Microsoft reports that 'Presidential elections are under cyberattack from hacker organizations in Russia, China and Iran'



Microsoft reported on its official blog that hackers from Russia, China and Iran are conducting cyberattacks on individuals and organizations related to the 2020 US presidential election. Most of the attacks have been detected by security tools and have already been thwarted.

New cyberattacks targeting US elections --Microsoft on the Issues

https://blogs.microsoft.com/on-the-issues/2020/09/10/cyberattacks-us-elections-trump-biden/



◆ Attack from Russia
The attacks confirmed by Russia were by groups called ' Fancy Bear ' or 'APT28' and 'Strontiunm'. Fancy Bear is a hacking group that reports directly to the General Information Bureau (GRU) of the Russian Federation Army Chief of Staff, and is said to be involved in the alleged Russian interference in the 2016 US presidential election, the so-called ' Russian Gate '. In August 2020, a fancy bear malware tool was also discovered.

FBI / NSA warns that Russian government hacker group 'Fancy Bear' is threatening national security with undiscovered Linux malware tool 'Drovorub' --GIGAZINE



According to Microsoft, more than 200 organizations have been attacked since September 2019, including Republican and Democratic election consultants, some funds and support groups, national and political parties, and European and British political parties. That thing. Most of the attacks were phishing scams called spear phishing , but in recent months there have been many attempts to steal credentials through brute force attacks and password spray attacks via Tor .

◆ Attack from China
According to Microsoft, a Chinese hacker organization called ' Zirconium ' launched thousands of attacks between March 2020 and September 2020, with about 150 reported hacking damages. thing. Zirconium is said to be directly attacking candidates for the US presidential election, for example, the email account used by Democratic candidate Joe Biden's campaign officials was targeted. Zirconium also targets celebrities in the international affairs community and scholars in international affairs.

Zirconium also uses 'web bugs' or 'web beacons' to email malicious URLs to target and understand the behavior of attackers who access the site. It turns out that.



◆ Attack from Iran
The hacker organization Phosphorus, which operates in Iran, is said to be targeting organizations related to geopolitics, economics, and human rights issues in the Middle East. Microsoft filed a proceeding against Phosphorus in May 2019, and it seems that Phosphorus was wary of taking action against the US presidential election. In fact. Between May and June 2020, Phosphorus was found to have failed trying to log in to the accounts of government officials and President Trump's campaign staff.

Microsoft says, 'When we report national activities to our customers and provide materials to the general public, regardless of the nationality of the actor, we report on elections, government and policy making. We are taking further steps to protect our customers and will continue to announce more important activities in our efforts to protect democracy, 'he said.' National activities, including presidential elections. And are willing to prepare for attacks on organizations.

in Security, Posted by log1i_yk