An
Iranian hacking group
, identified by
Microsoft
as “
Cotton Sandstorm
” and linked to Iran’s
Islamic Revolutionary Guard Corps
is conducting reconnaissance on US election-related websites and media outlets as the upcoming election nears, Microsoft revealed in a blog post on Wednesday.
The group has been observed probing several “election-related websites” in unnamed
swing states
and scanned vulnerabilities in a US news outlet in May, according to researchers.
The activity is seen as potential preparation for direct influence operations. “Cotton Sandstorm will increase its activity as the election nears given the group’s operational tempo and history of
election interference
,” Microsoft researchers stated. The group’s previous efforts to interfere in US elections have raised concerns about a repeat attempt.
In response to these accusations, a spokesperson for Iran’s mission to the United Nations dismissed the allegations as “fundamentally unfounded, and wholly inadmissible,” further stating that “Iran neither has any motive nor intent to interfere in the
US election
.”
Cotton Sandstorm, previously known for cyber-enabled influence operations, attempted to sway the 2020 US presidential election by posing as the far-right group “
Proud Boys
” and threatening Florida voters through emails. The group also released a video, claiming to be hacktivists, showing a probe of an election system, which aimed to create chaos and undermine confidence in the election process.
Although no direct tampering with voting systems occurred in 2020, the group’s goal was to spread confusion and doubt. Following the election, Cotton Sandstorm also launched a campaign encouraging violence against US election officials who dismissed claims of widespread voter fraud.
US federal agencies, including the Office of the Director of National Intelligence, are coordinating efforts to defend the election from
foreign interference
, though the office did not immediately respond to requests for comment.
