With less than two weeks until the 2024 US election, cyber operatives from Russia, Iran, and China are stepping up their efforts to influence the results.
According to the most recent report from the Microsoft Threat Analysis Center (MTAC), these adversaries have carried out a series of cyber and influence operations aimed at undermining US democracy.
Iran's latest move included leaking stolen materials from Donald Trump's campaign to individuals linked to Joe Biden's campaign and media outlets, raising concerns about foreign interference in the November 5 election.
The MTAC report outlines a concerning pattern of activity. Russian actors initially targeted former President Trump before shifting their focus to Vice President Kamala Harris when she entered the race.
Using generative AI, Russian operatives released deepfake videos of Harris making inflammatory remarks about Trump, accusing her of bizarre crimes such as illegal poaching in Zambia.
One of these videos traced back to a Kremlin-linked troll farm known as Storm-1516, falsely depicted Democratic vice-presidential nominee Tim Walz and received over five million views on X (formerly Twitter) within 24 hours of being published.
Despite low engagement with many of these attempts, Russia's persistence in targeting Harris demonstrates its desire to shape the narrative around key figures in the 2024 election.
Cotton Sandstorm, an Iranian cyber group, has been particularly active in exploiting US social tensions.
They have used a variety of tactics, including staging a false flag operation under the guise of “Bushnell's Men” and advocating for an election boycott based on candidates' support for Israel.
This group also attempted to incite protests at universities, hoping to further divide Americans over contentious social issues.
Despite its simultaneous engagements with Israel in the Middle East, Iran's government has not slowed its cyber-influence operations in the US.
Meanwhile, China has taken a more calculated approach, focusing on down-ballot Republican candidates who have taken strong positions against Chinese policies.
Disinformation campaigns were launched against Rep. Barry Moore, Sen. Marsha Blackburn, and Marco Rubio.
Chinese operatives have promoted opposition candidates and spread antisemitic rhetoric, attempting to divide American voters on multiple fronts.
Although overall engagement has been lower than expected, China's emphasis on congressional races suggests a larger strategy to influence American politics at all levels.
Microsoft’s report stresses the urgency of detecting and countering these foreign operations, particularly in the critical 48-hour window surrounding Election Day.
This is not the first time threat actors have attempted to exploit the upcoming elections; we previously reported on the rise of smashing scams and Russian threat actors using candidate names as a front for crypto scams.