Iran is accelerating US election influence operations, Microsoft research says
One Iran-linked disinformation collective staged covert news websites that focused on politically divisive topics. Another group breached a low-level account in a county-level swing state.
Iranian cyber operatives are laying digital groundwork to sow discord into November’s U.S. presidential election, according to research from Microsoft’s threat intelligence unit released Friday.
In June, a smattering of Iran-backed hacker groups accelerated efforts online to increase more divisiveness among American voters, staging up websites and social media campaigns aimed at reducing election legitimacy and voter turnout while seeking to undermine trust in election authorities.
“Looking forward, we expect Iranian actors will employ cyberattacks against institutions and candidates while simultaneously intensifying their efforts to amplify existing divisive issues within the U.S., like racial tensions, economic disparities, and gender-related issues,” Microsoft says.
One Iranian network, labeled by the company as Storm-2035, staged up four sham websites masquerading as real news outlets that pumped out divisive content leaning toward both liberal and conservative audiences. One site has shifted its materials toward election matters after having started with content focused on the Israel-Hamas war in October 2023. The network is using generative AI tools to plagiarize content from actual U.S. news websites, according to research.
In May, another group with ties to the IRGC compromised a user account in a county-level government based in a swing state, which Microsoft did not name.
“While unclear if related, it is worth noting that the targeted county had undergone a race-related controversy that made national news this year,” the report said. A Microsoft spokesperson declined to comment about the county in question.
A third entity attempted to access an account belonging to a former presidential candidate, which the company did not name. The failed infiltration occurred “days prior to phishing an active presidential campaign and months ahead of the election” which suggests the attempt might be election-related, Microsoft says.
“We share intelligence like this so voters, government institutions, candidates, parties, and others can be aware of influence campaigns and protect themselves from threats,” said Clint Watts, who leads the company’s Threat Analysis Center.
Other nations, namely Russia and China, have been footholding their own efforts to break U.S. election integrity. An intelligence community official recently designated Russia as the leading nation-state threat in these efforts. Intel officials also say Russian spin doctors are purchasing services of legitimate marketing and communications firms to help unwittingly push their U.S. election narratives.