Trump re-election campaign targeted by Iran-linked hackers: sources
Send a link to a friend
 [October 05, 2019]
By Christopher Bing and Raphael Satter
(Reuters) - A hacking group that appears to
be linked to the Iranian government attempted to break into U.S.
President Donald Trump's re-election campaign but were unsuccessful,
sources familiar with the operation told Reuters on Friday.
Microsoft Corp <MSFT.O> said earlier on Friday in a blog post http://bit.ly/2ngs5bZ
that it saw "significant" cyber activity by the group which also
targeted current and former U.S. government officials, journalists
covering global politics and prominent Iranians living outside Iran.
Trump's official campaign website is the only one of the remaining major
contenders' sites that is linked to Microsoft's cloud email service,
according to an inspection of publicly available mail exchanger records.
"We have no indication that any of our campaign infrastructure was
targeted," said Trump campaign Director of Communications Tim Murtaugh.
In a 30-day period between August and September, the group, dubbed
"Phosphorous" by Microsoft, made more than 2,700 attempts to identify
consumer email accounts belonging to specific customers and then
attacked 241 of those accounts.
"Four accounts were compromised as a result of these attempts; these
four accounts were not associated with the U.S. presidential campaign or
current and former U.S. government officials," the blog post said.
Nineteen Democrats are seeking their party's nomination to run for
president in the November 2020 election. Three Republicans have
announced their candidacy to challenge Trump in the party's nominating
contest.
Microsoft's blog post did not identify the election campaign whose
network was targeted by Phosphorous hackers, but sources told Reuters
the target was Trump's re-election effort.
The FBI did declined to comment.
Chris Krebs, director of the Homeland Security Department's election
security division, known as CISA, said he was aware of the Microsoft
report. In a statement, Krebs called it "yet more evidence that our
adversaries are looking to undermine our democratic institutions."
Hacking to interfere in elections has become a concern for governments,
especially since U.S intelligence agencies concluded that Russia ran a
hacking and propaganda operation to disrupt the American democratic
process in 2016 to help then-candidate Trump become president. Moscow
has denied any meddling.
Tensions between the United States and Iran have risen since May 2018,
when Trump withdrew from a 2015 international nuclear accord with Tehran
that put limits on its nuclear program in exchange for easing of
sanctions. Trump has since reinstated U.S. sanctions, increasing
pressure on the Iranian economy, including its oil trade.
[to top of second column]
|
President Donald Trump addresses a Trump 2020 re-election campaign
rally in Montoursville, Pennsylvania, U.S. May 20, 2019.
REUTERS/Carlos Barria/File Photo
The Iranian government did not issue any immediate comment through
state-run media on Microsoft's statement.
John Hultquist, director of intelligence at cybersecurity firm
FireEye Inc, said the particular Iranian group named in the attempts
had been conducting “high-volume operations” aimed at harvesting
credentials for online accounts.
Phosphorus is also known by APT 35, Charming Kitten, and Ajax
Security Team.
Redmond, Washington-based Microsoft said Phosphorous used
information gathered from researching their targets or other means
to game password reset or account recovery features and attempt to
take over some targeted accounts.
The attacks were not technically sophisticated, Microsoft said.
"This effort suggests Phosphorous is highly motivated and willing to
invest significant time and resources engaging in research and other
means of information gathering," the blog said.
Federal Election Commission records show that the Trump campaign has
spent tens of thousands of dollars on Microsoft products and
software.
Microsoft has been tracking Phosphorus since 2013 and said in March
that it had received a court order to take control of 99 websites
the group used to execute attacks https://bit.ly/2TDKee1.
A computer network used by 2016 Democratic presidential candidate
Hillary Clinton's campaign https://in.reuters.com/article/usa-cyber-democrats-investigation-idINKCN10B033
was hacked in a cyberattack on Democratic Party political
organizations.
Big tech companies are under pressure to ramp up security for next
year's U.S. elections and others around the world.
Companies including Facebook Inc <FB.O>, Alphabet Inc's Google <GOOGL.O>,
Microsoft and Twitter Inc <TWTR.N> met with U.S. intelligence
agencies earlier in September to discuss security strategies.
(Reporting by Christopher Bing, Raphael Satter, Akanksha Rana,
Vibhuti Sharma; Writing by Grant McCool; Editing by Jonathan Oatis
and Daniel Wallis)
[© 2019 Thomson Reuters. All rights
reserved.]
Copyright 2019 Reuters. All rights reserved. This material may not be published,
broadcast, rewritten or redistributed.
Thompson Reuters is solely responsible for this content. |
