Google security researchers say they’ve identified efforts by at least two nation state-backed hackers against the Trump and Biden presidential campaigns.
Shane Huntley, director for Google’s Threat Analysis Group, said in a tweet that hackers backed by China and Iran recently targeted the campaigns using malicious phishing emails. But, Huntley said, there are “no signs of compromise” and that the campaigns were both alerted to the attempts.
When reached by TechCrunch, a Google spokesperson reiterated the findings:
“We can confirm that our Threat Analysis Group recently saw phishing attempts from a Chinese group targeting the personal email accounts of Biden campaign staff and an Iranian group targeting the personal email accounts of Trump campaign staff. We didn’t see evidence that these attempts were successful. We sent the targeted users our standard government-backed attack warning and we referred this information to federal law enforcement. We encourage campaign staff to use extra protection for their work and personal emails, and we offer security resources such as our Advanced Protection Program and free security keys for qualifying campaigns.”
Spokespeople for the Biden and Trump campaigns did not immediately comment. We’ll update if we hear back.
Huntley said in a follow-up tweet that the hackers were identified as China’s APT31 and Iran’s APT35, both of which are known to target government officials. But it’s not the first time that the Trump campaign has been targeted by Iranian hackers. Microsoft last year blamed APT35 group for targeting what later transpired to be the Trump campaign.
Since last year’s attempted attacks, both the Democrats and Republicans improved their cybersecurity at the campaign level. The Democrats recently updated their security checklist for campaigns and published recommendations for countering disinformation, and the Republicans have put on training sessions to better educate campaign officials.