A group of hackers believed to be in contact with the Iranian government attempted to access e-mail accounts related to a US presidential campaign, Microsoft announced on Friday who are believed to be "from Iran and in contact with the Iranian government."
Microsoft said the group's threat tracking attacked 241 e-mail accounts related to current and former US government officials, journalists and prominent Iranians outside Iran, and a US presidential campaign. Microsoft did not call the targeted campaign.
The company claimed that the campaign was unsuccessful, but hackers were able to access four accounts that were not related to the campaign or current and former government officials.
Tom Burt, vice president of customer safety and trust at Microsoft, wrote in a blog post that the Iran-affiliated group to which the company, Phosphorous, refers, gathered information about people to make them Falling Into Phishing Plans "While the attacks we announce today were not technically sophisticated, they attempted to use a considerable amount of personal information to identify both, and in some cases, accounts that belong to their intended goals to try attacks, "Burt wrote. "These efforts suggest that Phosphorous is highly motivated and willing to spend time and resources on research and other information gathering tools."
Chris Krebs, director of the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency, said CISA is working to determine the severity of the attack.
"CISA is Microsoft's report on Iranian actors targeting US accounts, and we work with them to assess and mitigate the impact," said Krebs. "Much of this activity is likely Microsoft's claim that a presidential campaign was targeted is further evidence that our opponents are trying to undermine our democratic institutions."
US intelligence agencies and independent cybersecurity experts have announced that that they expect a variety of hacking attempts targeting aspects of the US Election 2020, including campaigns and votes on infrastructure.
While Russia remains a fix for electoral concerns, other nations have also emerged as legitimate threats. In January, Dan Coats, then director of National Intelligence, warned that many countries, including China and Iran, were ready to influence American politics and were expected to refine their tactics and make new heroic deeds.
The main elements of the effort to get involved in the 201
Former Special Representative Robert Mueller concluded in his report on Russia's electoral disruption efforts in 2016 that the emails were sent by a Russian government, and a third party representative, who eventually passed them on to Wikileaks.
Theresa Payton, CEO of cybersecurity firm Fortalice Solutions and former White House Information Officer, said recent US sanctions have increased the likelihood of cyberattacks from Iran.
"We should not be surprised that Phosphorus and other groups affiliated with Iran are stepping up their efforts," Payton said in an e-mail. "Iran has been expanding its cyber capabilities for more than a decade, and now that the US has imposed sanctions on Iran and tensions in the region are increasing, they have nothing to lose."
Although phishing attacks are nothing new, they remain among the most effective ways to penetrate secure systems. Their effectiveness also means that they remain a common form of cyberattack.
Despite the widespread agreement that foreign opponents will try to influence the election, the US government has sluggishly approved the funding needed to prepare local jurisdictions for 2020. Senate Majority Leader Mitch McConnell reversed the course and announced support for a bill providing $ 250 million for electoral security.
However, the United States has held back under President Donald Trump to join international efforts to address cybersecurity issues. The US has not signed the Paris Call for Confidence and Security in Cyberspace, which has been supported by more than 50 countries and 130 private companies and groups.
In the blog post, Burt called for "all governments, businesses and stakeholders to consider" to join the agreement and the Cybersecurity Tech Accord, another public cyber security commitment signed by more than 100 companies.
"These are two important initiatives aimed at making the Internet safer from the malicious activity we are undertaking, and we are debating today," he wrote.