Iran-Linked Hackers Tried to Compromise a U.S. Presidential Campaign, Microsoft Says

hack attack on microsoft accounts
Microsoft says an Iranian hacking group has targeted a presidential candidate, current and former government officials, and journalists covering global affairs.
Getty Images

A group of hackers linked to the Iranian government tried to infiltrate email accounts belonging to a U.S. presidential campaign, Microsoft disclosed on Friday.

Microsoft didn’t name the campaign that was targeted.

Both the New York Times and Reuters are reporting that President Donald Trump’s re-election campaign was the target of the hacking attack, citing multiple people with knowledge of the situation. Both news outlets also quoted Trump campaign communications director Tim Murtaugh as saying, “We have no indication that any of our campaign infrastructure was targeted.”

The news, however, immediately drew comparisons to the Russian hacking attack on Hillary Clinton’s campaign in 2016 that led to the public release of email from her campaign chairman and others.

Microsoft’s threat-tracking group noticed “significant cyber activity” from a hacking group that “originates from Iran and is linked to the Iranian government,” Tom Burt, vice president of customer security and trust, wrote in a blog post.

The attempts against the campaign were unsuccessful, but the hackers also targeted current and former government officials, journalists covering global affairs, and prominent Iranians living in the United States, according to the blog post. Microsoft said the hacking group, which is nicknamed Phosphorus, successfully accessed four accounts, though none belonging to current or former government officials.

During a 30-day period between August and September, Phosphorus made more than 2,700 attempts to identify specific email accounts belonging to Microsoft customers. The group then tried to attack 241 of those accounts, according to the post.

The hackers gathered additional information on their targets, such as phone numbers and secondary email accounts, and used that knowledge to “game password reset or account recovery features and attempt to take over some targeted accounts,” Burt wrote.

“While the attacks we’re disclosing today were not technically sophisticated, they attempted to use a significant amount of personal information both to identify the accounts belonging to their intended targets and in a few cases to attempt attacks,” Burt wrote. “This effort suggests Phosphorous is highly motivated and willing to invest significant time and resources engaging in research and other means of information gathering.”

U.S. intelligence and cybersecurity experts have warned that nation states are actively trying to hack campaigns and the voting infrastructure for the 2020 presidential election. While Russia has been at the forefront of hacking concerns, an intelligence assessment in January also warned that China and Iran may seek to influence the 2020 elections.

UPDATE 5:38 p.m. ET: This story was updated from its original to include reporting from The New York Times and Reuters, citing the Trump campaign as the target of the attacks.

More must-read stories from Fortune:

—Domino’s delivers a dilemma to the Supreme Court: a website accessibility case that could impact thousands of companies
How Russian PR firms plant stories for companies in U.K. news outlets, social media
—Why Tesla quietly acquired DeepScale, a machine learning startup that’s ‘squeezing’ A.I.
—Comcast, Mastercard, and Samsung are pouring millions into this password-killing startup
Why Apple is offering cheaper streaming and iPhones
Catch up with Data Sheet, Fortune’s daily digest on the business of tech.

Subscribe to Well Adjusted, our newsletter full of simple strategies to work smarter and live better, from the Fortune Well team. Sign up today.

Read More

Artificial IntelligenceCryptocurrencyMetaverseCybersecurityTech Forward