Microsoft has notified approximately 10,000 of its customers that they were the targets of nation-state attacks over the past year.

On 17 July, Microsoft’s Corporate Vice President of Customer Security & Trust Tom Burt revealed that 84 percent of those attacks had targeted the tech giant’s enterprise customers. The remaining 16 percent of campaigns went after consumer personal email accounts.

Microsoft traced the sources of the nation-state attacks to five groups primarily based in Iran, North Korea and Russia. For instance, it found that the threat actors Holmium and Mercury were largely responsible for the threat activity in Iran. Thallium took the lead for the attacks in North Korea, while Yttrium and Strontium were the most active threat forces in Russia.

During the past year, Microsoft noted that most of these nation-state attacks targeted non-governmental organizations (NGOs) interested in promoting democracy. These attacks occurred in 26 countries across four continents. Additionally, they also followed an attack pattern with which Microsoft is already familiar.

As Burt explains more in a statement:

In this pattern, a spike in attacks on NGOs and think tanks that work closely with candidates and political parties, or work on issues central to their campaigns, serve as a precursor to direct attacks on campaigns and election systems themselves. We saw such attacks in the U.S. presidential election in 2016 and in the last French presidential election.

Burt unveiled these and other findings on the same day that Microsoft began demonstrating its ElectionGuard solution at the Aspen Security Forum in Aspen, Colorado. According to Burt, this technology is meant to help create safe and verifiable voting conditions on electronic systems while still being affordable by local governments and accessible to people with disabilities.

Microsoft ElectionGuard demos on 17 July 2019. (Source: Microsoft)

The solution falls under (Read more...)