Why the hacking of presidential campaigns has already begun in the US

For the third consecutive US presidential election, the hacking The campaign against Iran has begun in earnest. However, this time it is the Iranians, not the Russians, who have taken the first significant step.

Last week, Microsoft published a report stating that a group of hackers run by the intelligence unit of Iran’s Islamic Revolutionary Guard Corps had managed to access the account of a “former senior adviser” to a presidential campaign. From that account, Microsoft said, the group sent fake email messages, known as “phishing targeted” “a senior presidential campaign official” in an effort to gain access to campaign accounts and databases.

On Saturday night, former President Donald Trump said that Microsoft had informed his campaign “that one of our many websites had been hacked by the Iranian government. That is never right!”, but that the hackers They had only obtained “publicly available information.” The former president attributed the situation to what he called, in his characteristic selective capitalization, a “Weak and Ineffective” Biden administration.

The events themselves were murkier, and it’s unclear whether the group — which Microsoft referred to as Mint Sandstorm — managed to gain access to anything.

The Trump campaign was already blaming “foreign sources hostile to the United States” for a leak of internal documents that Politico reported over the weekend that it had received them, though it is unclear whether those documents actually arose from Iranian efforts or were part of an unrelated leak from within the campaign.

The New York Times received what appears to be a similar, if not identical, set of data from an anonymous tipster who claims to be the same person who emailed the documents to Politico.

Whatever the case, recent developments could be a harbinger of a more intense period of foreign interference in a race whose sudden twists and changes in candidates could have thrown hackers’ plans into disarray.

According to researchers and cybersecurity experts, Russia has so far played a relatively minor role, focusing instead on trying to sabotage both the Olympics, where it was banned from fielding its team, and supporting Ukraine. And while U.S. intelligence services do not doubt that Russia wants Trump to return to power, the hackers The Chinese, they say, appear unsure of how to act on the election, as they have reason to dislike either Trump or Vice President Kamala Harris.

There is little doubt, researchers say, that Iranians want to see Trump defeated. As president, he withdrew from the 2015 nuclear deal, reimposed economic sanctions on Iran and then, in January 2020, ordered the killing in Iraq of Major General Qasem Soleimani, commander of the Quds Force, a clandestine wing of the Revolutionary Guard responsible for overseas operations.

Four years later, the Islamic Revolutionary Guard Corps appears still determined to avenge Soleimani’s death, and just last week the Justice Department announced that it had charged a Pakistani man who had recently visited Iran with trying to hire a hitman to kill political figures in the U.S., most likely including Trump. (There is no evidence that Iran was involved in the July 13 attack on Trump in Butler, Pennsylvania.)

Trump often presents his actions against Iran as proof of his strength, even though his withdrawal from the Iran deal gave Tehran a chance to rebuild a nuclear program that had been hampered by the 2015 deal. However, the combination of the hacking And the hitman who was hunting Trump and his former aides gave the former president a clear argument over the weekend that the Iranians would prefer a continuation of the Biden-Harris government.

Microsoft declined to say that the hacking attempt it detected was directed at the Trump campaign, though the campaign itself said that was the case. In an interview, Tom Burt, who leads the company’s security and trust operations, said that in June, the Iranian team associated with the Iranian Revolutionary Guard’s intelligence operations successfully broke into the email account of a former campaign adviser, whom the company did not name. From that account, he said, the Iranians sent a malicious email to the Trump campaign. phishing focused on an official from a presidential campaign.

Although the recipient may have thought it came from the former campaign adviser, Burt declined to say whether the campaign in question was also Trump’s. Under long-standing practice, Microsoft can only disclose such details with the permission of the victim of an attack.

However, Burt said the company could not determine whether the attack succeeded in penetrating the campaign it targeted.

Documents sent to Politico, As he described them, and to the Times, they included research and evaluations of potential vice presidential candidates, including Sen. J.D. Vance, whom Trump ultimately chose. Like those types of investigative documents, these contained past statements with the potential to be embarrassing or damaging, such as comments in which Vance badmouthed Trump.

In a statement released Saturday, Steven Cheung, a spokesman for the Trump campaign, preemptively rebuked media outlets that disseminated any information that had been improperly obtained.

“Any media outlet or news organization that publishes internal documents or communications is doing the bidding of America’s enemies and doing exactly what they want,” he wrote.

The 2016 election, which Trump won, was marked by similar efforts by “hacking and leak” after Russian hackers broke into the email accounts of high-ranking Democrats. The leaked emails showed the inner workings of Hillary Clinton’s party and campaign, and also revealed criticisms made of Clinton by some aides. A collection of them was published by WikiLeaks in the final weeks of the presidential race.

Seeking an advantage at the time, the Trump campaign seized on emails, many of them from Clinton campaign chairman John Podesta. “We love WikiLeaks,” Trump said at the time.