Hackers Backed By Iran Targeted Presidential Campaign, Microsoft Says
WASHINGTON – Hackers backed by the Iranian government have been targeting the email accounts of at least one presidential campaign, current and former federal government officials and journalists covering political campaigns, Microsoft revealed Friday.
In a blog post on its website, the tech giant says that over a 30-day period between August and September, the Microsoft Threat Intelligence Center observed a group it has dubbed “Phosphorus” making more than 2,700 attempts to identify consumer email accounts belonging to specific Microsoft customers and then attack 241 of those accounts.
“While the attacks we’re disclosing today were not technically sophisticated, they attempted to use a significant amount of personal information both to identify the accounts belonging to their intended targets and in a few cases to attempt attacks,” Tom Burt, corporate vice president of Customer Security and Trust at Microsoft, wrote in the post.
“This effort suggests Phosphorous is highly motivated and willing to invest significant time and resources engaging in research and other means of information gathering,” he said.
Microsoft has not revealed the name of the presidential campaign, but its disclosure is just more evidence that U.S. adversaries are now picking up where Russia’s interference in the 2016 United States presidential election left off.
Burt said that Phosphorus used information gathered from researching their targets or other means to game password reset or account recovery features and attempt to take over some targeted accounts.
For example, they would seek access to a secondary email account linked to a user’s Microsoft account, then attempt to gain access to a user’s Microsoft account through verification sent to the secondary account.
In some instances, they gathered phone numbers belonging to their targets and used them to assist in authenticating password resets.
The company says four accounts were compromised as a result of these attempts. The four accounts were not associated with the U.S. presidential campaign or current and former U.S. government officials.
In addition to helping to secure those accounts, Microsoft’s Digital Crimes Unit has also taken legal and technical steps to combat Phosphorus attacks.
“We continue to take these types of actions,” Burt wrote.
Microsoft also reminded its customers that there are steps they can take to help secure their accounts. It is encouraging all customers to enable two-step verification on their accounts which can be done in Account Security settings.
In The News
WASHINGTON - The White House proposed Thursday to open more than two-thirds of the nation’s largest piece of public land to oil and gas drilling, striking down wildlife protections in the area that have been in place for more than 40 years. The Interior Department’s Bureau... Read More
WASHINGTON - A group of moderate House Democrats wants the U.S. government to track down potential attempts by the Chinese government to use the coronavirus crisis to its advantage. The Blue Dog Coalition, an alliance of 26 centrist lawmakers, introduced a bill on Thursday requiring U.S.... Read More
WASHINGTON— The Supreme Court on Monday upheld a 1991 law that bars robocalls to cellphones. The case, argued by telephone in May because of the coronavirus pandemic, stems from a 2015 decision by Congress to carve out an exception to the Telephone Consumer Protection Act. The... Read More
WASHINGTON - The U.S. Supreme Court ruled Monday that so-called faithless electors can be penalized if they renege on their pledge to vote for their state voters' choice for president. Writing for a nearly unanimous court, Justice Elena Kagan began with a summation of the electoral... Read More
WASHINGTON - June is always an anxious time for new graduates, but there’s never been a summer in memory as stark for new job seekers as this one. Since the onset of the coronavirus pandemic, nearly 40 million have lost their jobs, and though the reopening... Read More
WASHINGTON - The U.S. Chamber of Commerce recognized Rep. Antonio Delgado, D-N.Y, with its yearly Spirit of Enterprise Award for his support of business-friendly initiatives in the first session of the 116th Congress. The chamber has rated members of Congress based on how they vote on... Read More