5 Oct 2019

Iranian hackers 'targeted US 2020 campaign'

2:42 pm on 5 October 2019

Hackers who appear to be linked to Iran's government have targeted the 2020 US presidential election, according to tech company Microsoft.

File photo June 4, 2018. Microsoft logo displayed outside the Microsoft Technology Center, New York City.

Microsoft has identified what it calls significant cyber activity by a threat group known as Phosphorus. Photo: AFP / Getty

The group attacked more than 200 email accounts, some of which belonged to people associated with "a US presidential campaign", it said.

The target was President Donald Trump's re-election campaign, sources told Reuters news agency.

Iran has not yet publicly commented on the allegations.

A spokesperson for the Trump campaign said it had no indication it had been targeted.

2700 hacking attempts, Microsoft says

"Today we're sharing that we've recently seen significant cyber activity by a threat group we call Phosphorus, which we believe originates from Iran and is linked to the Iranian government," a Microsoft statement reads.

Phosphorus, it said, made more than 2700 attempts to identify people's email accounts over a 30-day period in August and September. It then attacked 241 accounts.

"The targeted accounts are associated with a US presidential campaign, current and former US government officials, journalists covering global politics and prominent Iranians living outside Iran," Microsoft said.

Currently, 19 Democrats are seeking to be nominated as their party's candidate to stand against Donald Trump in 2020, while three Republicans say they plan to challenge the president. The statement did not identify which specific campaign was targeted.

However Reuters reported it was President Trump's re-election campaign, citing sources familiar with the operation.

US President Donald Trump speaks during a storm briefing with the US Coast Guard, after disembarking from Air Force One upon arrival at Ellington Field Joint Reserve Base in Houston, Texas, September 22, 2019.

Donald Trump's re-election campaign is believed to have been the target of hackers. No-one from the campaign team has responded to the reports so far. Photo: AFP

According to Microsoft, only four accounts were eventually compromised, and none of these were associated with a campaign, nor any former or current officials.

The hackers tried to take over the accounts, in attacks Microsoft called "not technically sophisticated". The company has told account holders affected and helped to protect them.

Nevertheless, the tech company called Phosphorus, also known as APT 35, is "highly motivated and willing to invest significant time and resources engaging in research and other means of information gathering".

Microsoft urged all its customers to set up two-step verification for their email accounts, and suggested people worried about security to check their login history.

Growing concern over election security

There has been increasing concern worldwide about foreign-sponsored election interference via hacking.

In July, US Special Counsel Robert Mueller concluded that Russia systematically interfered in the 2016 election with the intention of benefiting Mr Trump - although he did not establish collusion in a crime.

The same month Microsoft said it had told almost 10,000 customers they had been targeted or compromised by nation-state attacks.

The fact that the hackers allegedly have links to Iran is also noteworthy.

Mr Trump's unilateral withdrawal from a nuclear accord between Iran and world powers last year has raised tensions between Washington and Tehran.

The US blames Iran for an attack on Saudi oil facilities in September which affected global markets. Iran has denied any responsibility for the strikes.


Get the RNZ app

for ad-free news and current affairs