Iranian hacker group targets US election websites and media ahead of vote: Microsoft

An Iranian hacking group is actively targeting US election-related websites and media outlets as Election Day approaches, with activity suggesting preparations for more “direct influence operations”, according to a Microsoft blog posted on Wednesday.

The hackers, dubbed Cotton Sandstorm by Microsoft and linked to Iran’s Islamic Revolutionary Guard Corps, conducted limited reconnaissance and probes of multiple “election-related websites” in several unnamed battleground states, according to the report In May, they also scanned an unidentified US news outlet to understand its vulnerabilities.

US Vice President Kamala Harris, the Democratic nominee, faces Republican challenger Donald Trump in the Nov. 5 presidential election, which polls suggest is an extremely close race.

“Cotton Sandstorm will increase its activity as the election approaches given the group’s operational tempo and history of election interference,” the researchers wrote. The development is particularly troubling because of the group’s past efforts, they said.

A spokesman for Iran’s mission to the United Nations said “these accusations are fundamentally baseless and totally inadmissible.”

“Iran has no motive or intention to interfere in the US election,” the spokesman said.

In 2020, Cotton Sandstorm launched a different cyber influence operation shortly before the last presidential election, according to US officials. Posing as the right-wing “Proud Boys,” hackers sent thousands of emails to Florida residents, threatening them to “vote Trump or else!”

The group also posted a video on social media, purported to be from activist hackers, showing them probing an election system. While that operation never affected individual voting systems, the goal was to cause chaos, confusion and doubt, senior U.S. officials said at the time.

After the 2020 election, Cotton Sandstorm also conducted a separate operation that incited violence against US election officials who had denied claims of widespread voter fraud, Microsoft said.

The Office of the Director of National Intelligence, which coordinates the US federal effort to protect elections from foreign influence, referred Reuters to a past statement that said: “Foreign actors, particularly Russia, the Iran and China remain determined to generate divisive narratives to divide Americans and undermine Americans’ confidence in America’s democratic system.”