Iran Government-Linked Hacker Targets Campaign
On Friday Oct. 4, Microsoft disclosed details regarding a hacker linked to the Iran government whom attempted to target email addresses belonging to a 2020 U.S. presidential campaign online.
The company revealed that the hacker made over 2,700 attempts to gain access to the emails of a 2020 U.S. presidential campaign, government officials, journalists and prominent Iranians living abroad. The information also stated that only four accounts were breached by the hacking group it calls “Phosphorus.”
“Microsoft has notified the customers related to these investigations and threats and has worked as requested with those whose accounts were compromised to secure them,” said Tom Burt, Microsoft vice president for customer security and trust, in a blog post.
Microsoft confirmed that the four compromised emails did not belong to any accounts associated with a presidential campaign or current U.S. government officials. A spokesman for the company declined to identify which campaigns or individuals Phosphorous targeted. The Iranian hackers sought access to a secondary email tied to the target’s Microsoft account, which they could use to prompt a password reset and break in, the company said.
“While the attacks we’re disclosing today were not technically sophisticated, they attempted to use a significant amount of personal information both to identify the accounts belonging to their intended targets and in a few cases to attempt attacks,” Burt wrote in the same post.
A campaign spokesman for President Donald Trump’s reelection campaign comment on whether it was targeted in the newly revealed Iran-linked attack.
“We never comment on cybersecurity,” said Tim Murtaugh, a Trump campaign spokesman.
Campaign officials on former Vice President Joe Biden’s and Sen. Bernie Sanders’ teams declined to comment, citing policies of not discussing security matters.
Ian Sams, a spokesman for the campaign of Democratic White House Kamala Harris, said the campaign has received “no indication that our campaign is the one Microsoft referenced or that we have been targeted by this attack. We have taken appropriate steps since the beginning of our campaign to protect ourselves against hacking attempts and will continue to do so.”
US politicians are a prime target for cyberattacks as the 2020 presidential election approaches. Microsoft said they decided to publicize the hack because they felt it’s increasingly important for the government and private sector to be transparent about nation-state attacks and attempts to disrupt democratic processes. They followed by adding that publishing the information would help other organization’s associated with election processes to be more attentive.