Russian group blamed for hacking Democrats in 2016 ‘attempting new intrusions’
10 September 2020, 20:34
Microsoft would not say who might have been successfully hacked or what the impact would be.
The same Russian military intelligence outfit that hacked the Democrats in 2016 has attempted similar intrusions into the computer systems of more than 200 organisations including political parties and consultants, Microsoft has said.
Those efforts appear to be part of a broader increase in targeting of US political campaigns and related groups, the company said.
“What we’ve seen is consistent with previous attack patterns that not only target candidates and campaign staffers but also those who they consult on key issues,” Tom Burt, a Microsoft vice president, said in a blog post.
Most of the infiltration attempts by Russian, Chinese and Iranian agents were halted by Microsoft security software and the targets notified, he said.
The company would not comment on who may have been successfully hacked or the impact.
Microsoft did not assess which foreign adversary poses the greater threat to the integrity of the November presidential election.
The consensus among cybersecurity experts is that Russian interference is the gravest.
Senior Trump administration officials have disputed that, though without offering any evidence.
“This is the actor from 2016, potentially conducting business as usual,” said John Hultquist, director of intelligence analysis at the top cybersecurity firm FireEye.
“We believe that Russian military intelligence continues to pose the greatest threat to the democratic process.”
The Microsoft post shows that Russian military intelligence continues to pursue election-related targets undeterred by US indictments, sanctions and other countermeasures, Mr Hultquist said.
It interfered in the 2016 campaign seeking to benefit the Trump campaign by hacking the Democratic National Committee and emails of John Podesta, the campaign manager of Hillary Clinton, and dumping embarrassing material online, congressional and FBI investigators have found.
The same GRU military intelligence unit, known as Fancy Bear, that Microsoft identifies as being behind the current election-related activity also broke into voter registration databases in at least three states in 2016, though there is no evidence it tried to interfere with voting.
Microsoft, which has visibility into these efforts because its software is both ubiquitous and highly rated for security, did not address whether US officials who manage elections or operate voting systems have been targeted by state-backed hackers this year.
US intelligence officials say they have so far not seen no evidence of that.
They said last month that the Russians favour President Donald Trump and the Chinese prefer former vice president Joe Biden, the Democratic challenger.
But China is largely an espionage threat, while Russia steals data and weaponises it.
