The Microsoft Threat Analysis Center (MTAC) published its fifth election report (PDF) on Wednesday, highlighting recent online activity from Russia, Iran, and China ahead of the upcoming U.S. presidential election. As the report’s section on China notes, however, the influence operations it has attributed to Chinese actors look beyond the presidency itself:
Chinese influence operations have recently taken a new turn shifting focus to several downballot candidates and members of Congress. In one case, Chinese influence actor Taizi Flood conducted a small-scale campaign denigrating a Republican candidate up for re-election while promoting the candidate’s Democratic opponent.
[…] Starting in July 2024 and accelerating in September 2024, the Chinese Ministry of Public Security-linked influence actor Microsoft tracks as Taizi Flood (a.k.a. “Spamouflageâ€) launched campaigns critical of several Republican politicians including candidates up for election this November. The candidates for seats in both the House and the Senate have all publicly denounced the People’s Republic of China (PRC), making them attractive targets of Chinese influence operations.
At least one Taizi Flood asset targeted Representative Barry Moore, running for election in Alabama’s Second Congressional District, in content criticizing Moore’s support of Israel. The Taizi Flood posts about Moore frequently used antisemitic language. The posts received engagement from legitimate online users and were further amplified by other Taizi Flood assets online. At the same time, roughly two dozen Taizi Flood accounts posted various narratives accusing Senator Marco Rubio of corruption and connecting Rubio to criticisms made about the Harris-Walz campaign. MTAC has observed Chinese influence operations targeting Senator Rubio intermittently since the lead up to the 2022 midterm elections.
[…I]nfluence actors from all three authoritarian regimes—Russia, Iran, and China—may seek to sow doubt about the integrity of the election’s outcome. As MTAC observed during the 2020 presidential cycle, foreign adversaries will amplify claims of election rigging, voter fraud, or other election integrity issues to sow chaos among the U.S. electorate and undermine international confidence in U.S. political stability. [Source] (PDF)
The Microsoft report echoes a warning on Tuesday from the U.S. Office of the Director of National Intelligence. From Jonathan Landay and Patricia Zengerle at Reuters:
“Foreign actors, particularly Russia, Iran and China, remain intent on fanning divisive narratives to divide Americans and undermine Americans’ confidence in the U.S. democratic system. These activities are consistent with what these actors perceive to be in their interests, even as their tactics continue to evolve,” said one official from the Office of the Director of National Intelligence (ODNI).
[…] But U.S. intelligence has not seen collaboration between Russia, China and Iran in election influence activities, the officials said. And, while foreign actors might seek to disrupt the process on Election Day, feeding discontent, the voting system is secure enough that they could not alter the outcome.
[…] A declassified memorandum released after the briefing by the National Intelligence Council (NIC) – the top U.S. intelligence analytical body – warned that foreign operatives almost certainly will amplify false post-vote claims of election irregularities.
[…] China has no intention of interfering in the election and hopes that whoever wins “will be committed to growing sound and stable China-U.S. ties,” a Chinese embassy spokesperson said in an email. [Source]
Microsoft’s focus on Republican targets is consistent with recent reports that, following an alleged Chinese cyberattack on U.S. telecommunications systems, the phones of Republican candidates Donald Trump and J.D. Vance may have been targeted. But Democrats were also reportedly targeted in this breach, and earlier reports from Microsoft and others have suggested that China’s activities do not appear to be driven by partisan preference (PDF). From MTAC’s fourth election report, dated September 17:
A Chinese-linked influence actor Microsoft tracks as Storm-1852 successfully pivoted to shortform video content that criticizes the Biden administration and Harris campaign before some of its assets disappeared from social media following reports of its activity. While most Storm1852 personas masquerade as conservative US voters voting for Trump, a handful of accounts also create anti-Trump content and use political slogans and hashtags associated with American progressive politics. Storm-1852 personas respond quickly to political eventsmuch more nimbly and effectively than China-linked actor Taizi Flood, which relies on massive cross-platform campaigns. Instead, Storm-1852 prioritizes cultivating an audience by reposting content, replying to comments, polling users, and organizing “follow trains.†This hands-on, interactive approach makes this actor more agile in influencing public conversations. Directly after the first attempted assassination of former President Trump, Storm-1852 accounts began live re-posting content from influencers and commentators alleging Democrats’ involvement and released original short-form videos edited from news footage four to five hours later. Still, Storm-1852 operators do not appear interested in supporting a particular candidate—rather, they likely intend to seed doubt and confusion among American voters ahead of the 2024 presidential election. [Source] (PDF)