CNN
—

Hackers linked to the Iranian government searched and probed election-related websites in several US states, possibly aiming to uncover vulnerabilities that could be used to influence the presidential election, Microsoft said in a report released Wednesday.

Officials from several federal agencies are closely monitoring Iranian activities, a US official told CNN.

Searches of election-related websites took place in April but were only recently discovered by Microsoft analysts. Hackers also “conducted reconnaissance of major US media outlets” in May, according to Microsoft.

U.S. intelligence agencies have assessed that Iran attempted to stir up discord in the 2024 election, partly through hacking activities targeting former President Donald Trump’s campaign and partly by encouraging protests against the American policy towards Israel.

Microsoft analysts expect the Iranian hacking group to “increase its activity as the elections approach, given the group’s operational tempo and history of election interference,” the tech company said in its Wednesday report.

It is the latest sign of efforts by several Iranian, Russian and Chinese groups to influence or monitor the US elections in the final throes of the presidential campaign.

There is no evidence that the Iranians’ reconnaissance and investigation operations – which typically involve searching websites for vulnerabilities – escalated into attempts to hack those websites, sources close to the investigation. This activity does not threaten the integrity of the vote, which has multiple guarantees and controls.

But U.S. officials and private analysts worry that it could be another foreign-backed effort to amplify Americans’ concerns about voting. For example, hackers may leak publicly available voter registration data to try to convince people that they have access to more sensitive election systems.

The news comes a day after U.S. intelligence agencies released an assessment accusing Russian agents of creating and disseminating viral audio content on X that defamed Democratic vice presidential candidate Tim Walz and was amplified by right-wing personalities. U.S. intelligence officials also fear that Russia and Iran could use disinformation to try to foment violence in the days and weeks between Election Day and vote certification.

In September, a Russian group moved from Telegram to X, where its manipulated videos attacking Harris gained popularity, according to Microsoft. One such video used AI to falsely portray Harris making light of one of Trump’s assassination attempts and received tens of thousands of views on X, according to the report.

Microsoft analysts call the hacking group that searched election-related websites Cotton Sandstorm and believe it is run by Iran’s Islamic Revolutionary Guard Corps. Hackers have not yet launched an influence operation targeting the 2024 elections, according to Microsoft, but their history worries American officials.

The same Iranian group posed as the far-right group Proud Boys to attempt to intimidate voters during the 2020 election. In 2020, Iranian hackers also probed election-related websites in several states and, in one case, accessed voter registration data in an attempt to influence and undermine the U.S. presidential election.

Another IRGC-backed group hacked into documents held by Trump’s presidential campaign and leaked them to the media this summer.

China did not make a concerted effort to influence the presidential election, but targeted at least 10 congressional, state or local elections with covert social media campaigns, according to U.S. intelligence agencies.

Microsoft’s new report shows evidence of Chinese operatives seeking to aggressively denigrate Senate and House candidates with posts about X.

“I agree with the assessment that we should expect to see more from Iran, even if it’s unfortunate and ineffective like their 2020 efforts,” Chris Krebs, who was head of the Federal Cybersecurity and Infrastructure Security Agency in the 2020 elections.

“We continue to see – whether it’s the Iranians, the Russians or the Chinese – that information operations are more of a nuisance than a game changer,” Krebs said. “But they’re cheap, they’re scalable, and there aren’t a lot of consequences.”

American voters, Krebs said, “should expect a noisy news environment in the months ahead and not get drawn into the chaos.”