According to a recent finding by Microsoft, Iran attempted a “highly motivated” hack of a U.S. presidential campaign, highlighting the vulnerability of email accounts as the 2020 elections loom.
Microsoft said a group known as “Phosphorus,” which the company believes is linked to the Iranian government, made around 2,700 attempts to target customer email accounts, attacked 241 of these accounts between August and September, and compromised four.
The New York Times reported that “two people with knowledge of the hacking” said it was President Donald Trump’s campaign.
On Tuesday a bipartisan group of U.S. senators urged Trump to warn the public about efforts by foreign governments to interfere in U.S. elections and take steps to thwart attempts by hostile nations to use social media to meddle in the 2020 presidential contest, reported the AP.
The recommendations came in an 85-page report issued by the Senate Intelligence Committee, which has been investigating Russia’s effort to interfere in the 2016 election. The senators described the social media activities of the Kremlin-backed Internet Research Agency in 2016 as part of a “broader, sophisticated, and ongoing information warfare campaign designed to sow discord in American politics and society.”
Microsoft discovered that in addition to U.S. officials and the presidential campaign, the threat group also targeted accounts belonging to journalists covering global politics and to Iranians living outside of Iran, according to The Hill.
“While the attacks we’re disclosing today were not technically sophisticated, they attempted to use a significant amount of personal information both to identify the accounts belonging to their intended targets and in a few cases to attempt attacks,” Tom Burt, corporate vice president of Customer Security and Trust at Microsoft, wrote in the blog post.
“This effort suggests Phosphorus is highly motivated and willing to invest significant time and resources engaging in research and other means of information gathering.”
Microsoft’s report is the latest indication that “cyberattacks and influence campaigns against political candidates are likely to accelerate heading into 2020,” The New York Times reported.
In 2016, Russian hackers infiltrated the computer networks of Democrats and Republicans, focusing on the emails of John D. Podesta, Hillary Clinton’s campaign chairman.
Most of the Podesta emails were obtained by WikiLeaks, which published more than 20,000 pages of emails in October and November 2016.
The email security firm Agari released a report saying the 2020 candidates are not ready to withstand cyber attacks.
“With the 2020 presidential primary season rapidly taking shape, analysis from the Agari research team finds 85% of the top candidates
spanning both parties continue to rely on vulnerable email accounts that put their staff at risk from the same kind of phishing attacks that
helped derail Hilary Clinton’s 2016 presidential bid,” the firm said.
“As this cycle gains speed, campaigns and their ever-changing ecosystems of advisors, pollsters, and policy analysts will only make easier targets for email attacks launched by nation-states and other operatives.”
Tom Burt of Microsoft said they notified the public of the Iranian group’s activities because “it is important that we all—governments and private sector—are increasingly transparent about nation-state attacks and efforts to disrupt democratic processes.”
Microsoft said it “strongly encouraged” all customers to enable two-step verification on their email accounts, and to periodically check the login history for their accounts, particularly if the individual is a journalist or a staffer for a political campaign.
The targeting of U.S. accounts by the Iranian threat group follows a ratcheting up of tensions between the two countries, in the wake of the U.S. blaming Iran for attacking two Saudi Arabian oil facilities last month.
Whether it’s the campaigns of presidential candidates or the U.S. government itself, some say the country is simply not prepared to withstand sophisticated hackers from certain nation-states.
On Tuesday, Michelle Van Cleave, head of U.S. counterintelligence under President George W. Bush, wrote in Politico, “In all the reports and hearings over the past 2½ years, no one has identified the real problem: U.S. counterintelligence is not set up to preempt foreign intelligence operations directed against the United States. If the government doesn’t empower U.S. counterintelligence to go on offense, we are destined to remain on our back feet.”