Microsoft Confirms Cyber-Attacks on Biden & Trump Campaigns
Microsoft reports breaching of email accounts belonging to individuals associated with the Biden and Trump election campaigns by Chinese, Iranian, and Russian state-sponsored hackers.
Tom Burt, Corporate VP for Customer Security and Trust at Microsoft, revealed the occurrences in a detailed blog post after Reuters announced about a portion of the Russian attacks against the Biden camp.
“Most of these assaults” were recognized and blocked, which is what he added later and revealed in the blog post with respect to the additional attacks and furthermore affirmed a DNI report from August that asserted that Chinese and Iranian hackers were likewise focusing on the US election process.
As indicated by Microsoft, the attacks conducted by Russian hackers were connected back to a group that the organization has been tracking under the name of Strontium and the cybersecurity industry as APT28 or Fancy Bear.
While Strontium generally carried out the spear-phishing email attacks, as of late, the group has been utilizing ‘brute-force’ and password spraying techniques as an integral technique to breaching accounts.
Then again, the attacks by Iranian hackers originated from a group tracked as Phosphorous (APT35, Charming Kitten, and the Ajax Security Group).
These attacks are a continuation of a campaign that began a year ago, and which Microsoft recognized and cautioned about in October 2019.
At that point, Microsoft cautioned that the hackers focused on “a 2020 US presidential campaign” yet didn’t name which one.
Through some open-source detective work, a few individuals from the security community later linked the attacks to the Trump campaign.
What’s more, only a couple of days back Microsoft affirmed that the attacks are indeed focused on the Trump campaign, yet in addition unveiled a new activity identified with the said group.
The attacks were likewise identified by Chinese groups.
While presently there are several hacking groups that are assumed to work under orders and the security of the Chinese government, Microsoft said that the attacks focusing on US campaigns originated from a group known as Zirconium (APT31), which is a similar group that Google spotted not long ago, in June.
Microsoft says it detected thousands of attacks coordinated by this group between March 2020 and September 2020, with the hackers accessing almost some 150 accounts during that time period.