Microsoft researchers said on Friday that Iran government-tied hackers tried breaking into the account of a “high-ranking official” on the US presidential campaign in June, weeks after breaching the account of a county-level US official.
The breaches were part of Iranian groups’ increasing attempts to influence the US presidential election in November, the researchers said in a report that did not provide any further detail on the apparent official in question.
The report follows recent statements by senior US intelligence officials that they had seen Iran ramp up use of clandestine social media accounts with the aim to use them to try to sow political discord in the US.
The report also reveals how Russia and China are exploiting US political polarization to advance their own divisive messaging in a consequential election year.
Iran’s mission to the UN in New York told Reuters in a statement that its cyber capabilities were “defensive and proportionate to the threats it faces” and that it had no plans to launch cyber-attacks.
“The US presidential election is an internal matter in which Iran does not interfere,” the mission added in response to the allegations in the Microsoft report.
The report said: “A group run by the Islamic Revolutionary Guard Corps (IRGC) intelligence unit sent a spear-phishing email to a high-ranking official of a presidential campaign” and “another group with assessed links to the IRGC compromised a user account with minimal access permissions at a county-level government”.
It said the activity appeared part of a broader push by Iranian groups to gain intelligence on US political campaigns and target US swing states. It said the county employee’s account was breached in May as part of a wider “password spray operation” – one where hackers use common or leaked passwords en masse on many accounts until they can break into one.
The hackers were not able to access any other accounts through that breach and the targets were notified, the report added.
The report does not specify Iran’s intentions besides sowing chaos in the US, though US officials have previously hinted that Iran particularly opposes the former president and Republican nominee Donald Trump over his Democratic party rival, Kamala Harris.
The researchers also said another Iranian group had been launching covert news sites that used artificial intelligence to lift content from legitimate news sites, and targeted US voters on opposite sides of the political spectrum. It named the two sites as Nio Thinker – a left-leaning site – and a conservative site called Savannah Time.
When browsed on Friday, both websites had similar formats on their About Us page, and neither listed any contact detail. Nio Thinker calls itself “your go-to destination for insightful, progressive news and analysis that challenges the status quo”, while Savannah Time says it is “a reflection of the values that make Savannah unique” and a place “where conservative values meet local insight”.
The Microsoft report said that as Iran escalates its cyber influence, Russia-linked actors also have pivoted their influence campaigns to focus on the US election, while actors linked to the Chinese Communist party have taken advantage of pro-Palestinian university protests and other current events in the US to try to raise US political tensions.
Microsoft said it had continued to monitor how foreign foes are using generative AI technology. The increasingly cheap and easy-to-access tools can generate lifelike fake images, photos and videos in seconds, prompting concern among some experts that they will be weaponized to mislead voters this election cycle.
Reuters and the Associated Press contributed reporting
