Microsoft has warned 10,000 customers that they’ve been targeted by nation state attacks over the past year, including hundreds of US political organizations, the firm revealed this week.
In a blog post to promote the firm’s new ElectionGuard secure voting system, corporate VP for customer security and trust, Tom Burt, revealed that the vast majority (84%) of state-sponsored attacks were targeted at Microsoft’s enterprise customers, with the remainder (16%) hitting consumers' personal email accounts.
The majority came from groups in Russia (Yttrium and Strontium), Iran (Homium and Mercury) and North Korea (Thallium).
“While many of these attacks are unrelated to the democratic process, this data demonstrates the significant extent to which nation-states continue to rely on cyber-attacks as a tool to gain intelligence, influence geopolitics or achieve other objectives,” said Burt.
However, a significant minority of attacks have been focused on democratic organizations. Officially launched last August, Microsoft’s AccountGuard tool has since alerted on 781 nation state attacks against “political campaigns, parties, and democracy-focused non-governmental organizations (NGOs).”
Although the tool is only available in 26 countries so far, the vast majority (95%) of political organizations targeted were in the US, which amounts to around 742.
“Many of the democracy-focused attacks we’ve seen recently target NGOs and think tanks, and reflect a pattern that we also observed in the early stages of some previous elections. In this pattern, a spike in attacks on NGOs and think tanks that work closely with candidates and political parties, or work on issues central to their campaigns, serve as a precursor to direct attacks on campaigns and election systems themselves. We saw such attacks in the US presidential election in 2016 and in the last French presidential election,” explained Burt.
“As we head into the 2020 elections, given both the broad reliance on cyber-attacks by nation states and the use of cyber-attacks to specifically target democratic processes, we anticipate that we will see attacks targeting US election systems, political campaigns or NGOs that work closely with campaigns.”