Google security researchers say they've identified efforts by at least two nation state-backed hackers against the Trump and Biden presidential campaigns.
Shane Huntley, director for Google's Threat Analysis Group, said in a tweet that hackers backed by China and Iran recently targeted the campaigns using malicious phishing emails. But, Huntley said, there are "no signs of compromise," and that both campaigns were alerted to the attempts.
Recently TAG saw China APT group targeting Biden campaign staff & Iran APT targeting Trump campaign staff with phishing. No sign of compromise. We sent users our govt attack warning and we referred to fed law enforcement. https://t.co/ozlRL4SwhG
— Shane Huntley (@ShaneHuntley) June 4, 2020
When reached by TechCrunch, a Google spokesperson reiterated the findings:
“We can confirm that our Threat Analysis Group recently saw phishing attempts from a Chinese group targeting the personal email accounts of Biden campaign staff and an Iranian group targeting the personal email accounts of Trump campaign staff. We didn’t see evidence that these attempts were successful. We sent the targeted users our standard government-backed attack warning and we referred this information to federal law enforcement. We encourage campaign staff to use extra protection for their work and personal emails, and we offer security resources such as our Advanced Protection Program and free security keys for qualifying campaigns."
A spokesperson for the Biden campaign confirmed the report in a statement to TechCrunch.
"We are aware of reports from Google that a foreign actor has made unsuccessful attempts to access the personal email accounts of campaign staff," a spokesperson said. "We have known from the beginning of our campaign that we would be subject to such attacks and we are prepared for them. Biden for President takes cybersecurity seriously, we will remain vigilant against these threats, and will ensure that the campaign's assets are secured."
The Trump campaign said it was also briefed that "foreign actors unsuccessfully attempted to breach the technology of our staff," but a spokesperson declined to discuss the precautions it was taking.
Huntley said in a follow-up tweet that the hackers were identified as China's APT31 and Iran's APT35, both of which are known to target government officials. But it's not the first time that the Trump campaign has been targeted by Iranian hackers. Microsoft last year blamed APT35 group for targeting what later transpired to be the Trump campaign.
Since last year's attempted attacks, both the Democrats and Republicans improved their cybersecurity at the campaign level. The Democrats recently updated their security checklist for campaigns and published recommendations for countering disinformation, and the Republicans have put on training sessions to better educate campaign officials.
Updated with comment from the Biden campaign, and again with a statement from the Trump campaign.