Overview
This fifth Microsoft Threat Analysis Center (MTAC) report of the 2024 presidential election cycle provides a final assessment of Russia, Iran, and China’s influence operations heading into the final two weeks before Election Day.
Since our last two reports, the U.S. government has taken many actions revealing cyber and influence activity from foreign adversaries related to election 2024. On September 18, the Office of the Director of National Intelligence (ODNI), FBI, and CISA published a joint statement revealing Iranian malicious cyber actors’ sending of “stolen, non-public material from former President Trump’s campaign” to both individuals then associated with President Biden’s campaign and U.S. media organizations.1 On September 27, the Department of Justice (DOJ) indicted three Islamic Revolutionary Guard Corps (IRGC) cyber actors for the Iranian hack-and-leak operation targeting the Trump-Vance campaign. This cyber-influence activity was, as the DOJ notes, part of Iran’s “continuing efforts to stoke discord, erode confidence in the U.S. electoral process, and unlawfully acquire information relating to current and former U.S. officials that could be used to advance the malign activities of the IRGC, including ongoing efforts to avenge the death of Qasem Soleimani, the former commander of the IRGC – Qods Force.”2
Our last report also noted that while Iranian actors have focused their cyber-influence operations on the Trump campaign, Russian influence actors decisively pivoted toward the Harris campaign once she entered the race. In the month since our fourth election report on September 17, 2024, we have observed Russian actors integrating generative AI into their U.S. election influence efforts, including the creation of a political deepfake of Vice President Harris that garnered little online engagement.
Iranian groups tasked with targeting the U.S. elections may make an effort—as they have in the past—to run influence operations both shortly before and soon after the election by leveraging cyber intrusions from weeks to months prior. Last week, on October 14, an online persona operated by Iran began falsely posing as an American and called on Americans to boycott the elections due to both candidates’ support for Israel’s military operations. This recent activity, along with Microsoft findings from earlier this year, suggest Iran is gearing up for additional influence operations close to Election Day.
Chinese influence operations have recently taken a new turn shifting focus to several down ballot candidates and members of Congress. In one case, Chinese influence actor Taizi Flood conducted a small-scale campaign denigrating a Republican candidate up for re-election while promoting the candidate’s Democratic opponent.
Our final report concludes with some scenarios to look for in the final days before the election and on Election Day.
To learn more, read the full report.
Follow Microsoft Security