Tech giant Microsoft recently revealed that a group of hackers linked to the Iran government had tried to meddle in the upcoming presidential elections in the United States. NPR reported that the hack was aimed at a presidential campaign in another foreign government’s attempt to sway the elections.
Microsoft security officer Tom Burt said that the firm noted a “significant cyber activity” from Phosphorus, an Iran-linked hacker group. According to Burt, Microsoft thinks that the group “originates from Iran and is linked to the Iranian government.” However, there was no mention of how they linked the hackers to Iran.
The incident occurred in August and September, with over 2,700 attempts to extract specific email accounts. Of this number, attacks on 241 email addresses took place, compromising 4 accounts. None were connected to the target campaign or government officials.
According to the company, Phosphorus extracted sensitive information such as contact details in their attempt to access password reset or account recovery features. This led Microsoft to believe that the group “is highly motivated and willing to invest significant time and resources.”
In several instances in the past, intelligence departments have issued warnings saying that foreign governments may conduct a similar attempt. The warnings named several entities including Iran.
NPR noted that Microsoft refused to identify which campaign the group attacked. However, a source told Reuters that the hackers targeted President Donald Trump’s re-election campaign. According to Reuters, Trump’s campaign website is “the only one” of the major candidates’ websites using Microsoft’s cloud email services.
Trump campaign director of communications Tim Murtaugh said that they did not detect indications of attacks on their infrastructure.
Reuters sought comments from the Federal Bureau of Investigation (FBI) but the agency refused to give any statements. On the other hand, Chris Krebs, director of Homeland Security Department’s election security arm, revealed awareness of Microsoft’s findings. Krebs said that the report is yet another proof of “adversaries” attempting to “undermine” the US’ democratic processes.
NPR said that Microsoft has previously detected almost 800 attacks on political organizations by alleged nation-states. Social media platforms have also banned accounts from Iran linked to the meddling attempt.
Concerns of foreign interventions have steadily increased in light of the Russian attack in the 2016 elections. Meanwhile, there are tensions between the US and Iran after Trump retracted his participation in the 2015 international nuclear accord with Tehran.