SECURITY
SECURITY
SECURITY
Trump and Biden campaigns targeted by state-sponsored hackers
State-sponsored hackers are actively targeting the U.S. presidential campaigns of both Joe Biden and Donald Trump, according to a senior Google security researcher.
The claim come from Shane Huntley, the head of the Google Threat Analysis Group. He wrote on Twitter that the Google team had seen a Chinese advanced persistent threat group targeting Biden campaign staff as well as an Iranian APT group target Trump campaign staff with phishing.
No sign of compromise was detected. Google warned campaign staff that they are being targeted. It also referred information about the attempted phishing attacks to law enforcement.
That Iranian hackers are targeting the Trump campaign comes as no surprise. In October, security researchers at Microsoft Corp. detailed what the dubbed the “Phosphorous campaign.” Iranian hackers targeted 241 accounts tied to the Trump campaign as well as current and former U.S. government officials, journalists covering global politics and prominent Iranians living outside Iran.
Huntley provided further details on Twitter, saying that the groups involved in the phishing campaigns were identified as APT31 and APT35.
APT31, sometimes known as Zirconium is linked to the Chinese government and typically specializes in intellectual property theft. APT35, also known as the Newscaster team, is sponsored by the Iranian government and typically targets U.S. and the Middle Eastern military, diplomatic and government personnel, organizations in the media, energy and defense industrial bases as well as the engineering, business services and telecommunications sectors.
In a statement to Reuters, a spokesperson for the Biden campaign said that “we are aware of reports from Google that a foreign actor has made unsuccessful attempts to access the personal email accounts of campaign staff.” The spokesperson added that “we have known from the beginning of our campaign that we would be subject to such attacks and we are prepared for them.”
The Trump campaign spokesperson said that they had been briefed that “foreign actors unsuccessfully attempted to breach the technology of our staff” but provided no further comment.
Discussing the intent of the attacks, Charles Ragland, security engineer at digital risk protection software provider Digital Shadows Ltd., told SiliconANGLE that these groups may be looking to use information that they obtain to sow discord. “They may also use it for more traditional intelligence collection to inform other actions,” he said. “As more and more communication is done online, this trend is likely to continue.”
Photo: Andrea Widburg/Flickr
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
