According to a blog post by Microsoft on Wednesday, an Iranian hacking group known as Cotton Sandstorm has been actively monitoring U.S. election-related websites and American media outlets as election day approaches. Researchers suggest that this activity indicates preparations for more direct influence operations.
The hackers, who are believed to be linked to Iran’s Islamic Revolutionary Guard Corps, have conducted reconnaissance and limited probing of multiple election-related websites in several swing states, as well as scanning an unidentified U.S. news outlet in May to identify its vulnerabilities.
Researchers warn that Cotton Sandstorm will likely increase its activity as the election approaches, given the group’s history of election interference. This development is particularly concerning due to the group’s past efforts.
In the lead-up to the last presidential election, Cotton Sandstorm launched a cyber-enabled influence operation, posing as the right-wing “Proud Boys” to send threatening emails to Florida residents, urging them to “vote for Trump or else!” The group also released a video on social media, purporting to come from hacktivists, showing them probing an election system. While this operation did not affect individual voting systems, senior U.S. officials said the goal was to cause chaos, confusion, and doubt.
Related topics: