Microsoft’s findings come just two weeks after the director of national intelligence, John Ratcliffe, declared that he would no longer let intelligence agencies give detailed, in-person briefings about election interference to Congress. He said the restrictions were because of leaks.
The company’s decision to publish its findings as the presidential campaign enters its final eight weeks underscored the futility of Mr. Ratcliffe’s effort: Firms like Microsoft and Google, because they sit atop global networks, have a front-seat view of suspicious activity, and increasing motivation to make it public to warn their customers. The result, inevitably, is a tumble of reports from the private sector, which intelligence officials will be forced, one way or another, to assess along with their own findings.
In a statement, Christopher Krebs, who directs the Cybersecurity and Infrastructure Security Agency at the Department of Homeland Security, said, “We are aware that Microsoft detected attempts to compromise email accounts of people and organizations associated with the upcoming election.”
Mr. Krebs noted that “none are involved in maintaining or operating voting infrastructure and there was no identified impact on election systems.” He also said that the company’s “announcement is consistent with earlier statements by the intelligence community on a range of malicious cyberactivities targeting the 2020 campaign and reinforces that this is an all-of-nation effort to defend democracy.”
Mr. Krebs, who was a Microsoft executive before joining the Trump administration, said his agency was releasing on Thursday “guidance for improving cyberdefenses against account compromise attacks.”
There is no question that Microsoft’s assessment complicates the administration’s narrative that China poses a graver threat to U.S. elections than Russia, as both the national security adviser, Robert C. O’Brien, and Attorney General William P. Barr said in interviews last week.
In fact, the report concludes that the Russian military intelligence unit has only accelerated its attacks, even after a series of financial sanctions, indictments of Russian intelligence officers and retaliatory cyberstrikes by the United States Cyber Command ahead of the 2018 midterm elections.