Skip to main content

Iran and China tried to hack Trump and Biden campaigns, Google says

State-backed hackers tried to access accounts belonging to staffers from both presidential campaigns, company official says
Google's Threat Analysis Group says there is no evidence that phishing attempts were successful (Reuters/file photo)
By in
Washington

Iranian and Chinese hackers targeted the election campaigns of US President Donald Trump and former vice president Joe Biden, respectively, a senior Google security official said on Thursday.

Shane Huntley, head of Google's Threat Analysis Group (TAG), said an Iranian organisation known as Charming Kitten attempted to breach the accounts of Trump campaign workers, while a Chinese faction known as Hurricane Panda targeted Biden campaign staffers.

Huntley said neither of them were successful in their Advanced Persistent Threat (APT) attacks. 

Coronavirus: Qatar tracing app flaw 'exposed one million people's details'
Read More »

Such attempts are typically state sponsored and involve forged emails with links designed to harvest passwords or infect devices with malware.

"Recently TAG saw China APT group targeting Biden campaign staff & Iran APT targeting Trump campaign staff with phishing. No sign of compromise. We sent users our govt attack warning and we referred to fed law enforcement," Huntley said on Twitter. 

A spokesperson for the Biden campaign confirmed the report in a statement to TechCrunch, but was reticent about discussing cyber security.

"We are aware of reports from Google that a foreign actor has made unsuccessful attempts to access the personal email accounts of campaign staff," the spokesperson said.

"We have known from the beginning of our campaign that we would be subject to such attacks and we are prepared for them. Biden for President takes cybersecurity seriously, we will remain vigilant against these threats, and will ensure that the campaign's assets are secured."

The Trump campaign also said that it was briefed that "foreign actors unsuccessfully attempted to breach the technology of our staff," but a spokesperson declined to discuss what precautions the campaign was taking.

Russia's 2016 playbook

Graham Brookie, director of the Atlantic Council's Digital Forensic Research Lab, tweeted that the announcement was "a major disclosure of potential cyber-enabled influence operations, just as we saw in 2016."

Brookie's tweet referred to the Russian hacking of the Democratic National Committee (DNC) and Hillary Clinton's 2016 presidential campaign, which sought to assist Trump's campaign.

The DNC has since beefed up its cybersecurity, releasing a campaign cybersecurity checklist, after it came under intense scrutiny for its 2016 failings. 

US cyberattack struck Iran following attacks on Saudi oil facility
Read More »

Last year, Microsoft warned that Iranian hackers were targeting Trump campaign staffers as well as journalists and US officials.

The group, which Microsoft has dubbed "Phosphorous", made more than 2,700 attempts to identify consumer accounts belonging to specific customers and attacked 241 of them.

The US has also made its own attempts to infiltrate Iranian systems. 

In October, two US officials said that an American government cyberattack had targeted Iran’s capability to spread "propaganda" in the wake of the 14 September attacks on Saudi Arabia’s oil facilities

The officials, speaking to Reuters, said that the cyberattack affected physical hardware, but did not provide further details.

The Pentagon declined to comment on its alleged cyberattack at the time, with spokeswoman Elissa Smith saying that the US does not "discuss cyberspace operations, intelligence, or planning".