Published on: October 16, 2024
Russia, China, and Iran are increasingly turning to criminal networks to carry out cyber espionage and hacking operations targeting adversaries like the US, according to a digital threats report released by Microsoft.
According to Microsoft’s latest Digital Defense Report, cybercriminal gangs have been collaborating with authorities in these nations to carry out attacks ranging from ransomware to phishing. These operations were aimed at espionage, sabotage, and exerting influence.
The report, which covers cyber threats between July 2023 and June 2024, highlights how these nations and criminal networks share hacking tools and tactics to target their adversaries.
“We’re seeing in each of these countries this trend towards combining nation-state and cybercriminal activities,” said Tom Burt, Microsoft’s vice president of customer security and trust.
In one example, Microsoft’s analysts found a Russian criminal network that infiltrated more than 50 electronic devices used by the Ukrainian military in June, apparently seeking access and information that could aid Russia’s invasion of Ukraine. There was no obvious financial motive for the group, aside from any payment they may have received from Russia.
In another, investigators identified a criminal hacking group with links to Iran infiltrated an Israeli dating site and then tried to sell or ransom the personal information it obtained. Microsoft concluded the hackers had two motives: to embarrass Israelis and make money.
Microsoft also noted that these cyberattacks included efforts to influence the upcoming U.S. election in November. Microsoft analysts say that Russia is specifically targeting Vice President Kamala Harris’s campaign, while Iran has focused on opposing former President Donald Trump.
Iranian hackers also attempted to breach Trump’s campaign but failed to generate interest from Democrats in the stolen material. As election day draws nearer, Russia and Iran are expected to ramp up their cyber efforts against the U.S., according to Burt.
While there’s no evidence that Russia, China, or Iran are directly collaborating or using the same criminal networks, the increased reliance on private cyber “mercenaries” highlights the lengths to which these nations are willing to go, he added.