A new report from Microsoft’s Threat Analysis Center (MTAC) warns that Chinese and North Korean actors are likely to target upcoming elections in the United States, India, and South Korea. The report highlights the growing cyber and influence abilities of these countries, with China expected to use AI-generated content to benefit its positions in elections, while North Korea is predicted to engage in cryptocurrency heists and supply chain attacks to fund its regime and military capabilities. The report also mentions the increasing effectiveness of influence operations by groups connected to China against rivals and allies in the Asia-Pacific region and the United States, including using AI-generated photos and videos to mislead audiences.
Microsoft’s report mentions the use of “sockpuppet” social media accounts by Chinese-based groups, which impersonate U.S. voters to post politically motivated content and gather intelligence around key voting demographics. The report also identifies specific Chinese-based groups such as “Nylon Typhoon” and “Storm-1376” that have compromised government entities in multiple countries, including spreading AI-generated content to influence elections. Storm-1376, in particular, was involved in spreading false information about a candidate in Taiwan’s presidential election, as well as spreading conspiratorial narratives about incidents such as the deadly 2023 Hawaii wildfires and Tokyo releasing radioactive wastewater.
In addition to Chinese influence operations, the report also delves into North Korean cyber activities, stating that North Korean threat actors have stolen hundreds of millions of dollars in cryptocurrency to fund the country’s weapons program. North Korean hackers were reportedly involved in stealing money from cryptocurrency firms in Estonia and Singapore, as well as compromising victims in various industries in the United States and European countries. The report raises concerns about the potential impact of these cyber activities and the effectiveness of Chinese influence operations on swaying people, although the current impact remains low.
The report also highlights the spread of anti-U.S. government conspiracy theories by Chinese-based groups, as well as criticism of the Japanese government for releasing radioactive wastewater into the Pacific Ocean. These groups also capitalized on events such as the deadly train derailment in Kentucky, spreading false narratives and highlighting voter division. Another Chinese group, Storm-0062, focused on compromising U.S. defense-related government entities and contractors tied to aerospace and natural resources critical to American national security. The report suggests that while the impact of these Chinese government-affiliated groups remains low, they could prove to be more effective in the future.
Overall, the report from Microsoft’s MTAC raises concerns about the growing cyber and influence capabilities of Chinese and North Korean actors targeting upcoming elections in the United States, India, and South Korea. The report highlights specific tactics used by these actors, such as AI-generated content and cryptocurrency heists, as well as the spread of misinformation and conspiracy theories to influence public opinion. While the current impact of these activities may be low, the report warns that they could become more effective in the future and underscores the need for continued vigilance and cybersecurity measures to protect against foreign influence operations.
