Iranian Hackers Targeted Presidential Campaign, Microsoft Says

Spread the love

SAN FRANCISCO — Iranian hackers targeted hundreds of email accounts associated with at least one presidential campaign, as well as those of American journalists and current and former United States government officials, according to Microsoft.

In a report released on Friday, Microsoft said the hackers, with apparent backing from Iran’s government, made more than 2,700 attempts to identify the email accounts of current and former government officials, journalists covering political campaigns and accounts associated with one major presidential campaign.

Microsoft would not name the campaign.

The revelation comes as the Trump administration is weighing a possible cyberstrike against Iran, to punish Tehran for what White House officials charge was an Iranian attack on Saudi oil facilities last month.

The report is also an indication that cyberattacks may play a major role in the 2020 presidential campaign, as they did four years ago.

The Microsoft researchers said the hackers tried to attack 241 accounts and were successful in four cases, using fairly unsophisticated means. In those cases, the hackers appear to have used information available about their victims online to discover their passwords. It was unclear what information they managed to steal.

Earlier this week, security executives at the Democratic National Committee warned staff in an email that Iranian hackers may be targeting their email accounts with so-called spearphishing attacks, in which hackers try to lure their target into clicking on malicious links or attachment. That link can give attackers a foothold into a computer network.

The hackers were also believed to be interfering with an additional security feature known as two-factor authentication — a common security method that asks for additional credentials beyond a password — and were creating fake LinkedIn personas to make their email lures more believable.

Following Russia’s interference in the 2016 presidential campaign, Democrats have repeatedly warned their Republican counterparts that election interference cuts both ways, and that state-sponsored hackers may not always seek to help the Republican candidate. To date, Senator Mitch McConnell, the Senate majority leader, has refused to bring any election security bills to the floor.

Other cybersecurity firms said they are also witnessing what appear to be the beginning stages of several different nation-state cyberattacks on American political campaigns.

Oren Falkowitz, the chief executive officer at Area 1, a Silicon Valley security company that is helping presidential and Senate candidates block phishing attacks, said Area 1 is witnessing cyberattacks against candidates across the political spectrum.

“We’ve already seen attacks on several campaigns and believe the volume and intensity of these attacks will only increase as the election cycle advances toward Election Day,” Mr. Falkowitz said in an interview.

In July, Tom Burt, Microsoft’s corporate vice president, told an audience at the Aspen Security Conference that Microsoft had evidence that Russian, Iranian and North Korean hackers have been the most active nations conducting cyberattacks.

Mr. Burt said Russian, Iranian and North Korean hackers had been targeting nongovernmental organizations and think tanks that work closely with U.S. political campaigns. He added that in the race to infiltrate the inboxes of American political operatives and campaigns, Chinese hackers have been notably quiet.

This is a breaking story and will be updated.