Microsoft Warns of Increased Iranian Cyber Activity Targeting US Election

Microsoft: Iran accelerating cyber activity in apparent bid to influence US election

Iran is ramping up online activity that appears intended to influence the upcoming U.S. election, in one case targeting a presidential campaign with an email phishing attack, Microsoft said Friday. Iranian actors also have spent recent months creating fake news sites and impersonating activists, laying the groundwork to stoke division and potentially sway American voters this fall, especially in swing states, the technology giant found. The findings in Microsoft's newest threat intelligence report show how Iran, which has been active in recent U.S. campaign cycles, is evolving its tactics for another election that's likely to have global implications. The report goes a step beyond anything U.S. intelligence officials have disclosed, giving specific examples of Iranian groups and the actions they have taken so far. Iran's United Nations mission denied it had plans to interfere or launch cyberattacks in the U.S. presidential election. The report doesn't specify Iran's intentions besides sowing chaos in the United States, though U.S. officials have previously hinted that Iran particularly opposes former President Donald Trump. U.S. officials also have expressed alarm about Tehran's efforts to seek retaliation for a 2020 strike on an Iranian general that was ordered by Trump. This week, the Justice Department unsealed criminal charges against a Pakistani man with ties to Iran who's alleged to have hatched assassination plots targeting multiple officials, potentially including Trump. The report also reveals how Russia and China are exploiting U.S. political polarization to advance their own divisive messaging in a consequential election year. Microsoft's report identified four examples of recent Iranian activity that the company expects to increase as November's election draws closer. First, a group linked to Iran's Revolutionary Guard in June targeted a high-ranking U.S. presidential campaign official with a phishing email, a form of cyberattack often used to gather sensitive information, according to the report, which didn't identify which campaign was targeted. The group concealed the email's origins by sending it from the hacked email account of a former senior adviser, Microsoft said. Days later, the Iranian group tried to log into an account that belonged to a former presidential candidate but wasn't successful, Microsoft's report said. The company notified those who were targeted. In a separate example, an Iranian group has been creating websites that pose as U.S.-based news sites targeted to voters on opposite sides of the political spectrum, the report said. One fake news site that lends itself to a left-leaning audience insults Trump by calling him "raving mad" and suggests he uses drugs, the report said. Another site meant to appeal to Republican readers centers on LGBTQ issues and gender-affirming surgery. A third example Microsoft cited found that Iranian groups are impersonating U.S. activists, potentially laying the groundwork for influence operations closer to the election. Finally, another Iranian group in May compromised an account owned by a government employee in a swing state, the report said. It was unclear whether that cyberattack was related to election interference efforts. Iran's U.N. mission sent The Associated Press an emailed statement: "Iran has been the victim of numerous offensive cyber operations targeting its infrastructure, public service centers, and industries. Iran's cyber capabilities are defensive and proportionate to the threats it faces. Iran has neither the intention nor plans to launch cyber attacks. The U.S. presidential election is an internal matter in which Iran does not interfere." The Microsoft report said that as Iran escalates its cyber influence, Russia-linked actors also have pivoted their influence campaigns to focus on the U.S. election, while actors linked to the Chinese Communist Party have taken advantage of pro-Palestinian university protests and other current events in the U.S. to try to raise U.S. political tensions. Microsoft said it has continued to monitor how foreign foes are using generative AI technology. The increasingly cheap and easy-to-access tools can generate lifelike fake images, photos and videos in seconds, prompting concern among some experts that they will be weaponized to mislead voters this election cycle. While many countries have experimented with AI in their influence operations, the company said, those efforts haven't had much impact so far. The report said as a result, some actors have "pivoted back to techniques that have proven effective in the past -- simple digital manipulations, mischaracterization of content, and use of trusted labels or logos atop false information." Microsoft's report aligns with recent warnings from U.S. intelligence officials, who say America's adversaries appear determined to seed the internet with false and incendiary claims ahead of November's vote. Top intelligence officials said last month that Russia continues to pose the greatest threat when it comes to election disinformation, while there are indications that Iran is expanding its efforts and China is proceeding cautiously when it comes to 2024. Iran's efforts seem aimed at undermining candidates seen as being more likely to increase tension with Tehran, the officials said. That's a description that fits Trump, whose administration ended a nuclear deal with Iran, reimposed sanctions and ordered the killing of the top Iranian general. The influence efforts also coincide with a time of high tensions between Iran and Israel, whose military the U.S. strongly supports. Director of National Intelligence Avril Haines said last month that the Iranian government has covertly supported American protests over Israel's war against Hamas in Gaza. Groups linked to Iran have posed as online activists, encouraged protests and provided financial support to some protest groups, Haines said. America's foes, Iran among them, have a long history of seeking to influence U.S. elections. In 2020, groups linked to Iran sent emails to Democratic voters in an apparent effort to intimidate them into voting for Trump, intelligence officials said.

Iran is targeting the U.S. election with fake news sites and cyberattacks, Microsoft says

Iran is accelerating online activity that appears intended to influence the U.S. election, in one case targeting a presidential campaign with an email phishing attack, Microsoft said Friday. Iranian actors also have spent recent months creating fake news sites and impersonating activists, laying the groundwork to stoke division and potentially sway American voters this fall, especially in swing states, the technology giant found. The findings in Microsoft's newest threat intelligence report show how Iran, which has been active in recent U.S. elections, is evolving its tactics for another election that's likely to have global implications. The report goes a step beyond anything U.S. intelligence officials have disclosed, giving specific examples of Iranian groups and the actions they have taken so far. Iran's United Nations mission denied it had plans to interfere or launch cyberattacks in the U.S. presidential election. The report doesn't specify Iran's intentions besides sowing chaos in the United States, though U.S. officials have previously hinted that Iran particularly opposes former President Donald Trump. U.S. officials also have expressed alarm about Tehran's efforts to seek retaliation for a 2020 strike on an Iranian general that was ordered by Trump. This week, the Justice Department unsealed criminal charges against a Pakistani man with ties to Iran who's alleged to have hatched assassination plots targeting multiple officials, potentially including Trump. The report also reveals how Russia and China are exploiting U.S. political polarization to advance their own divisive messaging in a consequential election year. Microsoft's report identified four examples of recent Iranian activity that the company expects to increase as November's election draws closer. First, a group linked to Iran's Revolutionary Guard in June targeted a high-ranking U.S. presidential campaign official with a phishing email, a form of cyberattack often used to gather sensitive information, according to the report, which didn't identify which campaign was targeted. The group concealed the email's origins by sending it from the hacked email account of a former senior adviser, Microsoft said. Days later, the Iranian group tried to log into an account that belonged to a former presidential candidate, but wasn't successful, Microsoft's report said. The company notified those who were targeted. In a separate example, an Iranian group has been creating websites that pose as U.S.-based news sites targeted to voters on opposite sides of the political spectrum, the report said. One fake news site that lends itself to a left-leaning audience insults Trump by calling him "raving mad" and suggests he uses drugs, the report said. Another site meant to appeal to Republican readers centers on LGBTQ issues and gender-affirming surgery. A third example Microsoft cited found that Iranian groups are impersonating U.S. activists, potentially laying the groundwork for influence operations closer to the election. Finally, another Iranian group in May compromised an account owned by a government employee in a swing state, the report said. It was unclear whether that cyberattack was related to election interference efforts. Iran's U.N. mission sent The Associated Press an emailed statement: "Iran has been the victim of numerous offensive cyber operations targeting its infrastructure, public service centers, and industries. Iran's cyber capabilities are defensive and proportionate to the threats it faces. Iran has neither the intention nor plans to launch cyber attacks. The U.S. presidential election is an internal matter in which Iran does not interfere." The Microsoft report said that as Iran escalates its cyber influence, Russia-linked actors also have pivoted their influence campaigns to focus on the U.S. election, while actors linked to the Chinese Communist Party have taken advantage of pro-Palestinian university protests and other current events in the U.S. to try to raise U.S. political tensions. Microsoft said it has continued to monitor how foreign foes are using generative AI technology. The increasingly cheap and easy-to-access tools can generate lifelike fake images, photos and videos in seconds, prompting concern among some experts that they will be weaponized to mislead voters this election cycle. While many countries have experimented with AI in their influence operations, the company said, those efforts haven't had much impact so far. The report said as a result, some actors have "pivoted back to techniques that have proven effective in the past - simple digital manipulations, mischaracterization of content, and use of trusted labels or logos atop false information." Microsoft's report aligns with recent warnings from U.S. intelligence officials, who say America's adversaries appear determined to seed the internet with false and incendiary claims ahead of November's vote. Top intelligence officials said last month that Russia continues to pose the greatest threat when it comes to election disinformation, while there are indications that Iran is expanding its efforts and China is proceeding cautiously when it comes to 2024. Iran's efforts seem aimed at undermining candidates seen as being more likely to increase tension with Tehran, the officials said. That's a description that fits Trump, whose administration ended a nuclear deal with Iran, reimposed sanctions and ordered the killing of the top Iranian general. An update last month from officials with the Office of the Director of National Intelligence (ODNI), FBI and Department of Homeland Security concluded that Tehran's efforts appeared designed to undercut Trump. "Since our last update, the [intelligence community] has observed Tehran working to influence the presidential election, probably because Iranian leaders want to avoid an outcome they perceive would increase tensions with the United States," a senior ODNI official said, adding, "Iran's preference is essentially a reflection of its desire to not worsen tensions with the United States, and Iran is opposing the candidate that Iran's leaders perceive would increase those tensions." The officials did not explicitly name the Trump campaign and referred instead to the key findings of the 2020 assessment. They also stressed that most of Iran's online activities, which they said rely on a "vast web" of internet personas, have been focused on stoking chaos and societal divisions. The influence efforts also coincide with a time of high tensions between Iran and Israel, whose military the U.S. strongly supports. Director of National Intelligence Avril Haines said last month that the Iranian government has covertly supported American protests over Israel's war against Hamas in Gaza. In the statement, issued on July 9, Haines said the intelligence community had "observed actors tied to Iran's government posing as activists online seeking to encourage protests and even providing financial support to protesters." America's foes, Iran among them, have a long history of seeking to influence U.S. elections. In 2020, groups linked to Iran sent emails to Democratic voters in an apparent effort to intimidate them into voting for Trump, intelligence officials said.

Microsoft says Iran ramping up cyber attacks ahead of US presidential election

Iranian actors also have spent recent months creating fake news sites and impersonating activists, laying the groundwork to stoke division and potentially sway American voters this fall, especially in swing states, the technology giant found. The findings in Microsoft's newest threat intelligence report show how Iran, which has been active in recent U.S. campaign cycles, is evolving its tactics for another election that's likely to have global implications. The report goes a step beyond anything U.S. intelligence officials have disclosed, giving specific examples of Iranian groups and the actions they have taken so far. Iran's United Nations mission denied it had plans to interfere or launch cyberattacks in the U.S. presidential election. The report doesn't specify Iran's intentions besides sowing chaos in the United States, though U.S. officials have previously hinted that Iran particularly opposes former President Donald Trump. U.S. officials also have expressed alarm about Tehran's efforts to seek retaliation for a 2020 strike on an Iranian general that was ordered by Trump. This week, the Justice Department unsealed criminal charges against a Pakistani man with ties to Iran who's alleged to have hatched assassination plots targeting multiple officials, potentially including Trump. The report also reveals how Russia and China are exploiting U.S. political polarization to advance their own divisive messaging in a consequential election year. Microsoft's report identified four examples of recent Iranian activity that the company expects to increase as November's election draws closer. First, a group linked to Iran's Revolutionary Guard in June targeted a high-ranking U.S. presidential campaign official with a phishing email, a form of cyberattack often used to gather sensitive information, according to the report, which didn't identify which campaign was targeted. The group concealed the email's origins by sending it from the hacked email account of a former senior adviser, Microsoft said. Days later, the Iranian group tried to log into an account that belonged to a former presidential candidate, but wasn't successful, Microsoft's report said. The company notified those who were targeted. In a separate example, an Iranian group has been creating websites that pose as U.S.-based news sites targeted to voters on opposite sides of the political spectrum, the report said. One fake news site that lends itself to a left-leaning audience insults Trump by calling him "raving mad" and suggests he uses drugs, the report said. Another site meant to appeal to Republican readers centers on LGBTQ issues and gender-affirming surgery. A third example Microsoft cited found that Iranian groups are impersonating U.S. activists, potentially laying the groundwork for influence operations closer to the election. Finally, another Iranian group in May compromised an account owned by a government employee in a swing state, the report said. It was unclear whether that cyberattack was related to election interference efforts. Iran says 'cyber capabilities are defensive' Iran's UN mission sent The Associated Press an emailed statement: "Iran has been the victim of numerous offensive cyber operations targeting its infrastructure, public service centers, and industries. Iran's cyber capabilities are defensive and proportionate to the threats it faces. Iran has neither the intention nor plans to launch cyber attacks. The U.S. presidential election is an internal matter in which Iran does not interfere." The Microsoft report said that as Iran escalates its cyber influence, Russia-linked actors also have pivoted their influence campaigns to focus on the U.S. election, while actors linked to the Chinese Communist Party have taken advantage of pro-Palestinian university protests and other current events in the U.S. to try to raise U.S. political tensions. Microsoft said it has continued to monitor how foreign foes are using generative AI technology. The increasingly cheap and easy-to-access tools can generate lifelike fake images, photos and videos in seconds, prompting concern among some experts that they will be weaponized to mislead voters this election cycle. While many countries have experimented with AI in their influence operations, the company said, those efforts haven't had much impact so far. The report said as a result, some actors have "pivoted back to techniques that have proven effective in the past -- simple digital manipulations, mischaracterization of content, and use of trusted labels or logos atop false information." Microsoft's report aligns with recent warnings from U.S. intelligence officials, who say America's adversaries appear determined to seed the internet with false and incendiary claims ahead of November's vote. Top intelligence officials said last month that Russia continues to pose the greatest threat when it comes to election disinformation, while there are indications that Iran is expanding its efforts and China is proceeding cautiously when it comes to 2024. Iran's efforts seem aimed at undermining candidates seen as being more likely to increase tension with Tehran, the officials said. That's a description that fits Trump, whose administration ended a nuclear deal with Iran, reimposed sanctions and ordered the killing of the top Iranian general. The influence efforts also coincide with a time of high tensions between Iran and Israel, whose military the U.S. strongly supports. Director of National Intelligence Avril Haines said last month that the Iranian government has covertly supported American protests over Israel's war against Hamas in Gaza. Groups linked to Iran have posed as online activists, encouraged protests and provided financial support to some protest groups, Haines said. America's foes, Iran among them, have a long history of seeking to influence U.S. elections. In 2020, groups linked to Iran sent emails to Democratic voters in an apparent effort to intimidate them into voting for Trump, intelligence officials said.

Iran ramping up cyber activity that appears meant to influence the U.S. election, Microsoft says

Iran is accelerating online activity that appears intended to influence the U.S. election, in one case targeting a presidential campaign with an email phishing attack, Microsoft said Friday. Iranian actors also have spent recent months creating fake news sites and impersonating activists, laying the groundwork to stoke division and potentially sway American voters this fall, especially in swing states, the technology giant found. The findings in Microsoft's newest threat intelligence report show how Iran, which has been active in recent U.S. elections, is evolving its tactics for another election that's likely to have global implications. The report goes a step beyond anything U.S. intelligence officials have disclosed, giving specific examples of Iranian groups and the actions they have taken so far. Iran's United Nations mission denied it had plans to interfere or launch cyberattacks in the U.S. presidential election. The report doesn't specify Iran's intentions besides sowing chaos in the United States, though U.S. officials have previously hinted that Iran particularly opposes former President Donald Trump. U.S. officials also have expressed alarm about Tehran's efforts to seek retaliation for a 2020 strike on an Iranian general that was ordered by Trump. This week, the Justice Department unsealed criminal charges against a Pakistani man with ties to Iran who's alleged to have hatched assassination plots targeting multiple officials, potentially including Trump. The report also reveals how Russia and China are exploiting U.S. political polarization to advance their own divisive messaging in a consequential election year. Microsoft's report identified four examples of recent Iranian activity that the company expects to increase as November's election draws closer. First, a group linked to Iran's Revolutionary Guard in June targeted a high-ranking U.S. presidential campaign official with a phishing email, a form of cyberattack often used to gather sensitive information, according to the report, which didn't identify which campaign was targeted. The group concealed the email's origins by sending it from the hacked email account of a former senior adviser, Microsoft said. Days later, the Iranian group tried to log into an account that belonged to a former presidential candidate, but wasn't successful, Microsoft's report said. The company notified those who were targeted. In a separate example, an Iranian group has been creating websites that pose as U.S.-based news sites targeted to voters on opposite sides of the political spectrum, the report said. One fake news site that lends itself to a left-leaning audience insults Trump by calling him "raving mad" and suggests he uses drugs, the report said. Another site meant to appeal to Republican readers centers on LGBTQ issues and gender-affirming surgery. A third example Microsoft cited found that Iranian groups are impersonating U.S. activists, potentially laying the groundwork for influence operations closer to the election. Finally, another Iranian group in May compromised an account owned by a government employee in a swing state, the report said. It was unclear whether that cyberattack was related to election interference efforts. Iran's U.N. mission sent The Associated Press an emailed statement: "Iran has been the victim of numerous offensive cyber operations targeting its infrastructure, public service centers, and industries. Iran's cyber capabilities are defensive and proportionate to the threats it faces. Iran has neither the intention nor plans to launch cyber attacks. The U.S. presidential election is an internal matter in which Iran does not interfere." The Microsoft report said that as Iran escalates its cyber influence, Russia-linked actors also have pivoted their influence campaigns to focus on the U.S. election, while actors linked to the Chinese Communist Party have taken advantage of pro-Palestinian university protests and other current events in the U.S. to try to raise U.S. political tensions. Microsoft said it has continued to monitor how foreign foes are using generative AI technology. The increasingly cheap and easy-to-access tools can generate lifelike fake images, photos and videos in seconds, prompting concern among some experts that they will be weaponized to mislead voters this election cycle. While many countries have experimented with AI in their influence operations, the company said, those efforts haven't had much impact so far. The report said as a result, some actors have "pivoted back to techniques that have proven effective in the past - simple digital manipulations, mischaracterization of content, and use of trusted labels or logos atop false information." Microsoft's report aligns with recent warnings from U.S. intelligence officials, who say America's adversaries appear determined to seed the internet with false and incendiary claims ahead of November's vote. Top intelligence officials said last month that Russia continues to pose the greatest threat when it comes to election disinformation, while there are indications that Iran is expanding its efforts and China is proceeding cautiously when it comes to 2024. Iran's efforts seem aimed at undermining candidates seen as being more likely to increase tension with Tehran, the officials said. That's a description that fits Trump, whose administration ended a nuclear deal with Iran, reimposed sanctions and ordered the killing of the top Iranian general. An update last month from officials with the Office of the Director of National Intelligence (ODNI), FBI and Department of Homeland Security concluded that Tehran's efforts appeared designed to undercut Trump. "Since our last update, the [intelligence community] has observed Tehran working to influence the presidential election, probably because Iranian leaders want to avoid an outcome they perceive would increase tensions with the United States," a senior ODNI official said, adding, "Iran's preference is essentially a reflection of its desire to not worsen tensions with the United States, and Iran is opposing the candidate that Iran's leaders perceive would increase those tensions." The officials did not explicitly name the Trump campaign and referred instead to the key findings of the 2020 assessment. They also stressed that most of Iran's online activities, which they said rely on a "vast web" of internet personas, have been focused on stoking chaos and societal divisions. The influence efforts also coincide with a time of high tensions between Iran and Israel, whose military the U.S. strongly supports. Director of National Intelligence Avril Haines said last month that the Iranian government has covertly supported American protests over Israel's war against Hamas in Gaza. In the statement, issued on July 9, Haines said the intelligence community had "observed actors tied to Iran's government posing as activists online seeking to encourage protests and even providing financial support to protesters." America's foes, Iran among them, have a long history of seeking to influence U.S. elections. In 2020, groups linked to Iran sent emails to Democratic voters in an apparent effort to intimidate them into voting for Trump, intelligence officials said.

Iran accelerating cyber activity that appears meant to influence US...

Iran is ramping up online activity that appears intended to influence the upcoming US election, in one case targeting a presidential campaign with an email phishing attack, Microsoft said Friday. Iranian actors also have spent recent months creating fake news sites and impersonating activists, laying the groundwork to stoke division and potentially sway American voters this fall, especially in swing states, the technology giant found. The findings in Microsoft's newest threat intelligence report show how Iran, which has been active in recent US campaign cycles, is evolving its tactics for another election that's likely to have global implications. The report goes a step beyond anything US intelligence officials have disclosed, giving specific examples of Iranian groups and the actions they have taken so far. Iran's United Nations mission denied it had plans to interfere or launch cyberattacks in the US presidential election. The report doesn't specify Iran's intentions besides sowing chaos in the United States, though US officials have previously hinted that Iran particularly opposes former President Donald Trump. US officials also have expressed alarm about Tehran's efforts to seek retaliation for a 2020 strike on an Iranian general that was ordered by Trump. This week, the Justice Department unsealed criminal charges against a Pakistani man with ties to Iran who's alleged to have hatched assassination plots targeting multiple officials, potentially including Trump. The report also reveals how Russia and China are exploiting US political polarization to advance their own divisive messaging in a consequential election year. Microsoft's report identified four examples of recent Iranian activity that the company expects to increase as November's election draws closer. First, a group linked to Iran's Revolutionary Guard in June targeted a high-ranking US presidential campaign official with a phishing email, a form of cyberattack often used to gather sensitive information, according to the report, which didn't identify which campaign was targeted. The group concealed the email's origins by sending it from the hacked email account of a former senior adviser, Microsoft said. Days later, the Iranian group tried to log into an account belonging to a former presidential candidate but wasn't successful, Microsoft's report said. The company notified those who were targeted. In a separate example, an Iranian group has been creating websites that pose as US-based news sites targeted to voters on opposite sides of the political spectrum, the report said. One fake news site that lends itself to a left-leaning audience insults Trump by calling him "raving mad" and suggests he uses drugs, the report said. Another site meant to appeal to Republican readers centers on LGBTQ issues and gender-affirming surgery. A third example Microsoft cited found that Iranian groups are impersonating US activists, potentially laying the groundwork for influence operations closer to the election. Finally, another Iranian group in May compromised an account owned by a government employee in a swing state, the report said. It was unclear whether that cyberattack was related to election interference efforts. Iran's UN mission sent The Associated Press an emailed statement: "Iran has been the victim of numerous offensive cyber operations targeting its infrastructure, public service centers, and industries. Iran's cyber capabilities are defensive and proportionate to the threats it faces. Iran has neither the intention nor plans to launch cyber attacks. The US presidential election is an internal matter in which Iran does not interfere." The Microsoft report said that as Iran escalates its cyber influence, Russia-linked actors also have pivoted their influence campaigns to focus on the US election, while actors linked to the Chinese Communist Party have taken advantage of pro-Palestinian university protests and other current events in the US to try to raise US political tensions. Microsoft said it has continued to monitor how foreign foes are using generative AI technology. The increasingly cheap and easy-to-access tools can generate lifelike fake images, photos and videos in seconds, prompting concern among some experts that they will be weaponized to mislead voters this election cycle. While many countries have experimented with AI in their influence operations, the company said, those efforts haven't had much impact so far. The report said as a result, some actors have "pivoted back to techniques that have proven effective in the past -- simple digital manipulations, mischaracterization of content, and use of trusted labels or logos atop false information." Microsoft's report aligns with recent warnings from US intelligence officials, who say America's adversaries appear determined to seed the internet with false and incendiary claims ahead of November's vote. Top intelligence officials said last month that Russia continues to pose the greatest threat when it comes to election disinformation, while there are indications that Iran is expanding its efforts and China is proceeding cautiously when it comes to 2024. Iran's efforts seem aimed at undermining candidates seen as being more likely to increase tension with Tehran, the officials said. That's a description that fits Trump, whose administration ended a nuclear deal with Iran, reimposed sanctions and ordered the killing of the top Iranian general. The influence efforts also coincide with a time of high tensions between Iran and Israel, whose military the US strongly supports. Director of National Intelligence Avril Haines said last month that the Iranian government has covertly supported American protests over Israel's war against Hamas in Gaza. Groups linked to Iran have posed as online activists, encouraged protests and provided financial support to some protest groups, Haines said. America's foes, Iran among them, have a long history of seeking to influence US elections. In 2020, groups linked to Iran sent emails to Democratic voters in an apparent effort to intimidate them into voting for Trump, intelligence officials said.

Microsoft says Iran may be meddling with the 2024 U.S. election

Iran is accelerating online activity that appears intended to influence the U.S. election, in one case targeting a presidential campaign with an email phishing attack, Microsoft said Friday. Iranian actors also have spent recent months creating fake news sites and impersonating activists, laying the groundwork to stoke division and potentially sway American voters this fall, especially in swing states, the technology giant found. The findings in Microsoft's newest threat intelligence report show how Iran, which has been active in recent U.S. elections, is evolving its tactics for another election that's likely to have global implications. The report goes a step beyond anything U.S. intelligence officials have disclosed, giving specific examples of Iranian groups and the actions they have taken so far. Iran's United Nations mission denied it had plans to interfere or launch cyberattacks in the U.S. presidential election. The report doesn't specify Iran's intentions besides sowing chaos in the United States, though U.S. officials have previously hinted that Iran particularly opposes former President Donald Trump. U.S. officials also have expressed alarm about Tehran's efforts to seek retaliation for a 2020 strike on an Iranian general that was ordered by Trump. This week, the Justice Department unsealed criminal charges against a Pakistani man with ties to Iran who's alleged to have hatched assassination plots targeting multiple officials, potentially including Trump. The report also reveals how Russia and China are exploiting U.S. political polarization to advance their own divisive messaging in a consequential election year. Microsoft's report identified four examples of recent Iranian activity that the company expects to increase as November's election draws closer. First, a group linked to Iran's Revolutionary Guard in June targeted a high-ranking U.S. presidential campaign official with a phishing email, a form of cyberattack often used to gather sensitive information, according to the report, which didn't identify which campaign was targeted. The group concealed the email's origins by sending it from the hacked email account of a former senior adviser, Microsoft said. Days later, the Iranian group tried to log into an account that belonged to a former presidential candidate, but wasn't successful, Microsoft's report said. The company notified those who were targeted. In a separate example, an Iranian group has been creating websites that pose as U.S.-based news sites targeted to voters on opposite sides of the political spectrum, the report said. One fake news site that lends itself to a left-leaning audience insults Trump by calling him "raving mad" and suggests he uses drugs, the report said. Another site meant to appeal to Republican readers centers on LGBTQ issues and gender-affirming surgery. A third example Microsoft cited found that Iranian groups are impersonating U.S. activists, potentially laying the groundwork for influence operations closer to the election. Finally, another Iranian group in May compromised an account owned by a government employee in a swing state, the report said. It was unclear whether that cyberattack was related to election interference efforts. Iran's U.N. mission sent The Associated Press an emailed statement: "Iran has been the victim of numerous offensive cyber operations targeting its infrastructure, public service centers, and industries. Iran's cyber capabilities are defensive and proportionate to the threats it faces. Iran has neither the intention nor plans to launch cyber attacks. The U.S. presidential election is an internal matter in which Iran does not interfere." The Microsoft report said that as Iran escalates its cyber influence, Russia-linked actors also have pivoted their influence campaigns to focus on the U.S. election, while actors linked to the Chinese Communist Party have taken advantage of pro-Palestinian university protests and other current events in the U.S. to try to raise U.S. political tensions. Microsoft said it has continued to monitor how foreign foes are using generative AI technology. The increasingly cheap and easy-to-access tools can generate lifelike fake images, photos and videos in seconds, prompting concern among some experts that they will be weaponized to mislead voters this election cycle. While many countries have experimented with AI in their influence operations, the company said, those efforts haven't had much impact so far. The report said as a result, some actors have "pivoted back to techniques that have proven effective in the past -- simple digital manipulations, mischaracterization of content, and use of trusted labels or logos atop false information." Microsoft's report aligns with recent warnings from U.S. intelligence officials, who say America's adversaries appear determined to seed the internet with false and incendiary claims ahead of November's vote. Top intelligence officials said last month that Russia continues to pose the greatest threat when it comes to election disinformation, while there are indications that Iran is expanding its efforts and China is proceeding cautiously when it comes to 2024. Iran's efforts seem aimed at undermining candidates seen as being more likely to increase tension with Tehran, the officials said. That's a description that fits Trump, whose administration ended a nuclear deal with Iran, reimposed sanctions and ordered the killing of the top Iranian general. The influence efforts also coincide with a time of high tensions between Iran and Israel, whose military the U.S. strongly supports. Director of National Intelligence Avril Haines said last month that the Iranian government has covertly supported American protests over Israel's war against Hamas in Gaza. Groups linked to Iran have posed as online activists, encouraged protests and provided financial support to some protest groups, Haines said. America's foes, Iran among them, have a long history of seeking to influence U.S. elections. In 2020, groups linked to Iran sent emails to Democratic voters in an apparent effort to intimidate them into voting for Trump, intelligence officials said.

Iran accelerating cyber activity to influence US election, Microsoft says | BreakingNews.ie

Iran is ramping up online activity that appears intended to influence the upcoming US election - in one case, targeting a presidential campaign with an email phishing attack, Microsoft has said. Iranian actors also have spent recent months creating fake news sites and impersonating activists, laying the groundwork to stoke division and potentially sway American voters this autumn, especially in swing states, the technology giant found. The findings in Microsoft's newest threat intelligence report show how Iran, which has been active in recent US campaign cycles, is evolving its tactics for another election that is likely to have global implications. The report goes a step beyond anything US intelligence officials have disclosed, giving specific examples of Iranian groups and the actions they have taken so far. Iran's United Nations mission denied it had plans to interfere or launch cyber attacks in the US presidential election. The report does not specify Iran's intentions besides sowing chaos in the United States, though American officials have previously hinted that Iran particularly opposes former president Donald Trump. US officials also have expressed alarm about Tehran's efforts to seek retaliation over a 2020 strike on an Iranian general that was ordered by Mr Trump. This week, the justice department in Washington unsealed criminal charges against a Pakistani man with ties to Iran who is alleged to have hatched assassination plots targeting multiple officials, potentially including Trump. The report also reveals how Russia and China are exploiting US political polarization to advance their own divisive messaging in a consequential election year. Microsoft's report identified four examples of recent Iranian activity that the company expects to increase as November's election draws closer. First, a group linked to Iran's Revolutionary Guard in June targeted a high-ranking US presidential campaign official with a phishing email, a form of cyber attack often used to gather sensitive information, according to the report, which did not identify which campaign was targeted. The group concealed the email's origins by sending it from the hacked email account of a former senior adviser, Microsoft said. Days later, the Iranian group tried to log into an account that belonged to a former presidential candidate, but was not successful, Microsoft's report said. The company notified those who were targeted. In a separate example, an Iranian group has been creating websites that pose as US-based news sites targeted to voters on opposite sides of the political spectrum, the report said. One fake news site that lends itself to a left-leaning audience insults Mr Trump by calling him "raving mad" and suggests he uses drugs, the report said. Another site meant to appeal to Republican readers centres on LGBTQ issues and gender-affirming surgery. A third example Microsoft cited found that Iranian groups are impersonating US activists, potentially laying the groundwork for influence operations closer to the election. Finally, another Iranian group in May compromised an account owned by a US government employee in a swing state, the report said. It was unclear whether that cyber attack was related to election interference efforts. Iran's UN mission sent The Associated Press an emailed statement: "Iran has been the victim of numerous offensive cyber operations targeting its infrastructure, public service centres, and industries. "Iran's cyber capabilities are defensive and proportionate to the threats it faces. Iran has neither the intention nor plans to launch cyber attacks. "The US presidential election is an internal matter in which Iran does not interfere." The Microsoft report said that as Iran escalates its cyber influence, Russia-linked actors also have pivoted their influence campaigns to focus on the US election, while actors linked to the Chinese Communist Party have taken advantage of pro-Palestinian university protests and other current events in the US to try to raise political tensions. Microsoft said it has continued to monitor how foreign foes are using generative AI technology. The increasingly cheap and easy-to-access tools can generate lifelike fake images, photos and videos in seconds, prompting concern among some experts that they will be weaponized to mislead voters this election cycle. While many countries have experimented with AI in their influence operations, the company said, those efforts have not had much impact so far. The report said as a result, some actors have "pivoted back to techniques that have proven effective in the past - simple digital manipulations, mischaracterization of content, and use of trusted labels or logos atop false information". Microsoft's report aligns with recent warnings from US intelligence officials, who say America's adversaries appear determined to seed the internet with false and incendiary claims ahead of November's vote. Top intelligence officials said last month that Russia continues to pose the greatest threat when it comes to election disinformation, while there are indications that Iran is expanding its efforts and China is proceeding cautiously when it comes to 2024. Iran's efforts seem aimed at undermining candidates seen as being more likely to increase tension with Tehran, the officials said. That is a description that fits Mr Trump, whose administration ended a nuclear deal with Iran, reimposed sanctions and ordered the killing of the top Iranian general.

Iranians ramp up cyber attacks linked to US election, warns Microsoft

Iranian state-backed actors have sought to access senior US political figures' email accounts and launched "covert news sites" aimed at American readers as part of an increase in disinformation and cyber attacks ahead of the country's elections, Microsoft has said. A group run by Iran's Revolutionary Guards in June sent a spear-phishing email, or personalised hacking attempt, to a "high-ranking official of a presidential campaign" from the compromised email account of a former senior adviser, the Microsoft Threat Analysis Center said on Friday. The same group tried unsuccessfully to log into the email account of a former presidential hopeful, the Seattle-based company said. A different Iranian group was launching "covert news sites" targeting US voters on both ends of the political spectrum in the run-up to November's presidential vote, said Microsoft. One such website, called Nio Thinker, ran content that "insulted" former president and Republican presidential candidate Donald Trump, calling him an "opioid-pilled elephant in the MAGA china shop", the report said. Such sites were using artificial intelligence to plagiarise content from US outlets in an effort to draw in traffic while hiding the original sources of the information, it found. In 2018, during his previous term in office, Trump unilaterally abandoned the 2015 nuclear accord that Tehran had signed with world powers and imposed waves of sanctions on the Islamic republic, putting its economy under severe pressure. Microsoft said it expected to see Iranian cyber attacks targeting political candidates, at the same time as malicious actors linked to the state sought to worsen existing divisions in the US, for example by exploiting racial tensions. Such efforts, which could become more extreme and escalate into the incitement of violence against political figures, aimed to create chaos, undermine authorities and "sow doubt" about the integrity of the November election, the report said. Iran's mission to the UN said last month that Iran "has no intention or activities aimed at influencing the US elections". The Iranian mission told Reuters its cyber capabilities were "defensive and proportionate to the threats it faces" and it had no plans to launch cyber attacks. "The US presidential election is an internal matter in which Iran does not interfere," the mission added in response to the Microsoft report. Microsoft's Threat Analysis Center said that "foreign malign influence" related to the November election had "picked up pace over the last six months", due initially to Russian efforts but more recently thanks to growing Iranian activity. Experts are on high alert for disinformation and other digital interference ahead of November's election, in which US vice-president Kamala Harris will compete against Trump. Such efforts were thrust into the spotlight during and after the 2016 US presidential election, when Russian state-backed actors sought to interfere with the contest in which Trump won the White House. Conspiracy theories have already mushroomed online ahead of this year's vote, with experts alert to the potential for artificial intelligence to add to the volume of fake information designed to influence voters and stoke tensions. Attempts by Iranian government-linked groups to influence US elections had been a "consistent feature" of at least the last three times the electorate went to the polls, Microsoft said. However, activity had stepped up in recent weeks, with Iranian groups allegedly laying the "groundwork" for influence operations and taking steps to gather intelligence on political campaigns, the report said. More broadly, Microsoft said it was tracking the use of AI in foreign powers' influence operations. While malicious actors had experimented with the technology, many had "pivoted back" to simpler things including the mis-characterisation of content, it said. Russian-backed groups, meanwhile, continued to push false information in the lead up to the election, including by promoting outlandish claims from "nonexistent whistleblowers", disinformation and false conspiracy theories, the report said.

Iran is targeting the U.S. election with fake news sites and cyber operations, research says

A man walks past an anti-U.S. mural on the wall of former U.S. Embassy in Tehran, Iran January 21, 2020. Iran is stepping up its influence campaign aimed at the U.S., researchers at Microsoft said in a new report, adding to the ongoing efforts by Russia and China to sway American public opinion before the presidential election. Researchers identified websites that they attributed to the Iranian operation, aimed at voters on the political left and right. One website, Nio Thinker, bills itself as "your go-to destination for insightful, progressive news and analysis that challenges the status quo" and hosts articles that bash former President Donald Trump and hail Vice President Kamala Harris as "our unexpected, awkward savior." Another site identified by researchers, Savannah Time, poses as a voicey conservative local alt-weekly. "We're opinionated, we're noisy, and we're having a good time," the about section of the site says. It hosts articles claiming to be written by "the spokeswoman for the International League for Women's Rights," arguing for more modest Olympics beach volleyball bathing suits, next to articles lauding Iran's military might. The Microsoft Threat Analysis Center noted the sites were likely using artificial intelligence tools to lift content from legitimate U.S. news publications and repackage articles in a way that hides the content's source. The group behind the sites, according to Microsoft, is part of a larger Iranian operation, active since 2020, that operates more than a dozen other fake news sites targeting English-, French-, Spanish- and Arabic-speaking audiences. The campaign has not found significant success with a U.S. audience, and the sites' content has not been shared widely on social media, according to the researchers. But researchers say the sites could be used closer to the election. Beyond the effort to sow controversy and divide Americans before the vote, researchers said another group linked to the Islamic Revolutionary Guard Corps targeted a "high-ranking official on a presidential campaign" in June with a spear-phishing email from a compromised email account of a former senior adviser and attempted to access an account belonging to "a former presidential candidate." The report did not name the people who had been targeted. Iran's United Nations mission did not immediately respond to a request for comment but denied the reports of meddling in a statement to The Associated Press: "Iran has been the victim of numerous offensive cyber operations targeting its infrastructure, public service centers, and industries. Iran's cyber capabilities are defensive and proportionate to the threats it faces. Iran has neither the intention nor plans to launch cyber attacks. The U.S. presidential election is an internal matter in which Iran does not interfere." Microsoft's report also noted continued activity by Russia, including an operation by a group researchers call Storm-1516, which produces propaganda videos in support of Trump and Russian interests and distributes them through a network of fake news websites connected to a former U.S. police officer. China-linked actors, the report said, had also pivoted increasingly to spreading propaganda via video and had leveraged a network of online accounts to stoke outrage around pro-Palestinian university protests. The researchers reported an expectation that Iran, along with China and Russia, would intensify cyberattacks against candidates and institutions and increase efforts to divide Americans with propaganda and disinformation in the run-up to the election.

Iran is targeting the U.S. election with fake news sites and cyber operations, research says

The aim of the effort seems to be to sow division in the U.S., researchers at Microsoft said. Iran denied the report. Iran is stepping up its influence campaign aimed at the U.S., researchers at Microsoft said in a new report, adding to the ongoing efforts by Russia and China to sway American public opinion before the presidential election. Researchers identified websites that they attributed to the Iranian operation, aimed at voters on the political left and right. One website, Nio Thinker, bills itself as "your go-to destination for insightful, progressive news and analysis that challenges the status quo" and hosts articles that bash former President Donald Trump and hail Vice President Kamala Harris as "our unexpected, awkward savior." Another site identified by researchers, Savannah Time, poses as a voicey conservative local alt-weekly. "We're opinionated, we're noisy, and we're having a good time," the about section of the site says. It hosts articles claiming to be written by "the spokeswoman for the International League for Women's Rights," arguing for more modest Olympics beach volleyball bathing suits, next to articles lauding Iran's military might. The Microsoft Threat Analysis Center noted the sites were likely using artificial intelligence tools to lift content from legitimate U.S. news publications and repackage articles in a way that hides the content's source. The group behind the sites, according to Microsoft, is part of a larger Iranian operation, active since 2020, that operates more than a dozen other fake news sites targeting English-, French-, Spanish- and Arabic-speaking audiences. The campaign has not found significant success with a U.S. audience, and the sites' content has not been shared widely on social media, according to the researchers. But researchers say the sites could be used closer to the election. Beyond the effort to sow controversy and divide Americans before the vote, researchers said another group linked to the Islamic Revolutionary Guard Corps targeted a "high-ranking official on a presidential campaign" in June with a spear-phishing email from a compromised email account of a former senior adviser and attempted to access an account belonging to "a former presidential candidate." The report did not name the people who had been targeted. Iran's United Nations mission did not immediately respond to a request for comment but denied the reports of meddling in a statement to The Associated Press: "Iran has been the victim of numerous offensive cyber operations targeting its infrastructure, public service centers, and industries. Iran's cyber capabilities are defensive and proportionate to the threats it faces. Iran has neither the intention nor plans to launch cyber attacks. The U.S. presidential election is an internal matter in which Iran does not interfere." Microsoft's report also noted continued activity by Russia, including an operation by a group researchers call Storm-1516, which produces propaganda videos in support of Trump and Russian interests and distributes them through a network of fake news websites connected to a former U.S. police officer. China-linked actors, the report said, had also pivoted increasingly to spreading propaganda via video and had leveraged a network of online accounts to stoke outrage around pro-Palestinian university protests. The researchers reported an expectation that Iran, along with China and Russia, would intensify cyberattacks against candidates and institutions and increase efforts to divide Americans with propaganda and disinformation in the run-up to the election.

Iran hackers target US officials to influence election, Microsoft says

Hackers tried breaking into account of 'high-ranking official' on US presidential campaign, researchers say Microsoft researchers said on Friday that Iran government-tied hackers tried breaking into the account of a "high-ranking official" on the US presidential campaign in June, weeks after breaching the account of a county-level US official. The breaches were part of Iranian groups' increasing attempts to influence the US presidential election in November, the researchers said in a report that did not provide any further detail on the apparent official in question. The report follows recent statements by senior US intelligence officials that they'd seen Iran ramp up use of clandestine social media accounts with the aim to use them to try to sow political discord in the US. The report also reveals how Russia and China are exploiting US political polarization to advance their own divisive messaging in a consequential election year. Iran's mission to the UN in New York told Reuters in a statement that its cyber capabilities were "defensive and proportionate to the threats it faces" and that it had no plans to launch cyber-attacks. "The US presidential election is an internal matter in which Iran does not interfere," the mission added in response to the allegations in the Microsoft report. The report said: "A group run by the Islamic Revolutionary Guard Corps (IRGC) intelligence unit sent a spear-phishing email to a high-ranking official of a presidential campaign" and "another group with assessed links to the IRGC compromised a user account with minimal access permissions at a county-level government." It said the activity appeared part of a broader push by Iranian groups to gain intelligence on US political campaigns and target US swing states. It said the county employee's account was breached in May as part of a wider "password spray operation" - one where hackers use common or leaked passwords en masse on many accounts until they can break into one. The hackers weren't able to access any other accounts through that breach and the targets were notified, the report added. The report doesn't specify Iran's intentions besides sowing chaos in the US, though US officials have previously hinted that Iran particularly opposes former president and Republican nominee Donald Trump over his Democratic party rival, Kamala Harris. The researchers also said another Iranian group had been launching covert news sites that used artificial intelligence to lift content from legitimate news sites, and targeted US voters on opposite sides of the political spectrum. It named the two sites as Nio Thinker - a left-leaning site - and a conservative site called Savannah Time. When browsed on Friday, both websites had similar formats on their About Us page, and neither listed any contact detail. Nio Thinker calls itself "your go-to destination for insightful, progressive news and analysis that challenges the status quo", while Savannah Time says it is "a reflection of the values that make Savannah unique" and a place "where conservative values meet local insight". The Microsoft report said that as Iran escalates its cyber influence, Russia-linked actors also have pivoted their influence campaigns to focus on the US election, while actors linked to the Chinese Communist party have taken advantage of pro-Palestinian university protests and other current events in the US to try to raise US political tensions. Microsoft said it has continued to monitor how foreign foes are using generative AI technology. The increasingly cheap and easy-to-access tools can generate lifelike fake images, photos and videos in seconds, prompting concern among some experts that they will be weaponized to mislead voters this election cycle.

Multiple Iran groups step up US election influence efforts

Political officials, advisors targeted in cyber attacks as fake news sites deliver lefty zingers Microsoft says Iran's efforts to influence the November US presidential election have gathered pace recently and there are signs that point toward its intent to incite violence against key figures. "Over the past several months, we have seen the emergence of significant influence activity by Iranian actors," Microsoft said. "Iranian cyber-enabled influence operations have been a consistent feature of at least the last three US election cycles." The Windows maker added: "Iran's operations have been notable and distinguishable from Russian campaigns for appearing later in the election season and employing cyberattacks more geared toward election conduct than swaying voters. Recent activity suggests the Iranian regime - along with the Kremlin - may be equally engaged in election 2024." Multiple state-sponsored groups and those whose affiliations are unknown are thought to be involved, each with their own objectives and methods. The group Microsoft tracks as Sefid Flood, for example, has been laying the groundwork for influence operations since March 2024. Microsoft didn't go into detail about what this staging activity entailed, but Sefid Flood is known for impersonating social and political activist groups with a view to undermining trust in officials and election systems themselves. It's perhaps why the US has been so adamant recently that its elections are safer than they've ever been. CISA director Jen Easterly spoke on the topic at Black Hat this week, saying the infrastructure is sound, but influence operations, namely from Russia, are a concern due to their improving sophistication. Sefid Flood may look to use its impersonations as a means to "stoke chaos", Microsoft said, and its operations "may go as far as intimidation, doxxing, or violent incitement targeting political figures or social/political groups." On the state-sponsored side of things, Mint Sandstorm and Peach Sandstorm are both run by Iranian intelligence, the Islamic Revolutionary Guard Corps (IRGC). As recently as June 2024, Mint Sandstorm was caught trying to spear-phish a presidential campaign official using a former senior advisor's account the group compromised. The email contained a link that could have allowed the IRGC to intercept the official's traffic. Just days before, on June 13, Mint Sandstorm also tried - and failed - to access the account of a former presidential candidate. While there's no definitive proof this activity was election-related, the timing of it being so close to the targeting of the aforementioned official suggests it might be. The group is also known for targeting political figures for reasons other than elections - it has been doing so for years - so no firm conclusions can be drawn officially. A month earlier in May, its IRGC cousin, Peach Sandstorm, embarked on a wide password spraying mission that helped it gain access to a user account at a county-level government in a US swing state. It didn't actually do a great deal with that access so it may not have been election-related and instead more of a dumb-luck result, but Microsoft noted the county, located in a known swing state, had recently experienced a "race-related controversy" that made national news. The description is too broad and racism too rife in the US to even draw any kind of conclusions here - it could have been in one of multiple possible states as many fit that description. It was part of Russia's recent attempts to influence the Paris Olympics and Iran has also been observed setting up phony news outlets in an apparent attempt to engage voters on each side of the political divide. One site has been online and active since 2022, "covering" the US mid-terms. EvenPolitics publishes around 10 articles a week and is run by Storm-2035, which also has various other sites set up to influence audiences in Arabic, English, French, and Spanish languages. Microsoft names groups "Storm-X" when they're under active development. Nio Thinker was created in October 2023 to cover the Israel-Hamas conflict, but recently shifted to target left-leaning US voters with sarcastic, anti-Trump tirades. It does have some real zingers to be fair, calling the Republican candidate/felon an "opioid-pilled elephant in the MAGA china shop" and a "raving mad litigiosaur." Savannah Time, on the other hand, seeks out conservative audiences with pieces on Republican politics and topics such as gender-based issues. "Microsoft Threat Analysis Center has not observed significant social media amplification of these sites as of yet, though it is possible they will begin closer to election day," the report [PDF] reads. The frequency with which the sites are updated suggests that the pro-Iran actors are dedicating a decent amount of resources to the endeavor, although AI is helping them out a smidge. "Examination of webpage source code and indicators in the articles themselves suggest the sites' operators are likely using SEO plugins and other generative AI-based tools to create article titles, keywords, and to automatically rephrase stolen content in a way that drives search engine traffic to their sites while obfuscating the content's original source," Microsoft said. ®

Microsoft detects fake news sites linked to Iran aimed at meddling in U.S. election

Microsoft's Threat Analysis Center found groups linked to Russia, Iran and China have been steadily launching efforts online to sow division or spread disinformation among U.S voters. Tony Karumba/AFP via Getty Images hide caption Groups connected to the Iranian government are using a spectrum of online tactics to interfere with the U.S. presidential election, according to a new Microsoft report published Friday. Researchers at Microsoft's Threat Analysis Center found Iranian operatives have been laying the groundwork to incite chaos and sow division among American voters ahead of Election Day. Some of their strategies include setting up fake news sites and targeting government employees and officials. Iran's attempts to meddle in U.S. politics come on top of efforts by groups linked to Russia. But the two countries have notably different approaches, according to Clint Watts, the Center's general manager. "Russia is very different. They're very focused on shaping the outcome of the election. Iran is focused as much on just breaking the ability of an election to occur," he said. Microsoft's Threat Analysis Center tracks influence operations from foreign operatives, mainly from Russia, Iran and China, and their attempts to interfere with elections and political discourse. According to the Center, Iran has tried to sway American voters in at least the past three election cycles. In 2021, the Justice Department charged two suspected Iranian hackers for allegedly sending threatening emails and spreading false information to voters ahead of the 2020 presidential race. Iranian operatives are behind fake news sites using A.I. Microsoft researchers found that an Iranian group, Storm-2035, was behind four websites pretending to be American news outlets. The fake sites cater to both liberal and conservative audiences and amplify polarizing messaging on hot-button issues related to LGBTQ rights and the Israel-Hamas conflict. One fake site, Nio Thinker, was created last year and has been pushing out "sarcastic, long-winded articles insulting Trump," according to the report. Another faux news outlet, called Savannah Time, claimed to be a "trusted source for conservative news in the vibrant city of Savannah." "The reason they set those up is because if they do a hacking operation later, they want to have usually -- we believe -- places to drop out the hacked materials and narratives they want to advance," Watts said. Researchers also found evidence indicating that some of these fake sites used AI to rephrase or plagiarize content from actual news outlets. Iranian hackers target email accounts of campaign advisers and a government employee in a swing state This past June, Iranian hackers connected to the Islamic Revolutionary Guard Corps (IRGC), compromised the email account of a former adviser to a U.S. presidential campaign in an attempt to contact a current senior official in that campaign, according to the Microsoft report. That email included a link that would have compromised other accounts. "Within days of this activity, the same group unsuccessfully attempted to log into an account belonging to a former presidential candidate," the report said. Earlier in May, another group with links to the IRGC, breached the account of a county-level government employee in a swing state. That compromise was part of "broader password spray operation" and the report said it's unclear the motives were election-related.

Iranian Operatives Trying To Influence US Election With Fake News, Cyber Attacks: Microsoft - News18

Microsoft researchers reveal Iranian hackers targeted U.S. officials before the election, breaching accounts and using covert tactics to influence political discourse Iran government-tied hackers tried breaking into the account of a "high-ranking official" on the US presidential campaign in June, Microsoft researchers said on Friday. The breaches were part of Iranian groups' increasing attempts to influence the US presidential election in November. "Today we're sharing intelligence about activity we've been tracking that increasingly points to Iran's intent to influence this year's US presidential election," the researchers said in a new report. It follows recent statements by senior US Intelligence officials that they'd seen Iran ramp up the use of clandestine social media to sow political discord in the United States. In a statement, Iran's mission to the UN in New York told Reuters that its cyber capabilities were "defensive and proportionate to the threats it faces" and that it had no plans to launch cyber attacks. "The U.S. presidential election is an internal matter in which Iran does not interfere," the mission added in response to the allegations in the Microsoft report. "A group run by the Islamic Revolutionary Guard Corps (IRGC) intelligence unit sent a spear-phishing email to a high-ranking official of a presidential campaign" and "another group with assessed links to the IRGC compromised a user account with minimal access permissions at a county-level government," the report said. It said the activity appeared part of a broader push by Iranian groups to gain intelligence on US political campaigns and target US swing states. It said the county employee's account was breached in May as part of a wider "password spray operation" - one where hackers use common or leaked passwords en masse on many accounts until they can break into one. The hackers weren't able to access any other accounts through that breach and the targets were notified, the report added. The researchers also said another Iranian group had been launching "covert" news sites that used artificial intelligence to lift content from legitimate news sites, and targeted U.S. voters on opposite sides of the political spectrum. It named the two sites as Nio Thinker -- a left-leaning site -- and a conservative site called Savannah Time. When browsed on Friday, both websites had similar formats on their 'About Us' page, and neither listed any contact detail. Nio Thinker calls itself "your go-to destination for insightful, progressive news and analysis that challenges the status quo", while Savannah Time says it is "a reflection of the values that make Savannah unique" and a place "where conservative values meet local insight."

Microsoft warns of Iranian AI efforts to influence 2024 U.S. presidential election

Aug. 9 (UPI) -- Microsoft warned in a Thursday report that Iran is seeking to influence the 2024 U.S. presidential election with cyber AI-enabled campaigns targeting both left-leaning and conservative voters. "In recent weeks, groups connected with the Iranian government have upped two kinds of activity," Microsoft said in a statement. "First, they've laid the groundwork for influence campaigns on trending election-related topics and begun to activate these campaigns in an apparent effort to stir up controversy or sway voters -- especially in swing states. Second, they've launched operations that Microsoft assesses are designed to gain intelligence on political campaigns and help enable them to influence the elections in the future." The Microsoft Threat Intelligence Report said Iran is working online to target both U.S. left-leaning political audiences and conservatives. One Iranian group is using covert so-called news sites like Nio Thinker to attack Donald Trump as an "opioid-pilled elephant in the MAGA China shop" and Savannah Time that targets conservatives with LGBTQ+ issues and gender reassignment content, according to Microsoft. The report added that Microsoft has found evidence that groups connected to Iran's government are using AI-enabled services to plagiarize content from U.S. publications. Microsoft said these efforts seek to stoke discord, to carry out influence campaigns and stir controversy in battleground states while gathering intelligence on U.S. politics, and incite chaos and undermine authorities while sowing doubt about election integrity. Another Iranian group, according to Microsoft, has been building the groundwork for influence operations targeting the United States since March "that are even more extreme, including intimidation or inciting violence against political figures or groups." Microsoft's report said a group connected with Iran's Revolutionary Guards Corps sent out phishing emails in June to "a high-ranking official on a presidential campaign from the compromised email account of a former senior advisor." The email had a link that would direct traffic through a domain controlled by the group before routing to the website of the provided link. "Within days of this activity, the same group unsuccessfully attempted to log into an account belonging to a former presidential candidate," Microsoft said. "We've since notified those targeted." Microsoft said it is sharing the intelligence on these activities so American voters, candidates, political parties, government institutions and others can be aware of the influence campaigns targeting U.S. elections and the political system. Prior to the 2020 election, Microsoft's threat assessment team issued similar warnings about "an Iran-based cybercrime faction" it believed was working to interfere in the presidential election. At that time targeted accounts were associated with a U.S. presidential campaign, journalists covering global politics and prominent Iranians living outside Iran. In April a Microsoft report said artificial intelligence threats from China and North Korea were aimed at influencing U.S., South Korean and Indiana elections. Among the Chinese malign efforts to influence U.S. elections, according to Microsoft, were AI deep fake videos, audio and false "news reports" that had AI-generated phony news anchors. Microsoft's assessment of those efforts was that they were used to amplify controversial issues while posting false stories, but the impact in altering voter opinions was low. At the same time, Microsoft warned China's "increasing experimentation in augmenting memes, videos, and audio will continue-and may prove effective down the line."

Microsoft uncovers Iranian cyber activities designed to influence US elections - SiliconANGLE

Microsoft uncovers Iranian cyber activities designed to influence US elections Microsoft Corp. researchers have uncovered several Iranian cyber operations designed to influence the U.S. elections. The company detailed its findings in a report published today. The research was carried out by its MTAC, or Microsoft Threat Analysis Center, unit. MTAC focuses on tracking online influence operations run by state-backed actors. The cyber campaigns detailed in the report are run by four Iranian groups. Two of the groups focus on stirring controversy and swaying U.S. voters. The other two, in turn, are seeking to collect intelligence about political campaigns with the goal of influencing the elections. The first group uncovered by Microsoft's MTAC unit created a set of fake news websites focused on political topics. One of the websites, called Nio Thinker, targeted left-leaning voters. Another website called the Savannah Time positioned itself as the "trusted source for conservative news in the vibrant city of Savannah." Microsoft's researchers determined that the websites included content plagiarized from U.S. publications using artificial intelligence. MTAC also identified a second Iranian group focused on carrying out influence operations. "We believe this group may be setting itself up for activities that are even more extreme, including intimidation or inciting violence against political figures or groups, with the ultimate goals of inciting chaos, undermining authorities, and sowing doubt about election integrity," Microsoft's researchers detailed. The company believes that the group has been been laying the groundwork for this influence campaign since March. The two other Iranian cyber groups detailed in today's report have a different goal: collecting intelligence about U.S. political campaigns. One of those groups recently sent a spear phishing email to a high-ranking official on a presidential campaign. According to MTAC, the message was sent from the compromised email account of a former senior advisor. The message contained a website link that rerouted the user's traffic through a domain controlled by the hackers. The second intelligence gathering group identified by Microsoft compromised an "account of a county-level government employee in a swing state." The company didn't specify the service in which the compromised account was created. Microsoft says that the breach was part of a broader password spraying attack, which is a type of cyberattack in which a hacker attempts to take over multiple accounts using a single stolen password. Today's report comes about five months after Microsoft's MTAC unit detailed two China-backed disinformation campaigns targeted at voters in the U.S. and abroad. One of the campaigns spread disinformation using a network of social media accounts designed to impersonate U.S. voters. The other influence operation spread fake news about trending topics.