Chinese and North Korean actors are probably going to focus on upcoming elections in the United States, India and South Korea, according to a recent report from Microsoft is warning.
The Microsoft Threat Analysis Center (MTAC). The report warns that the cyber and influence capabilities of these two countries are increasing.
The report states that China will create and spread AI-generated content favorable to their positions in the elections, while North Korea is expected to engage in more advanced cryptocurrency heists and supply chain attacks on the defense sector to finance its regime and develop new military capabilities.
The report points out the growing effectiveness and reach of influence operations by groups reportedly linked to China against adversaries and allies in the Asia-Pacific region and the United States.
The groups' efforts involve using artificial intelligence-generated photos to deceive people and spread conspiracy content, especially targeting the U.S. government.
Similar tactics have been used in campaigns to sow divisions within the United States and worsen tensions in the Asia-Pacific region—including Taiwan, Japan, and South Korea.
The document also mentions a Canadian report about AI videos falsely depicting Chinese dissidents in Canada criticizing the Canadian government.
Microsoft's report mentions 'sockpuppet' social media accounts, which impersonate U.S. voters from different political persuasions and share politically motivated infographics or videos, often asking followers if they agree with a specific topic.
The Microsoft report states that this tactic could be aimed at increasing engagement or gathering intelligence about key voting demographics.
Microsoft observed a Chinese-based group called 'Nylon Typhoon' compromising government entities in Portugal, France, Spain, Italy, and the United Kingdom.
The most active group associated with the Chinese Communist Party that uses AI content is 'Storm-1376,' also known as 'Spamouflage' or 'Dragonbridge.' Their influence operations extend across more than 175 websites and 58 languages.
MTAC claims that Storm-1376 shared AI-generated clips falsely showing a candidate in Taiwan's presidential election endorsing another candidate during last year's election.
The report's authors write that the voice in the recordings is likely AI-generated as the candidate never made such a statement.
Storm-1376 also posted videos with AI-generated news anchors, created using software from ByteDance, the Chinese company that owns TikTok, to create videos falsely claiming, for instance, that a winning candidate had mistresses and illegitimate children.
China asserts authority over the independent nation of Taiwan.
Storm-1376 also took advantage of the opportunity to spread conspiracy theories, according to the report.
The group amplified narratives on social media falsely alleging the U.S. government started the deadly 2023 Hawaii wildfires.when it was caused by power lines).
MTAC states that Storm-1376 also started a big and aggressive campaign criticizing the Japanese government after Tokyo started releasing radioactive wastewater into the Pacific Ocean, claiming the water was unsafe (though the International Atomic Energy Agency and experts say it is).
The group also spread anti-U.S. government conspiracy theories and highlighted voter division after a train derailed in Kentucky in November 2023, according to Microsoft. (The Associated Press reported a failed wheel bearing caused it).
Another group called Storm-0062 focused on compromising U.S. defence-related government entities, the report states, including contractors tied to aerospace and natural resources critical to American national security.
“Additionally, Storm-0062 repeatedly targeted military entities in the United States; however, it is unclear whether the group was successful in its attempted compromises.”
The report claims the impact from Chinese government-affiliated groups to sway people remains low but it could prove effective in the future.
And it delves into North Korean cyber activities, stating North Korean cyber threat actors “stole hundreds of millions of dollars in cryptocurrency” which generated money for the country’s weapons program.
Microsoft alleges North Korean hackers stole nearly $50 million from an Estonia-based cryptocurrency firm in June 2023 and $170 million from a Singapore-based cryptocurrency platform in July of that year.
Another Pyongyang-linked group compromised “hundreds of victims in various industries in the United States and European countries including the United Kingdom, Denmark, Ireland, and Germany.”
– with files from Global News’ David Akin and Eric Stober and The Associated Press
