
- Iran-linked crew used custom 'cyberweapon' in US critical infrastructure attacks (source)