Microsoft Says Nearly 800 Campaigns & Outside Groups Are Targets of Foreign Hackers

Microsoft last week said it had issued 781 notices to political campaigns, nonprofit groups and think tanks that work with candidates running for office around the world that they are increasingly being targeted by hackers from Russia, China, Iran and North Korea.

The company said the data on such attacks came from users of Microsoft Account Guard, a service launched last August that is tailored for political parties, campaigns and democracy-promoting organizations.

"This data shows that democracy-focused organizations in the United States should be particularly concerned as 95 percent of these attacks have targeted U.S.-based organizations," Microsoft vice president Tom Burt wrote in a blog post.

Attacks on nonprofit groups and think tanks that work with political candidates often precede direct attacks on candidates and political campaigns closer to an election, Burt wrote.

Since 2016, Microsoft has been tracking and blocking hackers from Russia and other countries attempting to break into political campaigns and think tanks.

In August, Microsoft President Brad Smith said a Russian hacking group had targeted U.S. political campaigns ahead of the 2018 midterm elections by using fake websites that might prompt users to click on them. Microsoft then said the company's Digital Crimes Unit used a U.S. court order to shut down 84 fake websites associated with the group.

In June last year, Burt said the company also identified that the same group had targeted three political candidates contesting the 2018 midterms. One of them, Hans Keirstead, later identified himself as a victim; he was a Democratic candidate who challenged former Rep. Dana Rohrabacher, R-Calif., in an open primary. Rohrabacher, who was widely known as one of the most pro-Russia members of Congress, lost his reelection bid to Democrat Harley Rouda.

"As we head into the 2020 elections, given both the broad reliance on cyberattacks by nation-states and the use of cyberattacks to specifically target democratic processes, we anticipate that we will see attacks targeting U.S. election systems, political campaigns or NGOs that work closely with campaigns," Burt wrote.

This story originally appeared in CQ Cyber newsletter. Click here for more information on subscribing to CQ News.