Chinese, Iranian hackers tried to hack Biden, Trump campaigns, Google says


Joe Biden and Donald Trump supporters in Kansas City, Missouri. 

Kyle Rivas/Getty Images

Hackers backed by the Chinese and Iranian governments were caught in an attempted cyberattack against the Trump campaign and the Biden campaign, Google said Thursday. 

Google’s Threat Analysis Group (TAG) detected the phishing attempt, a cyberattack where hackers try to lure victims into clicking on a link and giving up sensitive credentials. 

“Recently TAG saw China APT group targeting Biden campaign staff & Iran APT targeting Trump campaign staff with phishing. No sign of compromise,” Shane Huntley, the head of TAG, said in a tweet. APT stands for “advanced persistent threat,” a label applied to various hacking groups by cybersecurity specialists. 

Huntley added that Google sent a warning to the targeted campaign staffers and alerted federal law enforcement officials about the attempted cyberattacks. The company confirmed this in a statement.

“We can confirm that our Threat Analysis Group recently saw phishing attempts from a Chinese group targeting the personal email accounts of Biden campaign staff and an Iranian group targeting the personal email accounts of Trump campaign staff,” Google said. “We didn’t see evidence that these attempts were successful. We sent the targeted users our standard government-backed attack warning and we referred this information to federal law enforcement. We encourage campaign staff to use extra protection for their work and personal emails, and we offer security resources such as our Advanced Protection Program and free security keys for qualifying campaigns.” 

The company said the attacks were targeting multiple campaign staffers for both Trump and Biden, and that the attacks went after their personal accounts. The Biden campaign said it had been on guard against such attacks.

“We are aware of reports from Google that a foreign actor has made unsuccessful attempts to access the personal email accounts of campaign staff,” the campaign said in a statement. “We have known from the beginning of our campaign that we would be subject to such attacks and we are prepared for them. Biden for President takes cybersecurity seriously, we will remain vigilant against these threats, and will ensure that the campaign’s assets are secured.”

The Trump campaign didn’t immediately respond to a request for comment, nor did the Cybersecurity and Infrastructure Security Agency. 

This isn’t the first time Iranian hackers have been accused of targeting the Trump campaign. Last October, Microsoft said it had discovered more than 2,700 attempts to hack a presidential campaign, including Trump’s. Chinese hackers have also been accused of major cyberattacks against the US, including the Equifax breach and attempts to steal coronavirus vaccine research.

The 2016 US presidential election showed how much influence a cyberattack can have on the democratic process, after Russian hackers infiltrated the Democratic National Committee’s servers as well as the email accounts of staff members on Hillary Clinton’s campaign. Since then, government agencies like the CISA have ramped up efforts on election security, as have tech giants like Google and Microsoft. 

The Chinese, Iranian and Russian governments have all routinely denied involvement in such cyberattacks.

Google introduced its Advanced Protection Program in 2017 and has advised campaign staffers to lock down their personal accounts along with their work accounts. Microsoft has a similar service through its Defending Democracy program

Source Article