The US elections are under attack from hostile countries – and more is coming, Microsoft says

The upcoming US elections are being hacked by hostile states, Microsoft has claimed.

There are “sustained influence efforts by Russia, Iran, and China aimed at undermining US democratic processes”, according to the Microsoft Threat Analysis Center.

Their work includes amplifying divisive messages, attacking election-related websites, sharing stolen and private material and using generative AI to make misleading posts, Microsoft said.

Those attacks are likely to step up as the election approaches on 5 November, Microsoft warned. It said that such attacks can “significantly impact public perception and electoral outcomes” and warned that “early detection and fact-checking remain essential to countering these efforts and maintaining election integrity”.

The attacks include an army of Chinese-controlled social media bots is attempting to influence voters in Alabama, Texas and Tennessee, while denigrating US Senator Marco Rubio of Florida.

The operation represents a coordinated interference effort against down-ballot races, experts say, in which the fake accounts are denigrating U.S. Representative Barry Moore of Alabama, US Representative Michael McCaul of Texas, Tennessee US Senator Marsha Blackburn and Rubio, all Republicans.

The troll network has “parroted antisemitic messages, amplified accusations of corruption and promoted opposition candidates,” according to Microsoft.

The group responsible is known as Taizi Flood, which has been previously associated with China’s Ministry of Public Security, researchers say. The lawmakers were each targeted because they had denounced Chinese government policies historically, the report notes.

A spokesperson for China’s embassy in Washington said China “has no intention and will not interfere in the US election” and that such claims are “full of malicious speculations.”

An Iranian hacking group is also actively scouting U.S. election-related websites and American media outlets as Election Day nears, with activity suggesting preparations for more “direct influence operations,” Microsoft said.

The hackers, dubbed Cotton Sandstorm by Microsoft and linked to Iran’s Islamic Revolutionary Guard Corps, performed reconnaissance and limited probing of multiple “election-related websites” in several unnamed battleground states, the report said. In May, they also scanned an unidentified US news outlet to understand its vulnerabilities.

“Cotton Sandstorm will increase its activity as the election nears given the group’s operational tempo and history of election interference,” researchers wrote. The development is particularly concerning because of the group’s past efforts, they said.

A spokesperson for Iran’s mission to the United Nations said that “such allegations are fundamentally unfounded, and wholly inadmissible”.

“Iran neither has any motive nor intent to interfere in the U.S. election,” the spokesperson said.

In 2020, Cotton Sandstorm launched a different cyber-enabled influence operation shortly before the last presidential election, according to US officials. Posing as the right-wing “Proud Boys,” the hackers sent thousands of emails to Florida residents, threatening them to “vote for Trump or else!”

The group also released a video on social media, purporting to come from activist hackers, where they showed them probing an election system. While that operation never affected individual voting systems, the goal was to cause chaos, confusion and doubt, senior US officials said at the time.

Following the 2020 election, Cotton Sandstorm also ran a separate operation that encouraged violence against US election officials who had denied claims of widespread voter fraud, Microsoft said.

The Office of the Director of National Intelligence, which is coordinating the U.S. federal effort to protect the election from foreign influence, referred Reuters to a past statement that said: “Foreign actors, particularly Russia, Iran and China, remain intent on fanning divisive narratives to divide Americans and undermine Americans’ confidence in the US democratic system”.

Additional reporting by agencies