Microsoft has warned that Iran is using cyber operations to influence the US 2024 presidential election. The report, released by the Microsoft Threat Analysis Center (MTAC), details the increasing activity of Iranian groups connected to the government, which are attempting to sway voters and gain intelligence on political campaigns.
Microsoft warns of Iranian cyber operations targets
According to the report, Iranian groups have been launching covert news sites targeting US voter groups on opposing ends of the political spectrum. One of the sites, called Nio Thinker, caters to left-leaning audiences and insults former president Donald Trump, while another, called Savannah Time, claims to be a “trusted source for conservative news” and focuses on topics including LGBTQ+ issues and gender reassignment. The evidence suggests that the sites are using AI-enabled services to plagiarize at least some of their content from US publications.
A separate Iranian group has been setting the groundwork for US-focused influence operations since March. the tech giant believes this group may be setting itself up for activities that are even more extreme, including intimidation or inciting violence against political figures or groups, with the ultimate goals of inciting chaos, undermining authorities, and sowing doubt about election integrity.
The report also highlights the activity of an Iranian group connected with the Islamic Revolutionary Guard Corps (IRGC), which sent a spear phishing email in June to a high-ranking official on a presidential campaign from the compromised email account of a former senior advisor. The email contained a link that would direct traffic through a domain controlled by the group before routing to the website of the provided link. Within days of this activity, the same group unsuccessfully attempted to log into an account belonging to a former presidential candidate.
Furthermore, a fourth Iranian group compromised an account of a county-level government employee in a swing state. The compromise was part of a broader password spray operation, and Microsoft Threat Intelligence did not observe the actor gain additional access beyond the single account, making it hard to discern the group’s ultimate objectives.
Microsoft’s report is part of its broader Democracy Forward work, which aims to track threats to elections and promote education and learning about possible foreign interference. The company has also been training candidates and parties involved in elections this year, building on its longstanding offerings, like AccountGuard.
In a statement, Microsoft said, “We share intelligence like this so voters, government institutions, candidates, parties, and others can be aware of influence campaigns and protect themselves from threats. We’ve also been training candidates and parties involved in elections this year, building on our longstanding offerings, like AccountGuard. Finally, Microsoft will not endorse a candidate or political party. Our goal in releasing these reports is to underscore the importance of combating election deepfakes and promoting education and learning about possible foreign interference.”
The report’s findings highlight the increasing threat of foreign interference in US elections and the need for vigilance and education to combat these threats. As the US presidential election approaches, it is essential for voters, government institutions, and candidates to be aware of these influence campaigns and take steps to protect themselves from threats.
Discover more from Microsoft News Now
Subscribe to get the latest posts sent to your email.
