The U.S. presidential election is less than 50 days away, and this week served up some grim reminders of how high the stakes are—and how intent Washington’s adversaries are on swaying or disrupting the vote.
The U.S. presidential election is less than 50 days away, and this week served up some grim reminders of how high the stakes are—and how intent Washington’s adversaries are on swaying or disrupting the vote.
New details have emerged of cyberattacks and election interference efforts by China, Russia, and Iran, with U.S. officials and technology executives sounding the alarm about the countries’ intent to sow chaos in the weeks leading up to Election Day on Nov. 5.
Russian cyber groups have pivoted in the last two months to attacking the campaign of Vice President Kamala Harris, according to a new report Microsoft released Tuesday. The groups have spread several fake videos, including one purportedly showing a Harris supporter attacking an attendee at a rally for former President Donald Trump, another (through a fake San Francisco news site) that falsely claimed Harris was involved in a hit-and-run incident, and a third showing a fake billboard in New York City listing false claims about Harris’s policies.
“As we inch closer to the election, we should expect Russian actors to continue to use cyber proxies and hacktivist groups to amplify their messages through media websites and social channels geared to spread divisive political content, staged videos, and AI-enhanced propaganda,” Microsoft wrote.
President Joe Biden’s administration has stepped up its efforts to combat Russia’s disinformation and influence operations, imposing a series of sanctions earlier this month on state-run media outlets including Russia Today (RT) for acting on behalf of the Kremlin to “undermine confidence in the United States’ election processes and institutions.” RT has also developed cyber capabilities with direct ties to Russian intelligence services and is involved in a crowdfunding effort to procure military equipment for Russia’s invasion of Ukraine, U.S. Secretary of State Antony Blinken told reporters last week while announcing additional sanctions on the network.
“We urge every ally, every partner to start by treating RT’s activities as they do other intelligence activities by Russia within their borders,” Blinken said. Tech companies Meta and Google responded to the sanctions by restricting RT content and accounts from their social media platforms this week.
On Wednesday, FBI Director Christopher Wray announced that the agency had successfully hit back against another formidable cyber adversary: China. FBI teams took down a botnet—a network of compromised computers controlled by hackers who were “working at the direction of the Chinese government,” Wray told an audience at the Aspen Cyber Summit in Washington. Wray said the hackers allegedly took over hundreds of thousands of internet-connected devices, including cameras and storage devices—half of which were in the United States—to conduct espionage and disrupt critical systems. “We think the bad guys finally realized it was the FBI and our partners that they were up against, and with that realization they essentially burned down their new infrastructure and abandoned their botnet,” he added.
The U.S. government takedown of the botnet, allegedly run by a hacking group called Flax Typhoon, is the second such offensive cyber operation against China in less than a year. It follows a December 2023 operation against another group known as Volt Typhoon. Officials expect it won’t be the last.
“We’d like to see more of these and more frequently,” a senior administration official said of the takedown, speaking to reporters on Wednesday evening following Wray’s announcement. “What we’ve really been discussing here from the White House is what can be done to accelerate and do these regularly, so that we make it riskier, costlier, and harder for China to conduct their large-scale cyber operations.”
And then there’s Washington’s third—and increasingly brazen—cyber adversary. On Wednesday, three U.S. agencies issued a joint statement on Iran’s efforts to target Trump’s 2024 campaign. Iranian hackers who breached the Trump campaign in recent months sent “stolen, non-public” material from the campaign via email to individuals associated with Biden’s reelection campaign before he dropped out and was replaced by Harris, according to the statement by the FBI, the Office of the Director of National Intelligence, and the Cybersecurity and Infrastructure Security Agency (CISA). “There is currently no information indicating those recipients replied,” the agencies added.
Iran has stepped up its efforts to interfere in the 2024 race amid an escalating proxy conflict with key U.S. ally Israel and has targeted the Trump campaign in particular in what experts see as retaliation for his administration’s 2020 assassination of Iranian Gen. Qassem Suleimani.
Despite some key public victories this week, the consensus in the cyberdefense community is that the battle is only just beginning—and is only likely to get more intense as Election Day draws closer, with the United States facing three highly capable adversaries who, if not directly working together, share similar goals.
“Arguably, the 2024 election cycle is facing the most complex threat landscape yet,” Cait Conley, a senior advisor for CISA, said at the Politico AI and Tech Summit this week. “We do see a growing and diverse array of foreign actors who are trying to influence our American democratic process. … Regardless of the actor, their objectives are the same—they want to undermine the American people’s confidence in our democratic institutions, and they want to sow partisan discord.”
Senior industry leaders visiting Washington this week echoed that sentiment. “We know that there is a presidential race between Donald Trump and Kamala Harris, but this has also become an election of Iran versus Trump and Russia versus Harris,” Microsoft’s president, Brad Smith, told the Senate Intelligence Committee in a hearing about election threats on Wednesday. “And it is an election where Russia, Iran, and China are united with a common interest in discrediting democracy in the eyes of our own voters and even more so in the eyes of the world.”
The post How U.S. Cyber Adversaries Are Trying to Undermine the Election appeared first on Foreign Policy.
