Recent cyberattacks require us all to be vigilant says Microsoft for attempts on 2020 US election campaigns

[Sylence]

Today we’re sharing that we’ve recently seen significant cyber activity by a threat group we call Phosphorus, which we believe originates from Iran and is linked to the Iranian government. We’re sharing this for two reasons. First, it is important that we all – governments and private sector – are increasingly transparent about nation-state attacks and efforts to disrupt democratic processes. Second, while we have processes to notify customers about nation state activity and have AccountGuard to monitor accounts of campaigns and other associated organizations related to election processes in democracies around the world, publishing this information should help others be more vigilant and take steps to protect themselves.

In a 30-day period between August and September, the Microsoft Threat Intelligence Center (MSTIC) observed Phosphorus making more than 2,700 attempts to identify consumer email accounts belonging to specific Microsoft customers and then attack 241 of those accounts. The targeted accounts are associated with a U.S. presidential campaign, current and former U.S. government officials, journalists covering global politics and prominent Iranians living outside Iran. Four accounts were compromised as a result of these attempts; these four accounts were not associated with the U.S. presidential campaign or current and former U.S. government officials. Microsoft has notified the customers related to these investigations and threats and has worked as requested with those whose accounts were compromised to secure them.

Phosphorus used information gathered from researching their targets or other means to game password reset or account recovery features and attempt to take over some targeted accounts. For example, they would seek access to a secondary email account linked to a user’s Microsoft account, then attempt to gain access to a user’s Microsoft account through verification sent to the secondary account. In some instances, they gathered phone numbers belonging to their targets and used them to assist in authenticating password resets.

While the attacks we’re disclosing today were not technically sophisticated, they attempted to use a significant amount of personal information both to identify the accounts belonging to their intended targets and in a few cases to attempt attacks. This effort suggests Phosphorus is highly motivated and willing to invest significant time and resources engaging in research and other means of information gathering. MSTIC works every day to track threat groups including Phosphorus so we can notify customers when they face threats or compromises and so that we can build our products to better defend against these threats.

As we’ve previously disclosed, our Digital Crimes Unit has also taken legal and technical steps to combat Phosphorus attacks and we continue to take these types of actions.

There are also a range of steps customers can take to help secure their consumer accounts. We strongly encourage all customers to enable two-step verification on their accounts which can be done in Account Security settings. While there are a number of ways to enable this two-step verification, the most secure option is through a password-less solution like Microsoft Authenticator.

People can also periodically check their login history, and we recommend this for journalists, political campaigns staff, and others interested in assuring account security. These logs are made available through the Account Security Sign-In Activity tab. They are easy to read and look like this:

Expanding any of these events in this tab will provide details on the device and IP address used to access the account in question. If any of the activity looks suspicious, you can notify Microsoft by clicking on the associated “Secure Your Account” link. If you detect suspicious activity, you should change your password and enable two-step verification. To better secure your Microsoft account, follow these tips for keeping your Microsoft account safe and secure.

While this advice relates to consumer accounts, we also provide a range of additional tools and advice to IT administrators to protect their corporate networks. A starting point for accessing these tools is here.

However, if you are part of a political campaign, a political party committee or an NGO or think tank working on issues related to democracy, you are eligible for Microsoft AccountGuard, an offering from our Defending Democracy Program, and can sign up here. There are currently 60,000 accounts in 26 countries protected by AccountGuard, which provides monitoring and unified threat notification across the Office 365 accounts you use for work and the personal accounts of your staff and others affiliated with your organization that opt-in for this protection. To date, we’ve made more than 800 notifications of attempted nation-state attacks to AccountGuard customers.

We hope all governments, companies and advocacy groups will consider joining the Paris Peace Call for Trust & Security in Cyberspace and that all companies will consider joining the Cybersecurity Tech Accord. These are two important initiatives that aim to keep the internet safer from the types of malign activity we’re discussing today.

 

Microsoft declines to name the targeted presidential candidate, but it affirms that their account was not compromised by the threat group the company refers to as Phosphorous. CNBC later reported that the Donald Trump 2020 campaign suffered the cyberattack, but The Verge has yet to confirm that.

 

Tags: cybersecurity, Defending Democracy Program, Microsoft AccountGuard

 

Source

Source

[Infinite_Vision]

Thanks for sharing with us Sylence.  Personally, I don't trust those voting machine as they can be hacked.  I like a paper ballot that can be scan through the voting machine.  Then, we keep the paper ballot as backup just in case we need a recount.  We must make sure that the voting process is fundamentally sound and that no tampering of the process.  It doesn't matter what voting side people are on, the voting process should be respected.  Rogue players are always trying to change things and not respect the people's wishes.  In my opinion, these new cyberattack methods and complex exploits have been increasing for the past couple of months.  There seems to be a global upheaval at the moment and things are starting to be brought to light.  This was their warning to us.  For us to get to the 2020 election, we must be vigilant against those who seek to undermind our collective resolves.  Much love and respect to everyone.

 

Below is not towards anyone on the forum.  The hidden part.  It's just a check list that I have research so far.  

 

Spoiler

These are the list of people supporting the whistleblower by an article written by Sarah A. Carter.   Again, these people have done nothing wrong.  What I wanted to do was to see how biased these people were and who did they worked for in the past.  I just wanted to get an overview and see how it goes.  Almost of all of these people on here have worked under President Clinton and President Obama.  It was experiment to see where these people came from.  Again, nothing wrong with these people but they seem a little biased to me if you looked at the list.  Interesting.  These are my research 17+.  😎      

 

Gina Abercrombie-Winstanley  - Served under President Obama

Javed Ali - CAIR

Rand Beers - Served under President Obama

William M. Bellamy - Source 1.  Was HIV program related to this?  Here is seen interview a former CIA personnel.  Stated as Foreign Service Officer.

Daniel Benjamin - Appointed by Secretary Clinton

Robert O. Boorstin - Served under President Clinton

Aurelia E. Brazeal - Served under President Clinton

Michael Breen - Confirmed Judge Sonia Sotomayor/Climate Activist/ White Counsel 2009

John O.Brennan - Clown boss Under President Obama

Wally Brewster - Appointed by President Obama

Tess Bridgeman - Served under President Obama

Rosa Brooks - Served between 2009-2011/ Worked at George Soros Foundation

Prudence Bushnell - Served under President Clinton

Piper Anne Wind Campbell - Served under President Obama

James Clapper - Clown boss 2 under President Obama

Brent Colburn -Served on President Obama

Elinor G. Constable - Served on President Clinton

Cindy Courville - Served under President Clinton and President Bush

Michael Daniel - Worked under President Obama

Miguel H. Díaz - worked under President Obama

Mieke Eoyang - Worked as Democrats with Biased against President Trump

Jonathan Finer - Served Under President Obama

Michèle Flournoy - Served Under President Obama

Paul Frandano - Very Biased Viewpoint/ CIA Red Cell

Joshua Geltzer - Served Under President Obama

Beth George - Served 2011-2016 under President Obama

Suzy George - Worked under President Obama

Chuck Hagel - Served Under President Obama

Oona Hathaway - Served 2014-2015

Patricia McMahon Hawkins- Served Under President Bush and President Obama

Michael Hayden (general) - Served Under President Clinton, President Bush, and President Obama

Brett Holmgren - Served Under President Obama

Vicki J. Huddleston - Served Under President Clinton and Bush

John Hughes - Worked with John Kerry

Nina Hachigian - Served Under President Obama

Patrick M. Hughes - Served Under President Clinton

Roberta S. Jacobson - First appointed by President Obama

Deborah K. Jones - Served Under President Obama and President Bush

Nate Jones - Worked under President Obama

Colin Kahl - Served Under VP Biden

Andrea Kendall-Taylor - First appointed President Obama Admin

Laura E. Kennedy - Service

Frank Kendall III - Served Under President Obama

Harold Hongju Koh - Served Under President Obama and President Clinton

Patricia H Kushlis - Conflict of Interest
Lisa Kubiske - Served under President Obama

Jonathan Lee - worked under President Obama

J.William Leonard - Served Under President Bush and President Obama

George E. Little - Served Under President Bush and President Obama

Carmen Lomellin - Served Under President Obama

Kelly Magsamen - Appointed during President Obama

Mary B. Mccord - First appointed in President Obama

Carmen Medina - Former CIA director

Karen J. Monaghan - CIA

Molly Montgomery - Ukraine

Michael Morell - Served Under President Obama

Katrina Mulligan - Got started due to President Obama

Scott Nathan - Served under President Obama and John Kerry

Matthew G. Olsen - Served Under President Obama

James O'Brien - Source

Maria Otero - Served Under President Obama

Jung H. Pak - CIA, served 2014-2016 Under President Obama

June Carter Perry - Foreign Intelligent Officer

Larry Pfeiffer - Director CIA

Stephen Pomper - Served Under President Obama

Ned Price - CIA
Jeffrey Prescott - Served Under President Obama and VP Biden

Asha Rangappa - CNN Commentor and Former FBI

Nicholas Rasmussen - Started with president Obama

Elizabeth Raspolic - worked under President Clinton

Daniel Rosethal - worked under President Obama

Paul Rosenzweig - Biased towards President Trump

Nick Shapiro - worked under Brennen

Wendy Sherman - worked under President Clinton and President Obama

Steven Simon - worked under President Obama

Dana Shell Smith - Started with President Obama

Suzanne Spaulding - CIA

Margaret A. Stromecki - CIA.  Source: Have You Heard Of The CIA’s Iran Mission Center?

Francis X. Taylor - Served Under President Bush and Obama

Linda Thomas -Greenfield - Starting with President Obama

Doug Wilson - Worked under President Obama

Ted Wittenstein - 2006-2009. worked on paper for WMD

Carl Woog - Worked under President Obama

Urza Zeya - worked under President Obama first

Jane B. Zimmerman - senior member of the U.S. Foreign Service from 1998-2013