Monday, February 10, 2025
Homecyber securityIranian Hackers Targeting 2024 US Election Campaigns

Iranian Hackers Targeting 2024 US Election Campaigns

Published on

SIEM as a Service

Follow Us on Google News

Microsoft has released a report detailing Iran’s efforts to influence the upcoming 2024 US presidential election.

The report highlights the increasing activity of groups linked to the Iranian government, aiming to sway voters and create controversy, particularly in key swing states.

This intelligence underscores the ongoing threat of foreign interference in American democracy.

Covert News Sites and Influence Operations

One of the primary tactics identified involves the establishment of covert news sites targeting US voter groups across the political spectrum.

These sites, such as “Nio Thinker” and “Savannah Time,” are designed to appeal to specific audiences by offering content that either insults political figures or focuses on divisive issues.

Microsoft has noted that these sites are likely using AI-enabled services to plagiarize content from legitimate US publications.

The goal appears to be to stir controversy and influence public opinion, thereby impacting the election’s outcome.

Additionally, a separate Iranian group has been laying the groundwork for more extreme influence operations.

How to Build a Security Framework With Limited Resources IT Security Team (PDF) - Free Guide

This includes potential activities aimed at inciting violence or intimidation against political figures, with the broader objectives of undermining election integrity and sowing chaos. These efforts reflect a sophisticated strategy to exploit existing divisions within the US.

Cyber Operations and Intelligence Gathering

Beyond influence campaigns, Iranian groups are also engaged in cyber operations targeting political campaigns.

A notable incident involved a spear phishing email sent to a high-ranking official in a presidential campaign.

This email, originating from a compromised account of a former senior advisor, aimed to redirect traffic through a domain controlled by the group.

Although attempting to access a former presidential candidate’s account was unsuccessful, it highlights the persistent threat posed by these cyber operations.

Another Iranian group, linked to the Islamic Revolutionary Guard Corps (IRGC), has been involved in strategic intelligence collection.

Their operations have focused on sectors such as satellite, defense, and health, with some targeting of US government organizations, particularly in swing states.

These efforts underscore Iran’s broader objectives of gathering intelligence to support future influence activities.

Microsoft’s Role in Election Security

The Microsoft Threat Intelligence Report, produced by the Microsoft Threat Analysis Center (MTAC), is part of the company’s ongoing efforts to track and counter election-related threats.

MTAC’s work is integral to Microsoft’s Democracy Forward initiative, which aims to protect democratic processes worldwide.

By sharing this intelligence, Microsoft seeks to raise voters’, government institutions’, and political parties’ awareness of the risks of influence campaigns.

In addition to releasing reports, Microsoft has been actively training candidates and parties involved in the 2024 elections.

Their longstanding offerings, such as AccountGuard, are designed to enhance security and resilience against foreign interference.

While Microsoft remains neutral in political endorsements, its commitment to combating election deepfakes and promoting education on foreign interference is clear.

Are you from SOC and DFIR Teams? – Analyse Malware Incidents & get live Access with ANY.RUN -> Free Access

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

UK Pressures Apple to Create Global Backdoor To Spy on Encrypted iCloud Access

United Kingdom has reportedly ordered Apple to create a backdoor allowing access to all...

Autonomous LLMs Reshaping Pen Testing: Real-World AD Breaches and the Future of Cybersecurity

Large Language Models (LLMs) are transforming penetration testing (pen testing), leveraging their advanced reasoning...

Securing GAI-Driven Semantic Communications: A Novel Defense Against Backdoor Attacks

Semantic communication systems, powered by Generative AI (GAI), are transforming the way information is...

Cybercriminals Target IIS Servers to Spread BadIIS Malware

A recent wave of cyberattacks has revealed the exploitation of Microsoft Internet Information Services...

Supply Chain Attack Prevention

Free Webinar - Supply Chain Attack Prevention

Recent attacks like Polyfill[.]io show how compromised third-party components become backdoors for hackers. PCI DSS 4.0’s Requirement 6.4.3 mandates stricter browser script controls, while Requirement 12.8 focuses on securing third-party providers.

Join Vivekanand Gopalan (VP of Products – Indusface) and Phani Deepak Akella (VP of Marketing – Indusface) as they break down these compliance requirements and share strategies to protect your applications from supply chain attacks.

Discussion points

Meeting PCI DSS 4.0 mandates.
Blocking malicious components and unauthorized JavaScript execution.
PIdentifying attack surfaces from third-party dependencies.
Preventing man-in-the-browser attacks with proactive monitoring.

More like this

UK Pressures Apple to Create Global Backdoor To Spy on Encrypted iCloud Access

United Kingdom has reportedly ordered Apple to create a backdoor allowing access to all...

Autonomous LLMs Reshaping Pen Testing: Real-World AD Breaches and the Future of Cybersecurity

Large Language Models (LLMs) are transforming penetration testing (pen testing), leveraging their advanced reasoning...

Securing GAI-Driven Semantic Communications: A Novel Defense Against Backdoor Attacks

Semantic communication systems, powered by Generative AI (GAI), are transforming the way information is...