In a blog post on Tuesday, Microsoft warned that Russian hackers have been reportedly targeting U.S. officials in the government and other industries ahead of the presidential election since October 22.
The technology company’s threat intelligence team wrote that Midnight Blizzard, a Russian hacker group, has been sending a series of “highly targeted spear-phishing emails” to individuals working in the government, academia, defense, non-governmental organizations, and more.
Microsoft wrote that they believe the Russian hacking group’s aim is to collect intelligence. This announcement came just one week before the 2024 presidential election.

Cybersecurity advisories from the FBI and Cybersecurity and Infrastructure Security Agency regarding Iranian and Russian threats to the election in 2020. Microsoft has warned that Russian hackers are targeting government officials in spear-phishing campaigns.
Jon Elswick/Associated Press
Newsweek reached out to Microsoft and the Cybersecurity and Infrastructure Security Agency for comment via email outside of business hours.
Midnight Blizzard reportedly conducted a campaign in which spear-phishing emails were sent to “thousands of targets in over 100 organizations and contained a signed Remote Desktop Protocol configuration file that connected to an actor-controlled server.”
The company added that the Russian hackers attempted to “add credibility to their malicious messages by impersonating Microsoft employees” and referenced other “cloud providers.”
While Microsoft wrote that Midnight Blizzard’s targets do not differ from those they usually attack, the method in which they conducted the attack and gained access to the targets’ devices is new.
Microsoft also reported that overlapping activity has been reported by the Government Computer Emergency Response Team of Ukraine and Amazon.
The technology company said Midnight Blizzard is a “Russian threat actor attributed by the United States and United Kingdom governments to the Foreign Intelligence Service of the Russian Federation, also known as the SVR.”
Microsoft reported that the hacker group primarily targets governments, diplomatic entities, non-governmental organizations and IT service providers in the U.S. and Europe, and its efforts can be traced back to 2018.
Midnight Blizzard’s primary interest is to collect intelligence through espionage of foreign interests.
Spear phishing is when an individual collects information, on the internet or otherwise, on another individual in order to write a personalized email to trick the person they are attempting to target.
The motivation for spear phishing is typically to trick people into giving away sensitive information or downloading malware, according to IBM.
Microsoft’s news of Russia’s hacking attempts comes shortly after U.S. intelligence accused Russia of spreading disinformation about Democratic Vice Presidential candidate Tim Walz.
Russians were spreading disinformation about Walz regarding his time working as a teacher and circulating a faked video with abuse allegations, according to an official with the Office of the Director of National Intelligence.
U.S. officials said the dissemination of disinformation about Walz is part of a concerted effort by Russia to target Vice President Kamala Harris and possibly attempt to instigate violent protests after November 5.
The U.S. official also said that, in spreading disinformation, Russia is “potentially seeking to stoke threats towards poll workers, as well as amplifying protests and potentially encouraging protests to be violent.”
In a report on October 23, Microsoft noted that the Microsoft Threat Analysis Center observed “sustained influence efforts by Russia, Iran, and China aimed at undermining U.S. democratic processes” through cyber-influence operations.
Do you have a story we should be covering? Do you have any questions about this article? Contact LiveNews@newsweek.com.







