Iran hackers step up efforts to influence US election, Microsoft says

With hopes of gaining intelligence from US political campaigns and an aim to increase distrust throughout the US, groups connected with Iran's government have increased cyber-influence efforts three months from the US presidential election, a report from Microsoft's threat analysis centre alleges. "They've laid the groundwork for influence campaigns on trending election-related topics and begun to activate these campaigns in an apparent effort to stir up controversy or sway voters – especially in swing states," a blog post from Microsoft's general manager for threat analysis Clint Watts reads. This is the third Microsoft threat intelligence report on elections, which the technology company based in Redmond, Washington said was created to combat deepfake efforts while also increasing awareness of possible foreign interference in the vote. While digital disinformation campaigns from outside the US seeking to influence the presidential elections are not new, Microsoft’s report said the Iranian efforts have several distinct characteristics. “Iran’s operations have been notable and distinguishable from Russian campaigns for appearing later in the election season and employing cyberattacks more geared towards election conduct than swaying voters,” read the report. More specifically, the report said a group called Mint Sandstorm, operated by the Islamic Revolutionary Guard Corps (IRGC), recently sent a phishing email to a high-ranking official in a US presidential campaign. “The phishing email contained a fake forward with a hyperlink that directs traffic through an actor-controlled domain before redirecting to the listed domain,” said Microsoft, adding that a similar attempt from Mint Sandstorm took place several months before the 2020 US elections. Sefid Flood, who the report says is another Iran-linked influence actor, is attempting to impersonate social and political activist groups within the US. “This group’s operations may go as far as intimidation, doxing or violent incitement targeting political figures or social/political groups,” said Microsoft’s threat intelligence report. Microsoft said another Iranian network, Storm-2035, went as far as to masquerade as various news outlets and engage with voter groups at both the liberal and conservative ends of the US political spectrum. In a brief statement addressing the report, Iran's mission to the UN denied the hacking and cyber influence operation accusations. "Iran has been the victim of various cyber offensive operations against the country's infrastructures, public service centers and industries," the statement provided to Mehr, Iran's news agency read. "Iran's cyber power is defensive and proportionate to the threats it faces. Iran has no goal or plan for cyberattack. The US Presidential Election issue is an internal issue of this country and Iran has no involvement in it." Making matters potentially more problematic, Microsoft's report suggests the increasing usage of AI by various cyber-influence groups seeking to sow discord and increase mistrust. “We found evidence indicating that sites are using AI-enabled services to plagiarise at least some of their content from US publications,” said Microsoft’s threat intelligence team. "In total, we’ve seen nearly all actors seek to incorporate AI content in their operations, but more recently many actors have pivoted back to techniques that have proven effective in the past – simple digital manipulations, mischaracterisation of content and use of trusted labels or logos atop false information." Microsoft's threat intelligence report notes that while Iranian cyber-influence activity in the US has increased in recent months, it's far from new, alleging that since 2020 Tehran has sought to amplify cyberattacks and conduct influence campaigns with regard to elections in Bahrain and Israel. An increased focus on cyber-influence and disinformation campaigns in relation to elections has roots in the lead-up to the 2016 US presidential election , when it later became apparent that there was a significant Russian-backed campaign, which relied heavily on Facebook to ratchet up division in the US and potentially influence the election between Democratic candidate Hillary Clinton and Republican Donald Trump.

Iran hackers step up efforts to influence US election, Microsoft says

Tehran allegedly using AI and other technology to 'stir controversy'