TECHNOLOGY

Iranian hackers said to target presidential campaign

Oct 4, 2019, 1:12 PM
FILE - This July 3, 2014, file photo, shows the Microsoft Corp. logo outside the Microsoft Visitor ...
FILE - This July 3, 2014, file photo, shows the Microsoft Corp. logo outside the Microsoft Visitor Center in Redmond, Wash. Microsoft says hackers linked to the Iranian government have targeted a U.S. presidential campaign, as well as government officials, media targets and prominent ex-patriate Iranians. (AP Photo Ted S. Warren, File)
(AP Photo Ted S. Warren, File)

WASHINGTON (AP) — Microsoft said Friday that hackers linked to the Iranian government targeted a U.S. presidential campaign, as well as government officials, media targets and prominent expatriate Iranians.

Overall, the hackers attempted to penetrate 241 accounts — four successfully — though none of those penetrated was associated with presidential campaigns or current or past U.S. officials, Microsoft said. A company spokeswoman declined to identify those targeted, citing customer privacy.

The announcement is the latest sign that foreign governments are looking for ways to potentially disrupt the 2020 presidential election. U.S. intelligence officials have sounded the alarm about the risks for months.

Russia’s hacking of the Democratic National Committee and the Clinton campaign, as well as the subsequent leaks of emails during the 2016 election,  roiled the DNC, hurt the Clinton campaign and was a focal point in special counsel Robert Mueller’s probe.

Foreign hackers have long targeted U.S. government and politicians, generally with little notice. But the disruption caused by Russia’s attack has heightened awareness and prompted fears that other nations will try to follow Russia’s example. Iran, in particular, could have a stake in the outcome of the U.S. election after President Donald Trump withdrew the United States from a nuclear agreement and stepped up sanctions against the country.

The U.S. Department of Homeland Security said it was working with Microsoft to “assess and mitigate impacts.” Chris Krebs, director of the department’s Cybersecurity and Infrastructure Security Agency, said much of the activity is likely “run-of-the-mill” foreign intelligence service work.

But, “Microsoft’s claims that a presidential campaign was targeted is yet more evidence that our adversaries are looking to undermine our democratic institutions,” Krebs said.

In a blogpost released Friday, Microsoft’s Tom Burt, corporate vice president for customer security and trust, said that owners of four accounts that were compromised by the hackers have been notified. The company would not identify those accounts.

The attacks by a group Microsoft calls Phosphorous occurred during a 30-day period between August and September.

Burt said the Iranian hackers used password reset and account recovery features to try to take over accounts. For example, they gathered phone numbers belonging to targets to help with a password reset. In other cases, they tried to get into secondary email accounts that might be linked to the Microsoft account to gain access via a verification email.

The hackers researched their targets, making more than 2,700 attempts to identify emails belonging to a specific Microsoft customer. A spokeswoman declined to provide more details.

The company has previously taken legal steps to combat Iran-linked hackers, suing them in federal court in Washington D.C., so Microsoft could take control of websites Phosphorous used to conduct hacking operations and to stop attacks.

On Friday, Tim Murtaugh, spokesman for Trump’s 2020 re-election campaign, said there was “no indication that any of our campaign infrastructure was targeted.”

The campaigns of Sen. Kamala Harris, Michael Bennet, Pete Buttigieg, also said they had not been targeted. A campaign aide for Sen. Bernie Sanders said the campaign doesn’t comment on matters of technical security.

Republican National Committee spokeswoman Blair Ellis said the RNC is “constantly working to stay ahead of emerging threats.”

The DNC has taken several steps to improve the party’s cybersecurity since 2016. The most public move was the hiring of Bob Lord, a veteran of Silicon Valley cybersecurity with stints at Yahoo, Twitter, AOL and Netscape, to serve as its cybersecurity chief.

Lord has worked to improve security protocols for DNC staff, state parties and campaigns with access to the central voter file that DNC maintains.

In July, Microsoft announced that it had detected more than 740 infiltration attempts by nation-state actors in the past year targeting U.S.-based political parties, campaigns and other democracy-focused organizations including think tanks and other nonprofits.

The company declined to name or further characterize the targets or the actors. It said at the time that such targeting had similarly occurred in the early stages of the 2016 and 2018 elections.

A memo prepared by DHS and the FBI was sent to state election officials this week outlining possible ways Russia could seek to interfere in the 2020 elections by discouraging voters or utilizing voter suppression tactics.

The document, which was dated Thursday and reviewed by The Associated Press, outlines a few possible scenarios for state and local election officials to be aware of. Those include the use of social media to exacerbate divisions within political parties during state primaries and the hacking of election websites to spread misinformation on voting processes or to alter voter registration data.

__
AP writers Bill Barrow and Christina Almeida Cassidy in Atlanta, and Zeke Miller, Alexandra Jaffe, Colleen Long and Alan Fram contributed to this report. Follow Tami Abdollah on Twitter at https://twitter.com/latams

Today’s Top Stories

Technology

Netflix gaming...
Catherine Thorbecke, CNN Business

Netflix to open its own video game studio as part of gaming pivot

The streaming giant is building its first in-house video game studio in Helsinki, Finland, as it expands its empire over mobile games.
1 day ago
(Photo courtesy of Salt_Verse on Twitter)...
Rachel Metz, CNN Business

This guy is using AI to make movies — and you can help decide what happens next

"Salt" resembles many science-fiction films from the '70s and early '80s. The way it was created points to what could be a new frontier for making movies.
4 days ago
Google googled phrases...
Aubri Wuthrich

A Google analysis shows which words are the most confusing to Americans

Americans use Google to define terms that are confusing for them, this study shows which terms are most commonly searched.
6 days ago
DWR law enforcement truck pictured. The Utah DWR will use drones to help with wildlife management...
Britt Johnson and Elizabeth Weiler

Utah Division of Wildlife Resources launches new drone law enforcement team

Utah has created its new drone law enforcement team, designed to get a better look at wildlife crimes like poaching and trespassing. 
7 days ago
emoticon history...
Jennifer Korn, CNN Business

The 40-year evolution from :-) to 😂, what emojis offer that words can’t

Today there are more than 3,600 emojis available for users to express their every emotion and effectively give our words a deeper meaning.
9 days ago
Peiter Zatko, known as Mudge in the computer hacking community, testifies before the Senate Judicia...
Catherine Thorbecke, CNN Business

Why deleting something from the internet is ‘almost impossible’

Most people may live out their digital lives with the assumption they can delete their posts, messages and personal data from services whenever they choose. A tech hearing this week threw that core assumption into question.
11 days ago

Sponsored Articles

Young woman receiving laser treatment...
Form Spa

How facial plastic surgery and skincare are joining forces

Facial plastic surgery is not only about looking good but about feeling good too. The medical team at Form Spa are trained to help you reach your aesthetic outcomes through surgery and through skincare and dermatology, too.
large group of friends tohether in a park having fun...
BYU MBA at the Marriott School of Business

What differentiates BYU’s MBA program from other MBA programs

Commitment to service is at the heart of BYU’s MBA program, which makes it stand out among other MBA programs across the country.
a worker with a drill in an orange helmet installs a door in the house...
Price's Guaranteed Doors

Home improvement tip: Increase the value of your home by weatherproofing doors

Make sure your home is comfortable before the winter! Seasonal maintenance keeps your home up to date. Read our tips on weatherproofing doors.
Curb Appeal...
Price's Guaranteed Doors

How to have the best of both worlds for your house | Home security and curb appeal

Protect your home and improve its curb appeal with the latest security solutions like beautiful garage doors and increased security systems.
A paper reading IRS, internal revenue service is pictured...
Jordan Wilcox

The best strategies for dealing with IRS tax harassment | You have options!

Learn how to deal with IRS tax harassment. This guide will teach you how to stop IRS phone calls and letters, and how to handle an IRS audit.
spend a day at Bear Lake...
Bear Lake Convention and Visitors Bureau

You’ll love spending the day at Bear Lake | How to spend a day at Bear Lake

Bear Lake is a place that needs to be experienced. Spend a day at Bear Lake.
Iranian hackers said to target presidential campaign