Google: Chinese And Iranian Hackers Targeted Biden And Trump Campaign Staffers
State-sponsored hackers from China and Iran have unsuccessfully targeted the campaign staffs of US presidential candidates Joe Biden and Donald Trump, respectively.
The attacks have been observed by the Google Threat Analysis Group (TAG), a division inside Google’s security department that tracks nation-state hacking groups.
“Recently TAG saw China APT group targeting Biden campaign staff & Iran APT targeting Trump campaign staff with phishing,” said Shane Huntley, head of Google TAG.
Recently TAG saw China APT group targeting Biden campaign staff & Iran APT targeting Trump campaign staff with phishing. No sign of compromise. We sent users our govt attack warning and we referred to fed law enforcement. https://t.co/ozlRL4SwhG— Shane Huntley (@ShaneHuntley) June 4, 2020
A Google spokesperson told The Verge the company had not seen evidence that any of the attempted attacks had been successful and that it had sent the information to federal law enforcement officials. “We encourage campaign staff to use extra protection for their work and personal emails, and we offer security resources such as our Advanced Protection Program and free security keys for qualifying campaigns,” the spokesperson said.
Matt Hill, deputy national press secretary for the Biden campaign, says the campaign was aware of the phishing attempt and had been braced for something like this to happen. “We have known from the beginning of our campaign that we would be subject to such attacks and we are prepared for them,” Hill told The Verge in an email, adding that the campaign takes cybersecurity seriously and “will remain vigilant against these threats.”
A spokesperson for the Trump campaign said it had been “been briefed that foreign actors unsuccessfully attempted to breach the technology of our staff. We are vigilant about cybersecurity and do not discuss any of our precautions.”
Email hacking is a particularly fraught issue for US political campaigns after Russian hackers successfully phished the Democratic National Committee in 2016, exposing thousands of emails.