A note from Google’s head of threat analysis group says that Chinese and Iranian hackers are targeting Biden and Trump’s campaigns. Mostly through phishing, the attacks aren’t new for every election. A statement from Joe Biden’s campaign acknowledged the attacks and said they’re safeguarded and prepared for it, while there’s no response from Trump’s campaign yet.
Shane Huntley, the head of Google’s Threat Analysis Group (TAG) has tweeted warning that Chinese state-backed hackers are targeting Joe Biden’s campaign. And Iranian hackers are targeting Donald Trump’s campaign. These active attacks on campaign staffers are in the form of phishing, mostly. And if cracked, it can give significant data.
Recently TAG saw China APT group targeting Biden campaign staff & Iran APT targeting Trump campaign staff with phishing. No sign of compromise. We sent users our govt attack warning and we referred to fed law enforcement. https://t.co/ozlRL4SwhG
— Shane Huntley (@ShaneHuntley) June 4, 2020
Huntley further said that none of the attempts were successful yet, and has informed federal law enforcement regarding this. Joe Biden and Donald Trump are the final two candidates running for the presidential election this year, which will be held on November 3rd. Joe Biden has run for president twice earlier, and Trump may get his hands on seat twice if re-elected.
These kinds of cyber attacks aren’t new, say experts who’ve tracked similar incidents in 2016 elections. Back then, Russian hackers have stolen and published materials from Democrats, which cost the chairwoman her job. And now, hitting the high-profile candidates could garner something similar.
Microsoft too has warned that Trump’s campaign was actively targeted by Iranian hackers earlier this year. May this being the backlash against Trump’s government for his killing of Iran’s Army Chief, Qassim Soleimani. And targets against Joe Biden? Well, that’s simply he’s running for the campaign.
Targets against campaign staffers are often easy, and lucrative. As they recruit new people and volunteers, they’re not so trained of following effective security measures while using the campaign sites and other assets. Thus, fooling them with phishing attacks and stealing credentials could let hackers impersonate and spam others.