Microsoft has published a report in which it claims that Iran’s cyber operations are a threat to the 2024 US presidential election. The threat analysis center of this technology giant (known as Microsoft Threat Analysis Center) claims to have observed an increase in activities related to groups that it attributes to the Iranian government.
According to a post on Microsoft’s blog, the groups in question appear to be running influence campaigns on election-related issues and have launched operations that may target voters, particularly in gray states where either party has a chance to win. has an effect The company also claims that these groups are collecting information about political campaigns that Microsoft believes could be used to influence future elections.
Microsoft’s report describes four examples of activities attributed to Iran by this company; One case involves the creation of news sites that allegedly target American voters across the political spectrum. These sites with the names “Nio Thinker” and “Savannah Time” deal with controversial issues and different political views. Microsoft says that these sites steal at least some of their content from American publications using AI-based services.
Microsoft claims that another group that has been active since March (March 1402 and April 1403) may be preparing for more intense activities. The company speculates that these activities may include attempts to intimidate or incite violence against political figures or groups, with the possible aim of creating chaos and undermining public confidence in the electoral process.
A third group, which Microsoft associates with the Islamic Revolutionary Guard Corps, apparently attempted a targeted phishing attack against a high-ranking official in the presidential campaign in June. It is said that the same group later tried to access the account of one of the former presidential candidates.
The fourth example mentioned involves the hacking of a county government employee’s account in one of the gray states, which Microsoft said was part of a wider “Password Spray Operation”. Microsoft says that from early 2023, the group’s operations will focus on gathering strategic intelligence, particularly in the satellite, defense and health sectors, targeting some US government agencies, often in gray states.
Microsoft’s report also points to activities attributed to factors linked to Russian and Chinese interests, though it says these activities vary in impact. The company said it is sharing the information to raise awareness of potential intrusion campaigns and help protect relevant parties from these threats.
The report in question is part of Microsoft’s ongoing efforts to monitor election-related cyber threats globally. The company has stated that it does not endorse any candidate or party and aims to combat election-related misinformation by publishing such reports.
