Russia, China hackers targeting US vote, Microsoft warns

Rob Lever and Julie Jammot, Agence France-Presse

Posted at Sep 11 2020 06:50 AM

Russia, China hackers targeting US vote, Microsoft warns 1
Employees at Microsoft’s cybercrimes unit in Redmond, Wash, Nov. 2, 2018. The Russian military intelligence unit that attacked the Democratic National Committee four years ago is back with a series of new, more stealthy hacks aimed at both Democratic and Republican campaigns, Microsoft warned in September 2020. Kyle Johnson, The New York Times

WASHINGTON -- Microsoft said Thursday it had thwarted recent cyberattacks from China, Russia and Iran targeting both Republican and Democratic presidential campaigns, as technology giants scrambled to protect election security less than two months ahead of the US vote.

Twitter announced it would implement a policy next week to remove "false or misleading information intended to undermine public confidence in an election," including unverified claims of victory, and Google said it would take steps to ensure its "auto complete" search feature avoids any misleading or false claims.

Microsoft said in a security blog that attackers have been targeting staff from the campaigns of President Donald Trump and his Democratic rival, Joe Biden.

"In recent weeks, Microsoft has detected cyberattacks targeting people and organizations involved in the upcoming presidential election, including unsuccessful attacks on people associated with both the Trump and Biden campaigns," said corporate vice president Tom Burt.

"The activity we are announcing today makes clear that foreign activity groups have stepped up their efforts targeting the 2020 election as had been anticipated, and is consistent with what the US government and others have reported."

The attackers have been active against political operatives, think tanks, consultants and political parties in Europe as well, Microsoft said.

It identified a Russia-based group called Strontium which Burt said "has attacked more than 200 organizations" and China-based Zirconium, which he said "has attacked high-profile individuals associated with the election, including people associated with the Joe Biden for President campaign and prominent leaders in the international affairs community."

An Iran-based group dubbed Phosphorus has been targeting personal accounts of people associated with the Trump campaign, Microsoft said.

"The majority of these attacks were detected and stopped by security tools built into our products," Burt said.

"We have directly notified those who were targeted or compromised so they can take action to protect themselves."


Twitter's new policy in effect from Sept. 17 bans "false or misleading information" about voting as well as "disputed claims that could undermine faith in the process itself," such as allegations of election rigging, ballot tampering, vote tallying or certification of election results.

The move comes amid rising concerns about when results will be verified for the Nov. 3 presidential election, in view of an expected large volume of mail-in ballots -- a process under attack from President Donald Trump who has spent months attacking its integrity.

The new policy prohibits "misleading claims about the results" or interference with the electoral process such as "claiming victory before election results have been certified, inciting unlawful conduct to prevent a peaceful transfer of power or orderly succession."

Some analysts have suggested that Trump may reject the election results or refuse to leave office if he loses, while Trump himself has spent months suggesting Democrats were attempting to "rig" the election and refusing to say whether he will accept the results.

Both Twitter and Facebook have placed labels on Trump posts about on mail-in voting -- sent out to his tens of millions of followers.

The Twitter Safety team said it expects to take a strict approach to the updated policies.

"We will not permit our service to be abused around civic processes, most importantly elections," the company said.

"Any attempt to do so -- both foreign and domestic -- will be met with strict enforcement of our rules, which are applied equally and judiciously for everyone."

Google announced separately it would tighten controls for its "autocomplete" search feature to guard against misinformation.

"We will remove predictions that could be interpreted as claims for or against any candidate or political party," search vice president Pandu Nayak said.

"We will also remove predictions that could be interpreted as a claim about participation in the election -- like statements about voting methods, requirements, or the status of voting locations --or the integrity or legitimacy of electoral processes, such as the security of the election."

This will rule out predictions such as "you can vote by phone," Nayak said.

Social media operators have been struggling with disinformation campaigns from Russia, China and other countries along with unverified claims by Trump on the vote process.

Facebook said last month it was bracing for efforts by Trump or others to attack the integrity of the US election.

According to media reports, Facebook was mapping out responses to post-election scenarios including efforts by Trump to use the leading social network to wrongly claim victory or contend the outcome is not legitimate.

© Agence France-Presse