How Iran-linked Hackers Tried to Compromise a Presidential Campaign

This post was originally published on this site

A group of hackers linked to the Iranian government tried to infiltrate email accounts belonging to a U.S. presidential campaign, Microsoft disclosed on Friday.

Microsoft didn’t name the campaign that was targeted. The news, however, immediately drew comparisons to the Russian hacking attack on Hillary Clinton’s campaign in 2016 that led to the public release of email from her campaign chairman and others.

Microsoft’s threat-tracking group noticed “significant cyber activity” from a hacking group that “originates from Iran and is linked to the Iranian government,” Tom Burt, vice president of customer security and trust, wrote in a blog post.

The attempts against the campaign were unsuccessful, but the hackers also targeted current and former government officials, journalists covering global affairs, and prominent Iranians living in the United States, according to the blog post. Microsoft said the hacking group, which is nicknamed Phosphorus, successfully accessed four accounts, though none belonging to current or former government officials.

During a 30-day period between August and September, Phosphorus made more than 2,700 attempts to identify specific email accounts belonging to Microsoft customers. The group then tried to attack 241 of those accounts, according to the post.

The hackers gathered additional information on their targets, such as phone numbers and secondary email accounts, and used that knowledge to “game password reset or account recovery features and attempt to take over some targeted accounts,” Burt wrote.

“While the attacks we’re disclosing today were not technically sophisticated, they attempted to use a significant amount of personal information both to identify the accounts belonging to their intended targets and in a few cases to attempt attacks,” Burt wrote. “This effort suggests Phosphorous is highly motivated and willing to invest significant time and resources engaging in research and other means of information gathering.”

U.S. intelligence and cybersecurity experts have warned that nation states are actively trying to hack campaigns and the voting infrastructure for the 2020 presidential election. While Russia has been at the forefront of hacking concerns, an intelligence assessment in January also warned that China and Iran may seek to influence the 2020 elections.