Microsoft says Iranian hackers targeted presidential candidate's campaign

Share

Microsoft said it has seen "significant cyber activity" by a hacker group with suspected ties to Iran.

Tim Murtaugh, spokesman for Trump's 2020 reelection campaign, said there was "no indication that any of our campaign infrastructure was targeted".

Still, recent technology developments like increasingly realistic "deepfake" or otherwise manipulated videos have many cybersecurity experts concerned about how hackers might be able to manipulate public perception.

On Sept. 27 it was announced that hackers thought to be linked to Iran were targeting servicemen and veterans, trying to infiltrate military networks. And a Trump administration official said in June that Russia, China, and Iran are already trying to manipulate US public opinion before 2020. This, after President Trump angered that foreign nation's leadership by pulling out of a 2015 deal meant to curb Iran's nuclear ambitions and ramping up sanctions.

The most notable activity came from threat actors such as "Holmium and Mercury operating from Iran, Thallium operating from North Korea, and two actors operating from Russian Federation we call Yttrium and Strontium". In May, for example, Facebook and Twitter said they had removed a sprawling Iranian-based propaganda operation, including accounts that mimicked Republican congressional candidates and appeared to try to push pro-Iranian political messages on social media.

In June, Krebs told The Washington Post that "Iranian hackers and their proxies "are not just garden-variety run-of-the-mill data thieves", he said".

The U.S. Department of Homeland Security said it was working with Microsoft to "assess and mitigate impacts".

The director of the department's Cybersecurity and Infrastructure Security Agency, Chris Krebs, said Microsoft's claims that a presidential campaign was targeted is "yet more evidence that our adversaries are looking to undermine our democratic institutions".

Kevin Durant, Kyrie Irving get shots up at Nets facility
I worked with Adam in a critical part of my career (with the Thunder) when I was transitioning to a different player. I didn't take the necessary steps to get counseling or get therapy to deal with somebody that close to me dying.

Companies including Facebook Inc, Alphabet Inc's Google, Microsoft and Twitter Inc met with USA intelligence agencies earlier in September to discuss security strategies.

Microsoft's Threat Intelligence Center (MSTIC) linked the attacks to a group the company calls Phosphorous (other names are APT35, Charming Kitten, and the Ajax Security Team).

It was not clear what information - if any - had been taken in the attack on the Trump campaign, according to the two people, who were not allowed to publicly discuss the investigation. "They create believable spear phishing emails and fake LinkedIn profiles as primary tactics", Bob Lord, the DNC's security Chief, wrote in the alert obtained by CNN.

"Phosphorous used information gathered from researching their targets or other means to game password reset or account recovery features and attempt to take over some targeted accounts", Burt said.

Microsoft did not say what campaign was targeted but said it had informed those targeted. Bernie Sanders said the campaign doesn't comment on matters of technical security.

The company described the attacks in a blog post on Friday.

A computer network used by 2016 Democratic presidential candidate Hillary Clinton's campaign was hacked in a cyberattack on Democratic Party political organizations in that US election.

Share