A group of hackers believed to be linked to the government of Iran tried to access email accounts associated with a U.S. presidential campaign,Microsoft announced Friday.
The company said that it had seen “significant cyberactivity” from a group of hackers that it believes “originates from Iran and is linked to the Iranian government. “
Microsoft said that its threat-tracking operation found the group attacked 241 email accounts associated with current and former US government officials, journalists, prominent Iranians outside Iran and one U.S. presidential campaign. Microsoft did not name the campaign that was targeted.
The company said that the attack on the campaign was unsuccessful but that the hackers were able to access four accounts not associated with the campaign or the current and former government officials.
Tom Burt, vice president of customer security and trust for Microsoft, wrote in a blog post that the Iran-linked group, which the company refers to by the name Phosphorous , gathered information about people in an attempt to trick them into falling for phishing schemes, in which the group attempted to use password reset or account recovery features to take over accounts.
“While the attacks we’re disclosing today were not technically sophisticated, they attempted to use a significant amount of personal information both to identify the accounts belonging to their intended targets and in a few cases to attempt attacks, “Burt wrote. “This effort suggests Phosphorous is highly motivated and willing to invest significant time and resources engaging in research and other means of information gathering.”
Chris Krebs, director of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, said CISA was working to determine the severity of the attack.
“CISA is aware of the report from Microsoft about Iranian actors targeting US accounts and we are working with them to assess and mitigate impacts, “Krebs said.” While much of this activity can likely be attributed to run-of-the-mill foreign intelligence service work, Microsoft’s claims that a presidential campaign was targeted is yet more evidence that our adversaries are looking to undermine our democratic institutions. “
US intelligenceas well asindependent cybersecurity expertshave said that they expect a variety of hacking attempts aimed at aspects of the 2020 US election, including campaigns and voting infrastructure.
While Russia remains a fixture of election security concerns, other nations have also emerged as legitimate threats. In January, then –Director of National Intelligence Dan Coatswarned that numerous countries – including China and Iran – are poised to try to influence American politics and that they are expected to be honing their tactics and coming up with new exploits.
Among the most significant elements of efforts to interfere in the 2016 election can be traced back to a single email account break- in. Hillary Clinton campaign chairmanJohn Podesta’s personal email accountwas hacked, with many of his emails laterreleased by Wikileaks.
Former special counsel Robert Muellerconcluded in his report on Russia’s 2016 election interferenceefforts that the emails were transmitted from a Russian-government proxy to a third party, which eventually gave them to Wikileaks.
Theresa Payton, CEO of cybersecurity firm Fortalice Solutions and a former White House chief information officer, saidrecent US sanctionshad increased the likelihood of cyberattacks from Iran.
“We shouldn’t be surprised that Phosphorus and other groups linked to Iran are ramping up their efforts,” Payton said in an email. “Iran has been developing its cybercapabilities for more than a decade. Now that the US has imposed sanctions against Iran and tensions are mounting in the region, they have nothing to lose.”
While phishing attacks are not new, they remain amongthe most effective waysto penetrate secure systems. Their effectiveness also means they remain acommon form of cyberattack.
Despite widespread agreement that foreign adversaries will attempt to influence the election, the US government has been slow to approve the funding necessary to helplocal jurisdictionsprepare for 2020. In September, Senate Majority Leader Mitch McConnell reversed course and announcedsupport for an appropriations billthat would earmark $ 250 million for election security.
But the United States has also been reticent under President Donald Trump to join international efforts to address cybersecurity issues. The U.S.did not sign on to the Paris Call for Trust and Security in Cyberspace, which received support from more than 50 countries and 130 private companies and groups.
In the blog post, Burt urged “all governments, companies and advocacy groups” to consider joining the agreement, as well as the Cybersecurity Tech Accord, another public cybersecurity commitment signed by more than
“These are two important initiatives that aim to keep the internet safer from the types of malign activity we’re discussing today,” he wrote.
Jason Abbruzzese is the senior editor for technology news at NBC News Digital.
GIPHY App Key not set. Please check settings