Microsoft Warns Russian Spies Who Hacked 2016 Election Are Back

Sep 11, 2020
Originally published on September 11, 2020 6:01 am
Copyright 2020 NPR. To see more, visit https://www.npr.org.

RACHEL MARTIN, HOST:

Hackers are targeting the 2020 U.S. presidential election. Tech giant Microsoft says Russian hackers who attacked the Democratic campaign in 2016 are back at it, but it's not just Russia. Hackers with ties to China and Iran are also targeting people and groups working on the election. NPR's Miles Parks covers voting and election security, and he is with us now. Good morning, Miles.

MILES PARKS, BYLINE: Hey. Good morning, Rachel.

MARTIN: All right. So let's start with Russia. What do we know about this particular attempt?

PARKS: So the bottom line is that this Russian-linked group commonly known as Fancy Bear, they're still at it. Microsoft says they've seen the group try to hack into at least 200 organizations, many with some connection to the election. National and state political parties - we've seen them attempt to hack into political consultants' accounts who are helping politicians on both sides of the aisle, as well as even think tanks who are, you know, trying to help shape foreign policy around the election. But also what's interesting is Microsoft says they're seeing some of the same tactics we saw four years ago in terms of the spear-phishing, trying to get people to click on bad links to steal their passwords. But we're also seeing some new techniques develop here in terms of things that will help them maybe further automate their attacks to scale them up. And also they're getting better at hiding their identity. Microsoft says it was tougher this time to be able to say with certainty who was perpetrating these attacks.

MARTIN: OK. So those are the attacks originating in Russia. What about China and Iran?

PARKS: Yeah. Microsoft disclosed attacks coming from China and Iran also aimed at people around the election. They say that people in these countries tried to break into the campaign email accounts of the Biden and Trump campaigns, as well as at least one notable former Trump administration official. And this matches up with what we've heard from national security officials, you know, that these three countries, Russia, China and Iran, are all major cyberthreats. But if they successfully break in, we also know that these countries have different strategies for what to do at that point. You know, in 2016, we saw how Russia could weaponize a hack into an email account and release emails to try and influence the election. We also know that China, when they successfully hack into accounts, traditionally have been a little bit more subtle, hacking for spying and espionage purposes and not necessarily to release information to influence the results - at least in the past that's what we've seen.

MARTIN: Can I pivot slightly and ask about something specific, another news story? Officials announced sanctions against a Ukrainian lawmaker yesterday who they say is a Russian agent. Explain how this factors into election security.

PARKS: Right. So this guy's name is Andriy Derkach. He's a member of the Ukrainian Parliament, and he's been pedaling for the last year this debunked Ukrainian corruption narrative about former Vice President Joe Biden. He's been publishing edited audiotapes and even sending letters to Republican members of Congress and meeting at one point with President Trump's personal attorney, Rudy Giuliani. The Treasury Department announced that he's been working as a Russian agent for more than a decade. And yesterday, they sanctioned him, and they called these narratives baseless attempts to undermine Biden's campaign and a clear sign of election interference, this sanctions effort.

MARTIN: So all of this, Miles, just a reminder to voters across the country to just be vigilant about the information they're getting.

PARKS: Exactly. It's not just this risk of cyberattacks on voting equipment. You know, Rachel, campaigns in general are considered much more vulnerable to these sorts of cyberattacks. And when those hacks occur, they can basically be attacks on the minds of American voters. In general, this is a much more vulnerable part of the election system than the actual voting equipment.

MARTIN: NPR's Miles Parks. We appreciate it, Miles. Thanks.

PARKS: Thank you, Rachel. Transcript provided by NPR, Copyright NPR.