Iranian cyberattacks on the 2024 elections: Microsoft identifies new threats
On September 18, 2024, Brad Smith, Vice Chair and President of Microsoft Corporation, appeared before the U.S. Senate Intelligence Committee to discuss the growing foreign threats to elections, with a special focus on the roles and responsibilities of U.S. tech companies in combating these risks. His speech highlighted Iran's ongoing efforts to influence U.S. elections through cyber operations and information campaigns.
Escalation of Iranian operations in 2024Iran's cyberattacks in 2024 closely mirror the tactics observed in 2020, both in terms of tempo, timing, and targets. According to Microsoft’s August 8 report, a group known as Sefid Flood began preparing for cyber-enabled U.S. election operations as early as March. This group specializes in impersonating social and political activist profiles to intensify divisions among Americans, particularly along ethnic and religious lines.
Iranian hackers and the compromise of political figures
In June 2024, Microsoft detected the activity of another Iran-linked group known as Mint Sandstorm. These hackers compromised the personal account of a U.S. political operative and used it to conduct a phishing attack on a member of a presidential campaign staff. Thanks to Microsoft’s technologies, this attack was swiftly detected and thwarted. However, the fact that such targeted actions are occurring is alarming. Just last month, Mint Sandstorm compromised additional personal accounts linked to another U.S. presidential candidate. All affected individuals were quickly notified and received assistance in securing their accounts.
Iran’s focus on U.S. swing states
Of particular concern is Iran’s focus on key U.S. swing states. The history of interference dates back to 2020, when a group named Cotton Sandstorm, working under the direction of the Islamic Revolutionary Guard Corps (IRGC), posed as the far-right movement "Proud Boys" and sent threatening emails to voters in Florida, urging them to vote for Donald Trump. In 2022, ahead of the midterm elections, Mint Sandstorm targeted local government organizations in several states that played a crucial role in the previous election.
Expected escalation of attacks
Although Microsoft does not have definitive evidence that Iran’s targeting of swing states in 2022 and 2024 is directly election-related, analysts warn of the growing threat. Recent operations by groups like Peach Sandstorm may indicate Iran’s readiness to continue its election interference and further deepen divisions in American society as Election Day approaches.
Iranian cyber threats remain one of the most serious challenges to U.S. election security. Despite proactive measures by tech companies like Microsoft and U.S. authorities, cyberattacks and disinformation campaigns from Iran continue and are expected to intensify ahead of the November 2024 elections.
Similar news
