Microsoft says it has detected more than 740 intrusion attempts by state-sponsored attackers last year targeting the U.S.-based political parties, campaigns, and other democracy-focused organizations, who are subscribed to Microsoft’s AccountGuard service.
The Microsoft AccountGuard provides free cyber threat detection services to election-related candidates, campaigns, and other groups. The Tech giant revealed the probe findings at the Aspen Security Forum, where it demonstrated a voting system ElectionGuard software. Microsoft said the new voting system offers secure and verifiable voting experience.
“Since the launch of Microsoft AccountGuard last August, we have uncovered attacks specifically targeting organizations that are fundamental to democracy. We have steadily expanded AccountGuard, our threat notification service for political campaigns, parties, and democracy-focused nongovernmental organizations (NGOs), to include 26 countries across four continents,” Microsoft said in a blog post.
According to the Microsoft Threat Intelligence Center, most of the attackers originated from Iran, North Korea, and Russia. Microsoft has identified the multiple hacker groups named Holmium and Mercury operating from Iran, Thallium operating from North Korea, and Yttrium and Strontium operating from Russia.
“Cyberattacks continue to be a significant tool and weapon wielded in cyberspace. In some instances, those attacks appear to be related to ongoing efforts to attack the democratic process. As we head into the 2020 elections, given both the broad reliance on cyberattacks by nation-states and the use of cyberattacks to specifically target democratic processes, we anticipate that we will see attacks targeting U.S. election systems, political campaigns or NGOs that work closely with campaigns,” Microsoft said.
Earlier, Microsoft said hackers linked to Russian military intelligence tried to hack the websites of two conservative think-tanks in the United States ahead of November’s midterm elections. It also stated that it has detected and seized websites that were created by hackers linked to the Russian unit to mimic the pages of The International Republican Institute and The Hudson Institute. These sites are designed to redirect the users to fake web pages where they were asked to enter usernames, passwords, and other credentials.