Iranian Hackers Targeting 2024 US Election Campaigns

Microsoft has released a report detailing Iran’s efforts to influence the upcoming 2024 US presidential election.

The report highlights the increasing activity of groups linked to the Iranian government, aiming to sway voters and create controversy, particularly in key swing states.

This intelligence underscores the ongoing threat of foreign interference in American democracy.

Covert News Sites and Influence Operations

One of the primary tactics identified involves the establishment of covert news sites targeting US voter groups across the political spectrum.

These sites, such as “Nio Thinker” and “Savannah Time,” are designed to appeal to specific audiences by offering content that either insults political figures or focuses on divisive issues.

Microsoft has noted that these sites are likely using AI-enabled services to plagiarize content from legitimate US publications.

The goal appears to be to stir controversy and influence public opinion, thereby impacting the election’s outcome.

Additionally, a separate Iranian group has been laying the groundwork for more extreme influence operations.

How to Build a Security Framework With Limited Resources IT Security Team (PDF) - Free Guide

This includes potential activities aimed at inciting violence or intimidation against political figures, with the broader objectives of undermining election integrity and sowing chaos. These efforts reflect a sophisticated strategy to exploit existing divisions within the US.

Cyber Operations and Intelligence Gathering

Beyond influence campaigns, Iranian groups are also engaged in cyber operations targeting political campaigns.

A notable incident involved a spear phishing email sent to a high-ranking official in a presidential campaign.

This email, originating from a compromised account of a former senior advisor, aimed to redirect traffic through a domain controlled by the group.

Although attempting to access a former presidential candidate’s account was unsuccessful, it highlights the persistent threat posed by these cyber operations.

Another Iranian group, linked to the Islamic Revolutionary Guard Corps (IRGC), has been involved in strategic intelligence collection.

Their operations have focused on sectors such as satellite, defense, and health, with some targeting of US government organizations, particularly in swing states.

These efforts underscore Iran’s broader objectives of gathering intelligence to support future influence activities.

Microsoft’s Role in Election Security

The Microsoft Threat Intelligence Report, produced by the Microsoft Threat Analysis Center (MTAC), is part of the company’s ongoing efforts to track and counter election-related threats.

MTAC’s work is integral to Microsoft’s Democracy Forward initiative, which aims to protect democratic processes worldwide.

By sharing this intelligence, Microsoft seeks to raise voters’, government institutions’, and political parties’ awareness of the risks of influence campaigns.

In addition to releasing reports, Microsoft has been actively training candidates and parties involved in the 2024 elections.

Their longstanding offerings, such as AccountGuard, are designed to enhance security and resilience against foreign interference.

While Microsoft remains neutral in political endorsements, its commitment to combating election deepfakes and promoting education on foreign interference is clear.

Are you from SOC and DFIR Teams? – Analyse Malware Incidents & get live Access with ANY.RUN -> Free Access