Microsoft says Iran tried to hack Democratic 2020 campaign
Hackers linked to the Iranian government targeted US government officials and at least one 2020 US presidential campaign, according to evidence gathered by Microsoft, the technology company.
In a blog post on Friday, Tom Burt, Microsoft’s corporate vice-president for customer security and trust, said that a hacking group linked to Tehran made more than 2,700 attempts in September to identify the email accounts of Microsoft customers that included an unnamed presidential campaign, current and former US government officials, and journalists covering global politics.
The hacker group, dubbed Phosphorous, went on to attack 241 accounts, although only four of the accounts were compromised as a result, Mr Burt said. The compromised accounts were “not associated with the US presidential campaign or current and former US government officials”, he added.
The discovery comes at a sensitive time as cyber security and government officials increase efforts to prevent interference in next year’s US election, after Russia was found to have meddled in the last vote in 2016.
Robert Mueller, former special counsel, charged 12 Russian intelligence officers with hacking Hillary Clinton’s campaign and the Democratic National Committee during the 2016 campaign.
Social media groups such as Facebook and Twitter recently removed disinformation campaigns originating from Iran, China and Russia.
Microsoft researchers found that Phosphorous had tried to gather personal information about their targets, such as phone numbers, to “game password reset or account recovery features and attempt to take over [their accounts]”.
While the attacks were “not technically sophisticated”, Microsoft suggested the group was “highly motivated and willing to invest significant time and resources engaging in research and other means of information gathering”.
The company said it had secured the accounts that were attacked, and notified customers who were targeted by the hackers.