2024 US Election Faces Escalating Iranian Cyber Influence, MTAC Warns

Iran cyber influence
Iranian influence actors’ election focused tactics, techniques, and procedures | Image: Microsoft

As the 2024 US presidential election approaches, the Microsoft Threat Analysis Center (MTAC) has reported a significant escalation in cyber-enabled influence operations originating from Iran. This marks the third consecutive US election cycle where Iranian actors have sought to manipulate public opinion and disrupt electoral processes through sophisticated cyber campaigns. While Russian interference has garnered much of the spotlight in previous months, the latest MTAC report highlights a growing Iranian threat that is both persistent and evolving.

Iran’s cyber influence operations have been a recurring theme in US elections, but the tactics employed in 2024 signal a marked shift in strategy. Unlike earlier efforts, which focused primarily on manipulating public sentiment, Iran’s recent campaigns are increasingly targeting the infrastructure and conduct of the election itself.

Since June 2024, Iranian threat actors have been laying the groundwork for influence operations aimed squarely at US audiences. This activity coincides with a broader campaign that has seen Iran ramp up cyberattacks against key institutions and political figures, in tandem with disinformation campaigns designed to stoke division on hot-button issues such as racial tensions, economic disparities, and gender rights.

The MTAC report identifies several key Iranian actors involved in these operations:

  • Sefid Flood: An influence group linked to Iran, Sefid Flood began preparing for the 2024 US elections shortly after the Iranian New Year in late March. This group is known for impersonating social and political activist groups, with the aim of creating chaos, undermining trust in authorities, and casting doubt on the integrity of the electoral process. Their methods may include doxing, intimidation, and incitement to violence against political figures or specific social groups.
  • Mint Sandstorm: Operated by the Islamic Revolutionary Guard Corps (IRGC) intelligence unit, Mint Sandstorm has already launched cyberattacks targeting high-ranking officials in the US presidential campaigns. In June 2024, the group sent a spear-phishing email to a senior campaign official, using a compromised email account from a former advisor. The attack was designed to redirect the victim to a malicious domain, highlighting the precision and intent behind these operations.
  • Peach Sandstorm (APT-33): Another IRGC-affiliated group, Peach Sandstorm, engaged in a broader password spray operation that compromised a county-level government account in a swing state. While the intent behind this attack remains unclear, it reflects the group’s ongoing efforts to infiltrate sensitive systems that could potentially impact the election outcome.

In addition to direct cyberattacks, Iran has also been deploying covert news sites to engage US voter groups with polarizing content. An Iranian network, known as Storm-2035, operates several websites that masquerade as legitimate news outlets. These sites target different ends of the political spectrum with divisive messaging on issues ranging from US presidential candidates to LGBTQ rights and the Israel-Hamas conflict.

These covert news sites are part of a broader campaign that includes over a dozen similar outlets targeting audiences in multiple languages. MTAC’s report reveals that some of these sites use AI-enabled tools to plagiarize content from US publications, rephrasing it to drive traffic while obscuring the original source. This use of AI represents a new frontier in disinformation tactics, allowing Iranian actors to amplify their reach with minimal effort.

With the 2024 US election drawing closer, MTAC expects Iranian actors to intensify their efforts to disrupt the electoral process. This could involve cyberattacks aimed at election infrastructure, as well as further disinformation campaigns designed to exploit existing divisions within American society.

Related Posts: