Microsoft has detected cyberattacks targeting people and organizations involved in the upcoming presidential election, including unsuccessful attacks on people associated with both the Trump and Biden campaigns, as detailed below.
There were 3 different attacks detected from China, Russia, and Iran. However, the biggest attack that made some noise is the hackers’ group APT28. The Russian group is the same one that did all the cyberattacks on the 2016 U.S. elections.
John Hultquist, Senior Director of Analysis at Mandiant Threat Intelligence, Said:
“The targeting of political organizations is a common feature of cyber espionage. Parties and campaigns are good sources of intelligence on future policy, but APT28’s unique history raises the prospect of follow-on information operations or other devastating activities. In addition to the hack and leak campaign during the 2016 election, the GRU has carried out many of the brashest and aggressive cyber operations to ever come to light, such as the economically devastating NotPetya attacks and the attempted disruption of the Pyeongchang Olympic Games. The GRU routinely violates international norms and has not been dissuaded by indictments and other attempts to halt their malicious activity.”
