Microsoft warns of Iranian hackers targeting US election websites

Microsoft warns of Iranian hackers targeting US election websites
24 Oct 2024

Microsoft has warned of an Iranian hacking group, dubbed Cotton Sandstorm, that is actively targeting US election websites and media outlets.

The tech giant disclosed the information in a blog post on Wednesday.

These cyber attacks, according to Microsoft's research, could be part of a larger strategy for "preparations for more direct influence operations" as the US presidential election day draws near.

Hackers' surveillance activities on US media outlets
Cyber espionage

The first investigation into election-related websites was conducted in April, but Microsoft analysts only recently detected the activity.

Reportedly, in May, the hackers conducted surveillance on major US media outlets.

Microsoft has attributed these hackers to Cotton Sandstorm and connected them to Iran's Islamic Revolutionary Guard Corps.

The group has been conducting reconnaissance and limited probing of several "election-related websites" in various unnamed swing states.

Iran denies allegations of election interference
Denial

Meanwhile, a representative for Iran's mission to the United Nations has dismissed Microsoft's accusations as "fundamentally unfounded, and wholly inadmissible."

The representative added that "Iran neither has any motive nor intent to interfere in the US election."

The denial comes amid growing concerns about potential foreign interference in the upcoming US presidential election.

Cotton Sandstorm's history of election interference
Past incidents

Microsoft researchers have warned that "Cotton Sandstorm will increase its activity as the election nears given the group's operational tempo and history of election interference."

In 2020, just before the presidential election, Cotton Sandstorm conducted a cyber operation posing as members of the far-right group "Proud Boys."

The hackers sent several emails to Florida voters, warning them to "vote for Trump or else!"

Hacking group's post-election cyber activities
Post-election operations

After the 2020 election, Cotton Sandstorm launched a separate operation that sparked violence against US election officials who refuted claims of widespread voter fraud, Microsoft said.

The Office of the Director of National Intelligence, which coordinates federal efforts to shield the election from foreign influence, has yet to respond to the revelations.