Sept. 10 (UPI) — Microsoft said Thursday it’s detected an increase in cyberattacks related to the November presidential election coming from China, Iran and Russia.
The technology company said the attacks have targeted hundreds of people and organizations involved in both the Biden and Trump campaigns.
“The activity we are announcing today makes clear that foreign activity groups have stepped up their efforts targeting the 2020 election as had been anticipated, and is consistent with what the U.S. government and others have reported,” Tom Burt, Microsoft’s vice president of customer security and trust, said in a blog post.
In China, a group known as Zirconium has attempted to gain intelligence on the upcoming U.S. election starting in March and continuing through this month, Microsoft said. The group allegedly caused 150 compromises targeting the presidential candidates, their campaigns, and prominent individuals and organizations in the international affairs community.
The company said Zirconium used something called “web bugs” or “web beacons,” sending a URL as targeted emails or text messages to determine if the recipients’ accounts are active.
In Iran, a group known as Phosphorus allegedly attempted to access the personal or work accounts of people involved in the U.S. presidential election between May and June. The group previously carried out espionage on various organizations tied to geopolitical, economic or human rights interests in the Middle East.
And finally, in Russia, a group known as Strontium allegedly carried out attacks between September 2019 and this month to harvest login information for more than 200 organizations directly or indirectly affiliated with elections. Among those targeted were consultants for both major parties, the German Marshall Fund think tank, national and state party organizations, and the European People’s Party.
The organization was previously blamed for a cyberattack on the Democratic presidential campaign in 2016.
Burt said Microsoft security tools stopped a majority of the attacks and the company notified those targeted or compromised.