UPDATED 21:00 EST / OCTOBER 06 2019

SECURITY

Iranian hackers target Trump 2020 re-election campaign

A hacking group tied to the Iranian government has been attempting to break into the re-election campaign of U.S. President Donald Trump.

Detailed Friday by security researchers at Microsoft Corp. and linked directly to the Trump campaign by Reuters, the Phosphorus campaign was first detected in August.

Those behind it made more than 2,700 attempts to identify consumer email accounts belonging to specific Microsoft customers. The hackers then targeted 241 accounts tied to the Trump campaign as well as current and former U.S. government officials, journalists covering global politics and prominent Iranians living outside Iran.

Four accounts were compromised by the hackers, but none of those was linked to the Trump campaign. Those behind the attack also attempted to obtain access to secondary accounts linked to the Microsoft email as well as attempting to steal phone numbers associated with the accounts.

The concerning part of the Phosphorus campaign is the simple methodology being used by the hacking group. “This Iranian hacker group attempted to access 241 targeted email accounts by simply resetting passwords using personal information found through research,” Robert Prigge, president of identity verification company Jumio Corp., told SiliconANGLE.

“How much more proof do we need that passwords and knowledge-based authentication can no longer be trusted?” he added. “With these traditional forms of authentication, it is literally impossible to know whether the person logging in is actually the real account owner. And as seen with this hacking attempt, security questions and passwords can be easily bypassed and guessed with minimal research.”

Indeed, the Phosphorus attack is a perfect example of why email is the biggest, largely unacknowledged threat to the election and government security, said Peter Goldstein, chief technology officer and co-founder of email security firm Valimail Inc.

“Email-based cyberattacks such as phishing, business email compromise and ransomware have already proven to be highly effective techniques leveraged by cybercriminals and even nation-states with politically motivated malicious intentions,” Goldstein explained. “If these attacks are successful, it could lead to unauthorized access to confidential information, data breaches, the spread of disinformation – and even the compromise of U.S. elections infrastructure.”

Ongoing concern about foreign interference in U.S. elections has been news since allegations of Russian hacking surfaced during the 2016 presidential election. Big tech firms, including Google LLC, Facebook Inc., Twitter Inc. and Microsoft, met with U.S. security officials Sept. 4 to discuss election interference by other countries. They also discussed what efforts are being made to ensure that before the election, disinformation campaigns from countries such as Russia, China and Iran do not happen.

Photo: Wikimedia Commons

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU