SEATTLE - An effort believed to be tied to the Iranian government attempted to identify, attack and breach email accounts belonging to a U.S. presidential campaign, government officials and journalists, according to new data unveiled by Microsoft, highlighting the continued global security threats that loom over the fast-approaching 2020 election.
The intrusion observed by Microsoft, spearheaded by an outfit it calls Phosphorus, made more than 2,700 attempts to identify personal email addresses that belonged to the company's customers over a 30-day period between August and September, 241 of which were then attacked. Four were compromised, but they do not belong to the presidential campaign or government officials, according to the tech giant.
Reuters and other news media outlets reported Friday that the hackers targeted President Donald Trump's campaign.
Microsoft said it notified the customers attacked and has worked with those whose accounts were compromised to secure them. It declined to disclose the names of the account holders, including the presidential campaign that had been targeted. Microsoft declined to comment beyond a blog post disclosing the news Friday.
Tim Murtaugh, a spokesman for President Trump's 2020 campaign, said he has "no indication that any of our campaign infrastructure was targeted." Asked to clarify whether Microsoft had contacted the campaign about Iranian targeting of either the campaign or campaign personnel's personal email accounts, Murtaugh said: "We have no further comment."
The news Friday is the latest reminder that the U.S. is likely still vulnerable to security threats when it comes to the 2020 presidential election. Tech giants such as Facebook and Twitter, as well as politicians and security officials have all made the next presidential election a priority as they race to combat hackers – some of whom are working for foreign governments.
Still, recent technology developments like increasingly realistic "deepfake" or otherwise manipulated videos have many cybersecurity experts concerned about how hackers might be able to manipulate public perception in the way the Russians did in 2016.
Since then, other countries have come to adopt more of Russia's playbook, including Iran, which for years has targeted U.S. officials through "large-scale intrusion attempts," said John Hultquist, the director of intelligence analysis at the cybersecurity firm FireEye. But Iran only has become more aggressive recently in response to President Trump, he said, who has imposed massive sanctions and pulled out of an international deal over the country's nuclear program.
"The Iranians are very aggressive, and they could leverage whatever access they get for an upper hand in any kind of negotiations," Hultquist added. "They could cause a lot of mayhem."