Microsoft warned last year that at least one presidential campaign was being targeted by an Iranian state-backed cyber operation
Campaign staffs for both President Donald Trump and Democratic rival Joe Biden have been targeted recently by foreign hackers, Google researchers said Thursday, highlighting persistent data security concerns ahead of the November US election.
A tweet from Google's threat analysis chief Shane Huntley said the internet giant warned the Biden campaign about "phishing" efforts from China and the Trump campaign from Iran.
"No sign of compromise. We sent users our govt attack warning and we referred to fed law enforcement," Huntley wrote.
Recently TAG saw China APT group targeting Biden campaign staff & Iran APT targeting Trump campaign staff with phishing. No sign of compromise. We sent users our govt attack warning and we referred to fed law enforcement. https://t.co/ozlRL4SwhG— Shane Huntley (@ShaneHuntley) June 4, 2020
The incidents nonetheless highlight fears about a repeat of a devastating data breach in 2016 involving the campaign of Hillary Clinton and a wide-ranging influence operation which officials said was directed from Russia.
"This is a major disclosure of potential cyber-enabled influence operations, just as we saw in 2016," Graham Brookie, director of the Atlantic Council's Digital Forensics Research Lab, said in a tweet.
Brookie said the disclosure "is the cyber-enabled pre-cursor to potential influence operations. It's a necessary reminder, especially to campaigns."
Huntley said the incidents should be a reminder to campaigns to take security precautions, including so-called two-factor authentication to verify users.
He also noted that Google is offering free physical security key hardware and other assistance to US presidential and congressional campaigns.
Microsoft warned last year that at least one presidential campaign was being targeted by an Iranian state-backed cyber operation. Reports said the effort targeted a Trump campaign staffer.
A group Microsoft dubbed "Phosphorous" tried to identify email accounts of targets that included US officials, journalists covering global politics, prominent Iranians living outside that country and a presidential campaign.
Facebook, Google, Microsoft and Twitter security teams met last year with FBI, homeland security and intelligence officials to discuss collaboration on election threats.